This Privacy Notice (the “Notice”) sets out how S2 Global, Inc. and our parent company and affiliates (including OSI Systems, Inc., Rapiscan Systems, Inc, S2 Event Security, LLC and Raggi-X), collects and processes information about you when you visit any website operated by that entity (“Website”) or when you otherwise provide your personal information to that entity, as described in this Notice.
The data controller for all personal information originating in the European Economic Area (“EEA”) or processed by data controller established in the EEA, collected through a Website is the OSI group entity that operates that Website, as indicated in the terms of use related to that Website, which also contains controller’s contact details. For products and services contracted offline, the data controller for all personal information originating in the European Economic Area (“EEA”) or processed by data controller located in the EEA, is the OSI group entity that contracts with you, as identified in the terms and conditions applicable to the purchase or use of the relevant product or service.
References in this Notice to “we”, “us” or “our” are references to the OSI group entity that is operating the relevant Website that you visit, contracting with you in offline sale of products and services, or to which you otherwise provide personal information as described in this Notice.
If you have any questions or concerns about our use of your personal information then please contact us using the contact details provided at the bottom of this Notice.
We recommend that you read this Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Notice, then you can click on the relevant link below to jump to that section.
The personal information that we may collect about you broadly falls into the following categories:
Certain parts of our Websites may ask you to provide personal information voluntarily. Further examples of this are set out below; however as a general point, the personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
business contact information that is necessary to understand your role within your organization and to communicate with you;
financial information that is necessary to take payment or fulfil contractual obligations or for related purposes;
personal opinions/insights included in any feedback necessary to evaluate our performance and that of our suppliers or other business partners; and
personal information necessary to conduct business effectively with you or the organization that you represent.
When you visit our Websites, we may also collect certain information by automated means from your device. In some countries, including countries in the EEA, this information may be considered personal information under applicable data protection laws.
Specifically, the type of information we collect automatically may include information such as your IP address, device type, unique device identification numbers, browser type, broad geographic location (e.g. country or city-level location) and operating system, referring URLs, information about your visit including the URL clickstream to, through and from our Websites, download errors, number of Website visits, average time spent on the Website, length of visits to certain pages and page interaction. We collect this information automatically through the use of various technologies including through “cookies”.
A cookie is a data file containing small amounts of information that a website can send to your browser (and many websites do), which may then be stored on your computer as a tag that distinguishes your computer but does not name you. For further information about the types of cookies we use, why and how you can control cookies, please see our Cookies Notice at https://www.osi-systems.com/cookies. Some browsers have incorporated Do Not Track (“DNT”) preferences. Most of these features, when turned on, send signals to the website you are visiting that you do not wish to have information about your online searching and browsing activities collected and used. As there is not yet a common agreement about how to interpret DNT signals, we do not honor DNT signals from website browsers at this time. However, you may refuse or delete cookies. If you refuse or delete cookies, some of our website functionality may be impaired. If you change computers, devices, or browsers, or use multiple computers, devices, or browsers, and delete your cookies, you may need to repeat this process for each computer, device, or browser. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies.
We process your personal information for the following purposes:
To deal with your inquiries and requests;
To create and administer records about any online account that you register with us, or to allow you to register an account with us;
To maintain and improve the accuracy of the records that we hold about you;
To provide you with information, and access to resources that you have requested from us;
To provide our products and services;
To otherwise maintain our relationship with you, including requesting/processing your feedback;
Research and development and to improve our products and services (subject to your prior consent, which will be obtained separately from this Notice);
Website and system administration and security;
For internal analytics, in particular to better understand the visitors who come to our Websites, where they come from and what content on our Website is of interest to them and to improve the navigation and content of the Website (please see our Cookies Notice (https://www.osi-systems.com/cookies/) for information about the cookies that are used for this purpose);
To assess financial, credit or insurance risks arising from any relationship or prospective relationship with a customer, supplier, distributor or other business partner;
To alert you to updates to the Websites, and to any news and events in which we think you may be interested (should you opt in to receiving such updates) and/or to allow you to submit enquiries to us.
We will only disclose personal information to other companies within our group of companies (the OSI group entities, please see above) for the purposes outlined in this Notice, unless otherwise provided herein. We may also share your information with third parties when:
(1) It is necessary to involve third party service providers such as software product/support providers on a “need-to-know” basis in order to support the provision of our products and services and business operations;
(2) We have your consent or have otherwise been requested by you (e.g. with social media networks or with other employers);
(3) Required by a court order or any by any competent legal, regulatory, government agency, court or other third party where we believe disclosure is necessary: (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights or the rights of our customers, website users or other third parties (e.g. with debt collection and tracing agencies or to enforce our Terms of Use), or (iii) to protect your vital interests or those of any other person;
(4) In connection with the actual or potential sale or transfer of a business, provided that we inform the buyer (or potential buyer) it must use your personal information only for the purposes disclosed in this Notice and
(5) To credit reference agencies to establish creditworthiness, to the extent permitted by applicable law.
