1. OUR PRIVACY COMMITMENT

Guardian is designed with privacy as a foundational principle. Unlike cloud-based security systems, Guardian processes all data locally within your facility. This means:

• Data Never Leaves Your Building: Video footage, sensor data, and AI analysis remain on your premises
• No Cloud Storage: We do not upload, store, or process security footage on external servers
• No Third-Party Access: Your security data is not accessible to Guardian, law enforcement, or any third party without your explicit authorization
• Student Privacy Protected: Our architecture ensures compliance with FERPA and other student privacy regulations

2. INFORMATION WE COLLECT

2.1 Information Processed Locally (On Your Premises)

The following data is processed and stored exclusively within your facility on Guardian hardware:

• Video Footage: Camera feeds from Guardian devices installed throughout your facility
• Sensor Data: Motion detection, environmental sensors, and access control events
• AI Analysis Results: Threat detection alerts, anomaly reports, and behavioral analysis
• Audio Data: Sound detection for gunshots, glass breaking, and other emergency sounds
• Access Logs: Records of system access by authorized administrators

Guardian Systems Inc. does not have access to this locally-processed data.

2.2 Information We Collect Directly

Guardian collects limited information necessary to provide the Service:

• Account Information: Names, email addresses, and roles of authorized administrators
• Institution Information: School name, address, contact information, and facility details for installation
• Billing Information: Payment details for subscription and service fees
• Support Communications: Records of customer support interactions
• System Health Data: Anonymous, aggregated device status information for maintenance purposes (no video or personal data)

2.3 Mobile Application Data

For users of Guardian mobile applications (Staff Mobile and Family Mobile):

• Authentication Data: Login credentials and session information
• Push Notification Tokens: Device identifiers for emergency alerts
• Location Data: Only when explicitly enabled for emergency response features
• App Usage Data: Feature usage for service improvement (anonymized)

3. HOW WE USE INFORMATION

We use the information we collect for the following purposes:

• Service Provision: To install, configure, and maintain the Guardian system
• Account Management: To manage administrator accounts and access permissions
• Technical Support: To respond to support requests and troubleshoot issues
• Emergency Alerts: To deliver critical notifications during emergencies
• Billing: To process payments and manage subscriptions
• Service Improvement: To analyze anonymous usage patterns and improve the Service
• Legal Compliance: To comply with applicable laws and regulations

4. INFORMATION SHARING

We do not sell, rent, or share personal information with third parties for marketing purposes.

We may share information only in the following limited circumstances:

4.1 Service Providers

We work with trusted service providers who assist in operating our business:

• Payment processors for billing
• Customer support platforms
• Communication services for emergency notifications

These providers are contractually obligated to protect information and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information if required by law, subpoena, court order, or government request. Note that locally-stored security data on your premises remains under your control; we cannot provide what we do not possess.

4.3 Emergency Situations

In the event of an active emergency, your institution may share relevant information with law enforcement and first responders as permitted by law and your institutional policies. Guardian facilitates this communication but does not independently share your data.

5. FERPA COMPLIANCE

Guardian is designed to support your compliance with the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g:

• We function as a "school official" with a legitimate educational interest in campus safety
• Security footage that may contain students is treated as an education record when applicable
• We maintain strict access controls aligned with FERPA requirements
• Our Data Processing Agreement includes specific FERPA compliance provisions
• Parents and eligible students retain rights to access and request correction of records

For detailed information, please see our FERPA Compliance Statement.

6. DATA SECURITY

We implement comprehensive security measures to protect information:

• Encryption: AES-256 encryption for data at rest; TLS 1.3 for data in transit
• Access Controls: Role-based permissions, multi-factor authentication
• Physical Security: Tamper-resistant hardware with secure boot verification
• Audit Logging: Comprehensive logs of all system access and actions
• Regular Updates: Automatic security patches and firmware updates
• Penetration Testing: Regular third-party security assessments

7. DATA RETENTION

Data retention for locally-stored security footage is controlled by your institution based on your policies and legal requirements. We recommend:

• Standard Footage: 30-90 days, configurable based on storage capacity and policy
• Incident-Related Footage: Preserved until investigation is complete or as required by law
• Administrative Accounts: Retained while the account is active
• Billing Records: Retained for 7 years per tax and accounting requirements
• Support Communications: Retained for 3 years for quality and training purposes

8. YOUR RIGHTS AND CHOICES

Depending on your location and role, you may have the following rights:

• Access: Request information about data we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Portability: Request a copy of your data in a portable format
• Opt-Out: Opt out of non-essential communications

For requests related to locally-stored security footage, please contact your institutional administrator. For requests related to account information, contact us at privacy@guardiansystems.co.

9. CHILDREN'S PRIVACY

Guardian is designed for use by educational institutions and does not directly collect personal information from children. Any video footage or data that may include children is processed locally under the institution's control and policies. Guardian supports institutional compliance with COPPA and state student privacy laws.

10. STATE-SPECIFIC PRIVACY RIGHTS

California Residents (CCPA/CPRA)

California residents have additional rights including the right to know, delete, correct, and opt-out of sales/sharing of personal information. We do not sell personal information. To exercise your rights, contact privacy@guardiansystems.co.

Other State Laws

We comply with applicable state privacy laws including Virginia VCDPA, Colorado CPA, Connecticut CTDPA, and others. Contact us for information about your specific rights.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Material changes will be communicated to customers via email at least 30 days before taking effect. The "Effective Date" above indicates when this policy was last updated.

12. CONTACT US

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Guardian Systems Inc. Privacy Team
Email: privacy@guardiansystems.co