Our IoT Security Assurance Framework covers the whole IoT solution from Chip to Cloud and could be integrated at any stage or your IoT solution life-cycle.
It consists of a set of strategic and technical guidelines, security profiles, tools, catalogues of security requirements, a risk-based evaluation methodology for each type of IoT devices, based on standards when they exist.
For more info on our IoT Security Assurance Framework, get your brochure here
Firmware Integrity, Secure Booting and Physical Access Authentication, etc.
What is a Security Profile & How is it used ?
It is a dashboard of security requirements relevant to a class of IoT product/solution (e.g. gateway, thermostat, smart camera, RTU, etc.). This approach takes into account the type and sensitivity of the assets, the attacks likelihood and impacts in a specific operational environment (e.g. consumer, enterprise, industrial, critical) and the risk factor.
This is a step forward towards an economical way of dealing with security assessment. It sets up security checks and security policies to be staggered according to the identified risks, i.e. to concentrate efforts where the risks are highest.
Security profiles can be agreed upon and standardized for certain product classes.
Finally, a Security Profile is the result of a detailed risk analysis for each new product instance. It provides a risk-accepted standard security properties for a type of IoT product/solution.
This agreement applies as between you, the User of this Website and Red Alert Labs SAS, the owner(s) of this Website. Your agreement to comply with and be bound by these Terms and Conditions is deemed to occur upon your first use of the Website. If you do not agree to be bound by these Terms and Conditions, you should stop using the Website immediately.
No part of this Website is intended to constitute a contractual offer capable of acceptance.
1. Definitions and Interpretation
In this Agreement, the following terms shall have the following meanings:
“Content” means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on or forms part of this Website;
“Red Alert Labs” means Red Alert Labs SAS., a company registered in France under 827 677 303 R.C.S. Creteil;
“GDPR/ Act” means General Data Protection Regulation and Data protection Act 2018
“Service” means collectively any online facilities, tools, services or information that Red Alert Labs makes available through the Website either now or in the future;
“Services” means the services available to you through this Website, specifically services relating to IoT device management;
“Payment Information” means any details required for the purchase of Services from this Website. This includes, but is not limited to, credit / debit card numbers, bank account numbers and sort codes;
“Purchase Information” means collectively any orders, invoices, receipts or similar that may be in hard copy or electronic form;
“Premises” Means our place(s) of business located at 3 Rue Parmentier, 2ème étage – Lab, 94140 Alfortville, FRANCE;
“System” means any online communications infrastructure that Red Alert Labs makes available through the Website either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links;
“User” / “Users” means any third party that accesses the Website and is not employed by Red Alert Labs and acting in the course of their employment; and
“Website” means the website that you are currently using (http://redalertlabs.com and any sub-domains of this site unless expressly excluded by their own terms and conditions.
2. Business Customers
These Terms and Conditions apply to business customers only.
3. Intellectual Property
3.1 Subject to the exceptions in Clause 4 of these Terms and Conditions, all Content included on the Website, unless uploaded by Users, including, but not limited to, text, graphics, logos, icons, images, sound clips, video clips, data compilations, page layout, underlying code and software is the property of Red Alert Labs our affiliates or other relevant third parties. By continuing to use the Website you acknowledge that such material is protected by applicable France, EU and International intellectual property and other laws.
3.2 Subject to Clause 5 you may not reproduce, copy, distribute, store or in any other fashion re-use material from the Website unless otherwise indicated on the Website or unless given express written permission to do so by Red Alert Labs.
4. Third Party Intellectual Property
4.1 Unless otherwise expressly indicated, all Intellectual Property rights including, but not limited to, Copyright and Trademarks, in product images and descriptions belong to the manufacturers or distributors of such products as may be applicable.
4.2 Subject to Clause 6 you may not reproduce, copy, distribute, store or in any other fashion re-use such material unless otherwise indicated on the Website or unless given express written permission to do so by the relevant manufacturer or supplier.
5. Fair Use of Intellectual Property
Material from the Website may be re-used without written permission where any of the exceptions detailed in Chapter III of the Copyright Designs and Patents Act 1988 apply.
