APi GROUP – WEBSITE PRIVACY POLICY

Last updated: October 2022

Thank you for visiting this Privacy Policy, applicable to the website (“Website”) hosted by APi Group, Inc. and APi Group Corporation (jointly, “APi Group”). APi Group understands the importance of data privacy issues. This Privacy Policy (or “Policy”) describes the types of information we may collect from you (the individual visiting the Website), how we may use and share the information, and certain rights and options you have regarding your information. This Privacy Policy applies only to information we collect from you through APi Group’s Website, with a homepage currently located at apigroupinc.com.

This Privacy Policy does not apply to other APi Group digital properties, nor does it apply to your activities with third parties, even if APi Group provides a hyperlink to a third party website. For example, our Website links to websites operated by our subsidiaries and affiliated companies. This Policy applies to the APi Group Website only. Please consult the privacy policies posted on each such external site, should you visit them.

Please read this Policy carefully before sharing information with us so you understand our practices regarding your information. By using our Website or communicating with us through the Website, you agree to the terms of this Policy on behalf of yourself and any other person or entity who may have rights through you.

Personal Information We May Collect About You

Under our Policy, “personal information” is any information that identifies or can be used to contact a particular individual. With exceptions, the personal information that we typically collect from you is limited to the information that can be found on a business card—name, address, email address, and telephone number. The categories or types of personal information we may collect and process about you, now or in the future, are as follows:

  • Identity information – first name and last name.
  • Contact information – physical address, email address, and telephone or mobile number.
  • Communications information – information provided by you at your discretion in the dialogue box on our Contact Us or Investor Relations page on the Website.

We collect this information when you directly provide the information to us (such as by submitting a query through the Website).

How We Use Your Personal Information

We use the following types of information to make the Website available to you, to comply with our legal obligations, as necessary for our legitimate interests, or pursuant to your consent. Specifically, we may, now or in the future, use this information to:

  • Provide you with access to the Website, and to update information and data on the Website;
  • Optimize your experience on our Website and ensure that our content is presented to you in the most effective manner;
  • Notify you about changes to our Website or any services we offer;
  • Communicate with you by e-mail, postal mail, telephone, or mobile device about our products, services, and issues relevant to your products, services, or industry;
  • Research, develop, and improve our products and services;
  • Protect our rights or property, to protect someone’s health, safety, or welfare, and to comply with a law or regulation, court order, or other legal process; and
  • Perform other functions as otherwise described to you at the time of collection.

We may also collect, use, and share “aggregated data”—such as statistical or demographic data—for any purpose. Aggregated data is not considered personal information, as it does not directly or indirectly reveal your identity.

Other Information We May Collect From You

APi Group uses the following technologies to automatically collect certain additional information about you.

  • IP Address or Device Identifier. When you visit our Website, we collect your Internet Protocol (“IP”) address, which identifies the computer or service provider that you use to access our Website or, if you connect through a mobile device, your mobile device identifier. We may use these identifiers to collect information about the length of time spent on our Website or the specific areas visited.
  • Cookies. Cookies are small text files that can be used to make a user’s experience more efficient. Our Website may, now or in the future, use different types of cookies to, among other things, automatically recognize you when you return to our Website, store information regarding your preferences, personalize content for you, and analyze our Website traffic. For further information about cookies, including how to refuse cookies, please visit www.allaboutcookies.org. Please note that if cookies are disabled, you may not be able to enjoy certain features of our Website. We do not monitor for or take any action in response to “Do Not Track” signals.
  • Web beacons and other technologies. Our Website may use other tracking tools, including web beacons, which are small electronic images embedded in web content and email messages that are not ordinarily visible to users. Web beacons allow us to track pages and content accessed and viewed by users, as well as to monitor email readership.

The information collected through these technologies may be combined with personal information or aggregated with other information collected through our Website. We may share and disclose information about your use of our Website with our affiliates and our technology, analytics, or media partners who assist us in the operation of our business.

Disclosure of Your Information

When the information we collect is aggregated, anonymized, or otherwise does not identify you, we may use that information for any purpose or share it with third parties, to the extent permitted by applicable law.

In addition, we may share information that we collect or that you provide in the following circumstances:

With trusted service providers, contractors, and suppliers that we use to support our business under a contractual relationship to assist our programs and operations.

  • With our third-party content consultants / providers, in order to assist us with the maintenance, support and development of our Website, including new features and functions;
  • With a buyer or other successor prior to or in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as a part of bankruptcy, liquidation, or similar proceeding, where the information is among the assets being transferred; and
  • For any other purpose disclosed by us when you provide the information.

We reserve the right to disclose your information as necessary to comply with a subpoena or similar investigative demand, court order, request for cooperation from law enforcement or other governmental agency, to exercise our legal rights, to defend against legal claims, or as otherwise required by law.