Consistent with the consent you provide, we may use the information that you give to us to contact you by mail, telephone, fax email or electronic messaging service to alert you to updates to the Websites, and any news and events in which we think you may be interested (should you opt in to receiving such updates). We will also offer you the opportunity to unsubscribe in every communication sent.
If EEA data protection law applies, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where we need the personal information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our Website(s) and to communicate with you as necessary to provide our services to you and for our legitimate commercial interest, for instance, when responding to your queries, improving our Website(s), undertaking marketing, or for the purposes of detecting or preventing illegal activities.
We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
You can choose not to provide personal information to us, in particular where we rely on your consent for their processing. However, where the information that we request is necessary for the purposes of entering into and performing a contract with you or your organization and/or providing services/website facilities to you or your organization, failure to provide it will impede the contracting process and/or the provision of the relevant services or facilities.
Websites may contain links to other websites which are outside our control and are not covered by this Notice. While we try to link only to websites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices employed by other websites. If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy notice, which may differ from ours.
On some Website pages, third parties that provide content, applications or plug-ins through our Websites may track your use of content, applications and plug-ins or customize content, applications and plug-ins for you. For example, when you share a webpage using a social media sharing button on our Websites (e.g., Facebook, Twitter, or Google Plus), the social network that has created the button will record that you have done this. For more information on social media plug-ins on our Websites, see our Cookies Notice.
We retain personal information that we collect from you where we have an ongoing legitimate business need to do so. If you are a client or vendor (or a representative of a client for vendor, your personal information will be retained for a period of time to allow us to provide or receive the relevant services (as the case may be) and to comply with applicable legal, tax or accounting requirements. We will not retain your information for longer than is necessary for our business purposes or for legal requirements.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible and we have legal obligation to do so (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
We maintain reasonable and appropriate technical and organizational security measures to protect the personal information you provide to us through a Website against unauthorized disclosure, use, alteration, or destruction. These measures are designed to provide a level of security appropriate to the risk of processing your personal information. Please note, however, that perfect security does not exist on the Internet. Therefore, while we endeavor to protect your personal information, when data is transferred over the Internet it may potentially be accessed and used by unauthorized parties.
Where you have a password, which enables you to access a Website, you are responsible for keeping this password secure and confidential.
If you are from certain territories (such as Switzerland or the EEA), you may have the right to access the personal information that we hold about you, or to correct, amend or delete such information pursuant to the General Data Protection Regulation (GDPR), EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (as applicable). If EEA data protection law applies to the processing of your personal information, you have the following data protection rights, subject to conditions and exceptions provided in applicable EEA data protection law:
If you wish to access (including requesting a copy of), correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “Who to contact” heading below.
In addition, you can object to processing of your personal information in certain circumstances, on grounds relating to your specific situation, ask us to restrict processing of your personal information or request portability (i.e., receive your personal data in a standardized format in case you wish to transfer it to another controller) of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “Who to contact” heading below.
You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “Who to contact” heading below.
Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
You have the right not to be subject to automated decisions (made solely by machines) affecting you, as defined by applicable EEA data protection law.
If you wish to make such a request, please contact us at the address below. Before responding to your request, we may ask you to verify your identity and to provide further details about your request. We will endeavor to respond within an appropriate timeframe and, in any event, within any timescales required by law or, where applicable, within the timescales required by applicable laws and regulations.
We belong to an international group of companies. Consequently, we may transfer your personal information outside your country of residence to countries or jurisdictions where we have facilities or engage third parties to provide services to us for the purposes outlined in this Notice. The countries to which we may transfer your personal information are in the following regions: USA, Europe, or Asia. Such countries may not have the same level of data protection as within your country. If we do make such a transfer, we will, take steps in accordance with applicable laws to protect your personal information. For example, as described below, we have certified (pursuant to Article 45 of the EU General Data Protection Regulation 2018) to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks for international transfers of personal information from our group companies within the EEA and Switzerland to our group companies in the US. We have also implemented the EU Commission’s Standard Contractual Clauses (pursuant to Article 46.2 of the General Data Protection Regulation 2018) for international transfers of personal information from within the EU to U.S. legal entities, our service providers, and our non-US group companies located outside the EEA. Further details can be provided upon request using the contact details provided under the “Who to contact” heading below.