6. Links to Other Websites
This Website may contain links to other sites. Unless expressly stated, these sites are not under the control of Red Alert Labs or that of our affiliates. We assume no responsibility for the content of such websites and disclaim liability for any and all forms of loss or damage arising out of the use of them. The inclusion of a link to another site on this Website does not imply any endorsement of the sites themselves or of those in control of them.
7. Links to this Website
Those wishing to place a link to this Website on other sites may do so only to the home page of the site http://redalertlabs.com without prior permission. Deep linking (i.e. links to specific pages within the site) requires the express permission of Red Alert Labs. To find out more please contact us by email.
8. Use of Communications Facilities
8.1 When using the enquiry form or any other System on the Website you should do so in accordance with the following rules:
8.1.1 You must not use obscene or vulgar language;
8.1.2 You must not submit Content that is unlawful or otherwise objectionable. This includes, but is not limited to, Content that is abusive, threatening, harassing, defamatory, ageist, sexist or racist;
8.1.3 You must not submit Content that is intended to promote or incite violence;
8.1.4 It is advised that submissions are made using the English language as we may be unable to respond to enquiries submitted in any other languages;
8.1.5 The means by which you identify yourself must not violate these Terms and Conditions or any applicable laws;
8.1.6 You must not impersonate other people, particularly employees and representatives of Red Alert Labs or our affiliates; and
8.1.7 You must not use our System for unauthorised mass-communication such as “spam” or “junk mail”.
8.2 You acknowledge that Red Alert Labs reserves the right to monitor any and all communications made to us or using our System.
8.3 You acknowledge that Red Alert Labs may retain copies of any and all communications made to us or using our System.
8.4 You acknowledge that any information you send to us through our System or post on a chat system or similar may be modified by us in any way and you hereby waive your moral right to be identified as the author of such information. Any restrictions you may wish to place upon our use of such information must be communicated to us in advance and we reserve the right to reject such terms and associated information.
9.1 Any and all monies are due for payment on completion of the order or on the dates, or intervals specified in that order as may be appropriate, unless alternative arrangements are agreed between the Purchaser and Red Alert Labs.
10. Services, Pricing and Availability
10.1 Whilst every effort has been made to ensure that all descriptions of Services available from Red Alert Labs correspond to the actual Services, Red Alert Labs is not responsible for any variations from these descriptions. This does not exclude our liability for mistakes due to negligence on our part and refers only to variations of the correct Services, not different Services altogether. Please refer to sub-Clause 13.4 for incorrect Services.
10.2 Where appropriate, you may be required to select the required package of Services.
10.3 Red Alert Labs does not represent or warrant that such Services will be available. Availability indications are not provided on the Website.
10.4 All pricing information on the Website is correct at the time of going online. Red Alert Labs reserves the right to change prices and alter or remove any special offers from time to time and as necessary.
10.5 In the event that prices are changed during the period between an order being placed for Services and Red Alert Labs processing that order and taking payment, you will be contacted prior to your order being processed with details of the new price.
10.6 All prices on the Website exclude VAT. Red Alert Labs’s VAT number is FR 22 827677303.
11. Provision of Services
11.1 Provision of Services shall commence when full payment has been received or as otherwise detailed in the Terms & Conditions pertaining directly to those Services.
11.2 Red Alert Labs shall use its best endeavours to provide the Services with reasonable skill and care.
11.3 Provision of all Services shall be subject to the Terms and Conditions pertaining directly to those Services.
11.4 In the event that Services are provided that are not in conformity with your order and thus incorrect, you should contact us within 10 days to inform us of the mistake. Red Alert Labs will ensure that any necessary corrections to the Services provided are made within 7 working days.
11.5 Red Alert Labs reserves the right to exercise discretion with respect to any alterations to Services under the provisions of this Clause 11. Factors which may be taken into account in the exercise of this discretion include, but are not limited to:
11.5.1 Any use or enjoyment that you may have already derived from the Services;
11.5.2 Any characteristics of the Services which may mean that cessation of provision is impossible without significant further work on the part and at the expense of Red Alert Labs.
Such discretion to be exercised only within the confines of the law.
