Johnson Controls, the globally renowned company for smart, healthy and sustainable building solutions, has launched its one-of-a-kind Privacy Center, where customers can learn how privacy and data security are designed into Johnson Controls products, solutions and services, in accordance with the latest and most stringent global privacy and data protection laws.

Privacy and data security

Johnson Controls has a long history of innovation, and integrity and privacy and data protection are core to our values,” said George Oliver, the Chairman and Chief Executive Officer (CEO) of Johnson Controls, adding “Johnson Controls privacy programme is robust and globally recognised. We protect our customers', employees', partners' and suppliers' privacy and personal data.

George Oliver adds, “We don't simply comply with data privacy obligations but drive credibility and confidence with all of our stakeholders so they know that we always do the right thing with their data.

Privacy Center

Through the Privacy Center, customers can access product-specific Data Privacy Sheets

Through the Privacy Center, customers can access product-specific Data Privacy Sheets, which demonstrate the Privacy by Design features within the company’s products and services, and proactively address common privacy queries. Johnson Controls’ OpenBlue platform, which combines 135 years of expertise with leading-edge technology, now incorporates the Privacy by Design framework.

Sachin Kothari, the Vice President and Chief Privacy Officer at Johnson Controls, said “At Johnson Controls, we believe in Privacy by Design as the baseline of an effective, innovative and flexible global privacy program.”

Industry standard in transparency and innovation in privacy

Sachin Kothari adds, “Our new Privacy Center, born from a collaboration in our OpenBlue Innovation Centers, is a one-stop-shop, best-in-class privacy experience for our customers, vendors, employees, regulators and the public. Through this offering, we hope to set a new industry standard in transparency and innovation in privacy.

Johnson Controls also has achieved three internationally recognised privacy certifications – the Enterprise Privacy Seal, the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CPBR) certification and the APEC Privacy Recognition for Processors (PRP) certification), all validated and certified by TRUSTe.

Enterprise Privacy and CBPR certification

The Enterprise Privacy certification demonstrates Johnson Controls’ commitment to privacy excellence, responsible data collection, and processing practices that are consistent with global regulations.

The APEC Cross Border Privacy Rules certification (CBPR) confirms Johnson Controls compliance with internationally recognised data privacy standards and ability to provide an enhanced customer experience, impactful sustainability practices and respectful safety and security measures.

Through this CBPR certification, Johnson Controls will be able to compliantly transfer data from regionally held locations to a globally accessible location and provide remote technical support to clients.

APEC Privacy Recognition for Processors certification

TrustArc congratulates Johnson Controls on its three certifications, the Enterprise Seal, the APEC CBPR, and the APEC PRP"

The APEC Privacy Recognition for Processors (PRP) certification is awarded to entities processing personal data on behalf of customers, in compliance with the highest global standards of protection.

TrustArc congratulates Johnson Controls on its three certifications, the Enterprise Seal, the APEC CBPR, and the APEC PRP, all validated and certified by TRUSTe” said Chris Babel, the Chief Executive Officer (CEO) at TrustArc, adding “Developing ongoing and scalable data privacy programmes is challenging in the face of constantly changing regulations.

Offering best-in-class privacy management

By achieving these internationally recognised certifications, validated and supported by the TRUSTe organisation, Johnson Controls demonstrates to customers, regulators, employees, and the public that they are a privacy-forward company, which utilises best-in-class privacy management as a differentiator, business enabler and customer experience pillar."              

The certifications and the Johnson Controls’ Privacy Center exemplify its deep experience in privacy, Environmental Social Governance (ESG), cyber security, and data protection.

Other Privacy Center resources include:

  • Global Privacy Notice - User-friendly experience, which explains to customers, regulators, website users and the general public, how Johnson Controls collects, uses and protects personal data.
  • Data Privacy Sheets - Product-specific, public facing tools describing Johnson Controls’ embedded Privacy by Design process, the privacy controls and functionality built into their solutions, and which proactively address key data privacy questions for their solutions.
  • Data Processing Addendum - Industry-standard contractual terms, which reflect their dedication to protecting customer data.
  • Privacy-related Seals and Certifications - Globally recognised, government-backed certifications, which demonstrate that Johnson Controls privacy programme complies with the most stringent global data privacy and protection standards and also facilitates compliant global transfer of personal data.
  • Cross Border Data Transfers - User-friendly information about the transfer mechanisms utilised by Johnson Controls for international data transfers, such as Binding Corporate Rules for Controllers (BCR-C), APEC Cross Border Privacy Rules (CBPR), APEC Privacy Recognition for Processors (PRP), EU Standard Contractual Clauses and others.