OSI Systems Inc. and its controlled U.S. subsidiaries (including American Science and Engineering, Inc., OSI Electronics, Inc., OSI Laser Diode, Inc., OSI Laserscan, Inc., OSI Optoelectronics, Inc., OSI Solutions, Inc., Rapiscan Government Services, Inc., Rapiscan Laboratories, Inc., Rapiscan Systems, Inc., S2 Global Inc., Spacelabs Healthcare Inc., (together “OSI US”) comply with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EEA or Switzerland to the United States. In doing so, OSI US has certified that, in respect of all personal information it receives from the EEA or Switzerland, it will adhere to the Privacy Shield Principles of: Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access and Recourse, Enforcement and Liability. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To access the Privacy Shield Program, and to find details of OSI US’s certification, please visit www.privacyshield.gov.
OSI US’s participation in the Privacy Shield applies to all personal information that is subject to this Notice and is received from the EEA or Switzerland. OSI US will comply with the Privacy Shield Principles in respect of such personal information.
Where OSI US transfers personal information from the EEA or Switzerland to its third party agents and service providers, it will require such third parties to process the information only for the purposes described this Notice and to provide the same level of protection for the information as required by the Privacy Shield Principles. OSI US remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal information on its behalf do so in a manner inconsistent with the Principles, unless OSI US proves that it is not responsible for the event giving rise to the damage.
If you believe that OSI US is processing your personal information within the scope of its Privacy Shield certification, you may direct any inquiries or complaints concerning its Privacy Shield compliance in the following ways:
(1) In the first instance, please send your inquiry or complaint to privacy@osi-systems.com or by writing to:
S2 Global, Inc.
Attention: Data Privacy Officer
Corporate Compliance Department
12525 Chadron Avenue
Hawthorne, California 90250
United States of America
OSI US will respond within 40 days.
(2) If you are not satisfied with OSI US’s response, or for complaints that cannot be resolved with OSI US directly, OSI US has chosen to cooperate with EU and Swiss data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints EU DPAs are available here: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Swiss individuals may contact the Swiss Federal Data Protection and Information Commissioner’s (FDPIC) office. Under certain circumstances, you may be eligible to invoke binding arbitration.
(3) Further, the European and Swiss DPAs may refer your complaint to the US Department of Commerce or the Federal Trade Commission for further investigation.
OSI US’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
We provide services and products primarily to business customers and generally only collect Personal Information of the employees of those business customers. In limited circumstances, when an individual consumer who is a California resident interacts with us directly, this section applies. Pursuant to the California Consumer Privacy Act of 2018, below is a summary of the Personal Information we collected from such California residents and the categories of third parties with whom we’ve shared consumer Personal Information. Information about the purposes of information collection and the sources of information are described in Sections 1-2, above.
Personal Information We Collect:
1. Affiliates and subsidiaries
2. Service Providers
3. To government entities or others for legal, security, or safety purposes
4. In connection with a corporate transaction1. Affiliates and subsidiaries
2. Service Providers1. Affiliates and subsidiaries
2. Service Providers1. Service Providers
2. Social Media Platforms1. Affiliates and subsidiaries
2. Service Providers1. Affiliates and subsidiaries
2. Service Providers1. Affiliates and subsidiaries
2. Service Providers1. Affiliates and subsidiaries
2. Service Providers
California residents who interact with us outside of business-to-business transactions may have certain rights under the CCPA, subject to legal limitations, regarding the collection, use, and sharing of personal information. California residents may exercise the following rights regarding personal information collected via by contacting us via our Online Request Form or by calling us toll-free at 1-833-308-1010.
In accordance with applicable law, we will not discriminate against you for exercising these rights.
From time to time we may update this Notice in response to changing legal, technical or business developments. If material changes are made to this Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make (for example we may notify you with a notice on our Websites for a period of 30 days).
You can see when this Notice was last updated by checking the “last updated” date displayed at the top of this Notice.
If you have any questions or comments in relation to this Notice, or our privacy practices or use of your personal information, please contact us via email at privacy@osi-systems.com or write to:
OSI Systems, Inc.
Attention: Data Privacy Officer
Corporate Compliance Department
12525 Chadron Avenue
Hawthorne, California 90250
United States of America
- or -
S2 Global, Inc..
Attention: Data Privacy Officer
Corporate Compliance Department
12525 Chadron Avenue
Hawthorne, California 90250
United States of America
With its innovative customer focused approach and "build-own-operate" solution, S2 Global helps customers worldwide access state-of-the-art technology that improves security, streamlines trade and increases revenue.