13.1 Red Alert Labs makes no warranty or representation that the Website will meet your requirements, that it will be of satisfactory quality, that it will be fit for a particular purpose, that it will not infringe the rights of third parties, that it will be compatible with all systems, that it will be secure and that all information provided will be accurate. We make no guarantee of any specific results from the use of our Service or Services.
13.2 No part of this Website is intended to constitute advice and the Content of this Website should not be relied upon when making any decisions or taking any action of any kind.
13.3 No part of this Website is intended to constitute a contractual offer capable of acceptance.
13.4 Whilst Red Alert Labs uses reasonable endeavours to ensure that the Website is secure and free of errors, viruses and other malware, all Users are advised to take responsibility for their own security, that of their personal details and their computers.
14. Changes to the Service and these Terms and Conditions
Red Alert Labs reserves the right to change the Website, its Content or these Terms and Conditions at any time. You will be bound by any changes to the Terms and Conditions from the first time you use the Website following the changes. If Red Alert Labs is required to make any changes to Terms and Conditions by law, these changes will apply automatically to any orders currently pending in addition to any orders placed by you in the future.
15. Availability of the Website
15.1 The Service is provided “as is” and on an “as available” basis. We give no warranty that the Service will be free of defects and / or faults. To the maximum extent permitted by law we provide no warranties (express or implied) of fitness for a particular purpose, accuracy of information, compatibility and satisfactory quality.
15.2 Red Alert Labs accepts no liability for any disruption or non-availability of the Website resulting from external causes including, but not limited to, ISP equipment failure, host equipment failure, communications network failure, power failure, natural events, acts of war or legal restrictions and censorship.
16. Limitation of Liability
16.1 To the maximum extent permitted by law, Red Alert Labs accepts no liability for any direct or indirect loss or damage, foreseeable or otherwise, including any indirect, consequential, special or exemplary damages arising from the use of the Website or any information contained therein. Users should be aware that they use the Website and its Content at their own risk.
16.2 Nothing in these Terms and Conditions excludes or restricts Red Alert Labs’s liability for death or personal injury resulting from any negligence or fraud on the part of Red Alert Labs.
16.3 Nothing in these Terms and Conditions excludes or restricts Red Alert Labs’s liability for any direct or indirect loss or damage arising out of the incorrect provision of Services or out of reliance on incorrect information included on the Website.
16.4 Whilst every effort has been made to ensure that these Terms and Conditions adhere strictly with the relevant provisions of the Unfair Contract Terms Act 1977, in the event that any of these terms are found to be unlawful, invalid or otherwise unenforceable, that term is to be deemed severed from these Terms and Conditions and shall not affect the validity and enforceability of the remaining Terms and Conditions. This term shall apply only within jurisdictions where a particular term is illegal.
17. No Waiver
In the event that any party to these Terms and Conditions fails to exercise any right or remedy contained herein, this shall not be construed as a waiver of that right or remedy.
18. Previous Terms and Conditions
In the event of any conflict between these Terms and Conditions and any prior versions thereof, the provisions of these Terms and Conditions shall prevail unless it is expressly stated otherwise.
19. Third Party Rights
Nothing in these Terms and Conditions shall confer any rights upon any third party. The agreement created by these Terms and Conditions is between you and Red Alert Labs.
20.1 All notices / communications shall be given to us either by post to our Premises (see address above) or by email. Such notice will be deemed received 3 days after posting if sent by first class post, the day of sending if the email is received in full on a business day and on the next business day if the email is sent on a weekend or public holiday.
20.2 Red Alert Labs may from time to time send you information about our products and/or services. If you do not wish to receive such information, please click on the Unsubscribe link in the email.
21. Law and Jurisdiction
These Terms and Conditions and the relationship between you and Red Alert Labs shall be governed by and construed in accordance with the Law of France, EU and Red Alert Labs and you agree to submit to the exclusive jurisdiction of the Courts of France.
Red Alert Labs understands that your privacy is important to you and that you care about how your information is used and shared online. We respect and value the privacy of everyone who visits Our Site and will only collect and use information in ways that are useful to you and in a manner consistent with your rights and Our obligations under the law.