Your Choices About Collection and Use of Your Information

We strive to provide you with choices regarding the personal information you provide to us. You can opt out of receiving informational or promotional emails from us by clicking the “unsubscribe” link in any such email you receive from us. In addition, you can also choose not

to provide us with certain information requested through our Website, but that may result in you being unable to use certain features of our Website.

You can contact us at Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==|Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg== if you would like to request that we correct your personal information or have it removed from our records. Please explain the personal information which you wish to be deleted, modified, or removed. Once we have received your request, we will review it and contact you within 30 days of our receipt of your request, unless your request is complex or you have made a large number of requests, in which case we will notify you of any delay and will, in any event, reply within three (3) months.

Protection of Your Information - Security

We take appropriate administrative, technical, and physical security measures designed to protect your personal information from loss, theft, and unauthorized use, disclosure, or modification. For example, we limit access to personal information to relevant staff or contractors. Our online forms are encrypted and our network is routinely monitored.

Please be aware that no data transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot ensure or warranty the security of any information you transmit to us, and you do so at your own risk. APi Group is not responsible for the illegal actions of unrelated third parties.

Links to Third-Party Websites

Our Website may contain links to third-party websites or digital services / tools. These other websites have separate privacy policies that you should review. While we make efforts to choose the links on our Website carefully, we cannot take responsibility for the content of linked Websites or those companies’ data-handling practices.

International Transfers

APi Group operates its Website out of the United States, and information you provide to us will reside on servers in the United States. The data protection laws in the United States may not be the same as the data protection laws in your home country.

GDPR\UK-GDPR and EEA Residents’ Rights

The E.U.’s General Data Protection Regulation (“GDPR”) is a privacy law that affords certain rights relating to the personal information of individuals in the European Economic Area (“EEA”). The United Kingdom (“UK”)’s General Data Protection Regulation (“UK-GDPR”) is a similar privacy law that affords certain rights relating to the personal information of individuals in the United Kingdom. Specifically, if you are a resident of the EEA or the UK, you may request whether we are processing your personal information, our purposes in doing so, how your personal information was obtained (if you did not provide it to us directly), who it may have been shared with, and how long it will be retained. Further, you have the right to request your personal information be corrected if it is inaccurate and, in certain circumstances, may ask that it be erased and withdraw your consent or object to further processing. Finally, subject to certain limitations, and when feasible, you may request a copy of your personal information or that it be transferred to another entity. You will not typically need to pay a fee for access to your personal information (or to exercise any of the other rights). But we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Additional information on your rights under the UK-GDPR is available in English from the United Kingdom’s Information Commissioner’s Office. For residents of other EEA countries, please see the website of your applicable Information Commissioner. If you are located in the European Union (“EU”) and have a concern about our processing of your data, you may have the right to make a complaint to the appropriate data protection authority in the EU.

For the personal information that we collect from you, APi Group acts as a “controller” under the GDPR and UK-GDPR. As discussed above, we use data for a variety of different purposes. Under the GDPR and UK-GDPR, we are required to have a lawful basis for these types of processing activities. Most of the time, that lawful basis will either be to (1) perform a contractual obligation with you, (2) fulfill legitimate business interests, (3) comply with a legal obligation, or (4) conduct processing to which you have specifically consented.

For example, we need to process your personal data in order provide you with information and services that you may have requested. In that circumstance, our lawful basis for processing your personal information will be to satisfy your request with your consent. Likewise, it may be necessary to our legitimate business interests of growing and continuing our services for us to use your personal information in order to provide you with information regarding our activities and identify services that may be beneficial to you.

Please note that, if you submit personal information to us through the Website, that information will be stored on our servers in the United States. We only transfer your personal information with your consent, to perform a contract with or an obligation to you, or to fulfill a compelling legitimate interest that does not outweigh your rights and freedoms.

Children’s Privacy

Our Website is intended for adults. The Website is not directed at, or intended for use by, children under the age of 16 years (in the EEA) or 13 years (in the United States). Accordingly, we do not knowingly collect personal information from children under age 16 (in the EEA) or under 13 (in the U.S.). Should a child whom we know to be under the appropriate age provide his or her personal information, we will use that information only to respond to that child and inform him or her that we must have parental consent before receiving such information.