We are the data controller and therefore responsible for, and control the processing of, the Personal data collected via Our Site, in accordance with the General Data protection Regulations and Data Protection Act 2018 (the “GDPR/ the “Act”). “Personal data” means any information that identifies a living individual or makes the individual identifiable.
1.Definitions and Interpretation
1.1 In this Policy the following terms shall have the following meanings:
“Cookie” means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 12, below;
“Our Site” means this website, http://redalertlabs.com;
“France and EU Cookie Law” means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended in 2004, 2011 and 2015; and
“We/Us/Our” means Red Alert Labs S.A.S., a company registered in France under 827 677 303 R.C.S. Créteil, whose registered address is 3 Rue Parmentier, 94140 Alfortville, FRANCE
2ème étage - Lab
2. Information About Us
2.1 Our Site,.com, is owned and operated by Red Alert Labs.
3. Scope – What Does This Policy Cover?
4. What Data Do We Collect?
4.1 Some data will be collected automatically by Our Site, other data will only be collected if you voluntarily submit it, for example, when signing up our mailing list. Depending upon your use of Our Site, We may collect some or all of the following data:
4.1.1 personal information including name, title;
4.1.2 employment/ business details including business/company name and job title;
4.1.3 contact information including email addresses, telephone number and address;
4.1.4 demographic information including post code, preferences and interests;
4.1.5 details of any enquiries made by you through Our Site, together with details relating to subsequent correspondence; and
4.1.6 technical information including IP address (automatically collected), web browser type and version (automatically collected), operating system (automatically collected), a list of URLs starting with a referring site, your activity on Our Site, and the site you exit to (automatically collected) and other data as collected by industry standard analytics tools such as Google Analytics.
4.2 We may monitor your use of Our Site through ‘cookies’ and similar tracking technologies. We may also monitor traffic, location and other data and information about users of the Website. Such data and information, to the extent that you are individually identifiable from it, shall constitute Information as defined above. However, some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
5. How Do We Use Your Data?
5.1 In accordance with the GDPR/ the Act, We may use your Personal data if we have a legal basis for doing so, For the purpose of this Policy, our legal basis for processing your personal data is set out below.
Why we will process your Personal data The legal basis for which is…
To operate, administer, maintain, provide, personalise, analyse, and improve Our Site This processing is necessary for the legitimate interest we pursue in improving Our Site, subject to your raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
To investigate and address any comments, queries or complaints made by you regarding Our Site This processing is necessary for the legitimate interest we pursue in responding to enquires, subject to your raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
Where an enquiry relates to your account or our contract for services this processing may be necessary for the performance of a contract.
Providing and managing your Account This processing is necessary for the performance of a contract between us and information is processed to enable us to provide an account to you.
Supplying Our products and services to you This processing is necessary for the performance of a contract between us and information is processed to enable us to provide our services to you.
Personalising and tailoring Our products and services for you This processing is necessary for the performance of a contract between us and information is processed to enable us to provide our services to you.
This processing is necessary for the legitimate interest we pursue in keeping our products competitive and relevant to you, subject to your raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
Processing any claim, including a breach of contract, payment of money due etc.
This is necessary for the legitimate interests we pursue in obtaining payment for the Services we provide and/ or advancing or defending a claim in relation to the services we provide, subject to you raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
Supplying you with emails that you have subscribed to This processing is necessary for the legitimate interest we pursue in maintaining contact with you for our business purposes, subject to your raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
To disclose your Personal data to selected third parties as set out below This processing is necessary for the performance of a contract between us and information is processed to enable us to provide our services to you.
To contact you for marketing purposes.
(See marketing clause below) This processing is necessary for the legitimate interest we pursue in marketing other products and services to you, subject to your raising an objection, requiring us to check that our interest is not overridden by any risk to your rights.
Where required to comply with our legal obligations, including identity checks, requests from HMRC etc This processing is necessary to comply with our
6.How long we keep your Personal data
6.1 We only keep your data for as long as We need to in order to use it as described above in section 5. As a guide we will usually retain your Personal data for 7 years following termination of our contract/ services with you.
6.2 If required, we will be entitled to hold your Personal data for longer periods in order to comply with our legal or regulatory obligations.