California Residents

California Privacy Notice

California Civil code § 1798.83 provides certain rights to California residents, including the right to request information from a business with whom the California resident has an established business relationship, regarding the business’s disclosure of personal information to third parties for marketing purposes by such third parties during the immediately preceding year. To request such information pursuant to Section 1798.83 of the California Civil Code, please contact us at Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==|Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==

California Consumer Privacy Act (CCPA) Notice. This Privacy Notice for California Residents (“Notice”) supplements the information in the remainder of this Privacy Policy and applies solely to “consumers” as defined by the California Consumer Privacy Act of 2018 (“CCPA”). This Notice explains our collection, processing, and disclosure of “personal information” relating to California consumers to the extent not already described in this Privacy Policy. Specifically, this Notice applies to our processing activity when we are acting as a “business” under the CCPA—meaning that we control the purposes and means of processing your personal information. Some of the personal information we collect may be subject to other data protection laws (such as the Fair Credit Reporting Act) and may be exempt from some or all of the requirements under the CCPA. Please read this Notice carefully before sharing information with us so you understand our practices regarding your information.

Sale of Personal Information. In the past twelve (12) months, APi Group has not sold personal information collected through the Website of any category. Likewise, APi Group’s Website team does not have actual knowledge of any sales of personal information regarding minors under 16 years of age.

Your Rights Under the CCPA

The CCPA provides California residents with the rights discussed below. For convenience, and as required by the CCPA, we explain how you can exercise those rights, to the extent they are applicable.

Right to Request Information. You have the right to request that we disclose certain information about our collection and use of your personal information during the past 12 months. Specifically, you may request that we disclose:

  • The categories of personal information we collected about you;
  • The categories of sources for the personal information we collected about you;
  • The business and commercial purposes for collecting your personal information;
  • The categories of third parties with whom we shared your personal information;
  • The specific pieces of personal information we collected about you; and
  • If we disclosed your personal information for a business purpose, the categories of personal information received by each category of third party.

Right to Data Portability. You have the right to request that we provide copies of the specific pieces of personal information we collected about you. If a verifiable consumer request is made, and subject to any exceptions or limitations under the CCPA, we will take steps to deliver the personal information to you either by mail or electronically. If we provide the information to you electronically, it will be in a portable and readily useable format, to the extent technically feasible. Consistent with the CCPA and our interest in the security of your personal information, we will not provide copies of sensitive personal information we may receive from you (e.g., driver’s license number, other government-issued identification number, financial account number, health or medical identification number, account password, or security questions or answers) in response to a CCPA request, to the extent any of those items are in our possession.

Right to Request Deletion. You have the right to request that we delete personal information we collected from you, subject to any exceptions or limitations under the CCPA.

Exercising Your Rights

To exercise the rights described above, you—or someone authorized to act on your behalf—must submit a verifiable consumer request to us by contacting us at at Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==|Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==. Your request must include your name, e-mail address, mailing address, phone number, the nature of your inquiry and the context in which we may have received your information. If you are an agent submitting a request on behalf of a consumer, we may request that you submit a signed permission from the consumer authorizing you to make the request. In order to protect the privacy and data security of consumers, the verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative of such consumer; and
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

As indicated above, please be aware that the CCPA provides certain limitations and exceptions to the foregoing rights, which may result in us denying or limiting our response to your request.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We may also request that you provide additional information if needed to verify your identity or authority to make the request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you or the consumer on whose behalf you are making the request.

Response Timing and Format

The CCPA requires us to respond to a verifiable consumer request within forty-five (45) days of its receipt; however, we may extend that period by an additional 45 days. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our written response via e-mail. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select the format of our response; the format will be readily useable and should allow you to transmit the information from one entity to another. We will not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing the request.

Our Commitment Not to Discriminate

Consistent with the CCPA, we will not discriminate against you for exercising any of your CCPA rights by:

  • Denying you goods or services.
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Providing you a different level or quality of goods or services.
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Changes to this CCPA Notice

We reserve the right to amend this Notice at our discretion and at any time. If there are changes to this Notice, we will post them here and update the “Last Updated” date at the top of this document. Continued use of this website after any changes is deemed to be acceptance of those changes. Please check this page periodically for updates.

Disclosures Applicable to All Website Users.

Data Storage and Retention

We keep your personal information for as long as necessary to fulfill your requests or the purposes for which it was obtained. The criteria used to determine our retention periods include (i) for as long as we have an ongoing relationship with you, (ii) as required by a legal obligation to which we are subject, and (iii) as necessary to comply with legal obligations.

Changes to this Privacy Policy

Please note that we may change this Policy from time to time. If there are changes to our Privacy Policy, we will post them here and update the “Last Updated” date at the top of this document. Continued use of this Website after any changes is deemed to be acceptance of those changes. Accordingly, we encourage you to check the Privacy Policy periodically for updates.

How to Contact Us

If you have any questions about this Privacy Policy or our information-handling practices, please contact us at:

APi Group

Website Team

Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==|Y2V2aW5wbEBuY3Z0ZWJoY3ZhcC5oZg==

END OF WEBSITE PRIVACY POLICY

;