7. Who do We Share Your Data with?
7.1 We may share your data with other companies in Our group. This includes Our subsidiaries and or Our holding company and its subsidiaries.
7.2 We may contract with third parties to supply products and services to you on Our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your Personal data. Where any of your Personal data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.
7.3 We may compile statistics about the use of Our Site including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymized and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.
7.4 In certain circumstances We may need to share your data with third parties, such as legal counsel (barristers, solicitors), to advance or defend a claim.
7.5 In certain circumstances We may be legally required to share certain data held by Us, which may include your Personal data, for example, where We are involved in legal proceedings, where We are complying with the requirements of legislation, a court order, or a governmental authority.
7.6 To any prospective buyer or seller (and their representative) in the event that we sell or buy a business or asset.
8. Overseas transfers
8.1 Some or all of your data may be stored or transferred outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland and Liechtenstein) including: USA because our cloud service provider are based there.
8.2. Such countries may not have similar protections in place regarding data protection. If We do store or transfer data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA. Such steps may include, but not be limited to, only transferring to countries subject to an adequacy decision, the use of approved contractual clauses (model clauses or the use of legally binding corporate terms.
9. Security measures
9.1 Data security is of great importance to Us, and to protect your data We have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through Our Site.
9.2 Notwithstanding the security measures that We take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to Us data via the internet.
10.1 For the purposes of the GDPR and Act We have a legitimate interest in processing your Personal data (name and contact details) for marketing communications.
10.2 For marketing communications that are business to business we do not require your permission, in line with current regulations. Where marketing communications are aimed at you as an individual we may require your permission to send these communications in certain circumstances, which are set out below.
10.3 Where you have previously ordered products or services from us, unless you have told us not to, we may contact you by telephone, email or post about similar products, services, promotions and special offers that may be of interest to you “soft opt-in”.
10.4 In addition, with your permission, we may contact you by telephone, email or post to provide information in relation to other products, services, promotions, special offers and other information we think may be of interest to you.
10.5 Further, with your permission, we may share your details with carefully selected third parties and they may contact you directly (unless you ask them not to) by telephone, email or post about products, services, promotions and special offers that may be of interest to you.
10.6 You have the right at any time to ask us, [or any third party], to stop processing your information for direct marketing purposes. If you wish to exercise this right please follow the unsubscribe link on the communications or contact us on the below details, or the relevant third party, giving us or them enough information to identify you and process your request.
10.7 Where you have requested that we no longer contact you for marketing communications, we may retain your Personal data as a record of this request.
11. Your rights in respect of your personal data
11.1 This section sets out the legal rights of individuals in respect of the personal information we are holding and/ or processing. If you wish to exercise any of your legal rights you should put your request in writing to us (using the contact details below) giving us enough information to identify you and respond to your request. Details of your rights are set out below:
11.1.1 The right of access – you have a right to access the Personal data we hold about you. Most requests will receive a response within one month of receipt of a valid request; those which are more complex or numerous may take up to three months. You may not be entitled to see all of the information about you if an exemption applies;
11.1.2 The right to rectification – if the personal information that we hold about you is incorrect, you have the right to ask us to amend it. Taking into account the purposes of the processing of personal data, the data can be rectified or, if data is incomplete, completed;
11.1.3 The right to erasure – in certain circumstances you have the right to request that the personal data held about you is deleted or removed. The GDPR outlines specific circumstances when this right applies; including: where data is no longer needed for the purposes for which it was collected or otherwise processed. There are certain exemptions to the right; including: when processing is necessary to comply with a legal obligation.
11.1.4 The right to restrict processing – in certain circumstances you are entitled to restrict process of personal data; this includes: where you contest the accuracy of the data; we no longer need the data for the purposes of processing. You may also request processing is restricted were you object to our legitimate interests as the basis of processing your personal data or you believe continued processing to be unlawful. If this right is exercised, any further processing of your data will take place only with your consent or in certain circumstances in which the GDPR allows such processing to take place;
11.1.5 The right to data portability – in certain circumstances you have the right, on request, to ask us to provide a copy of the personal data that you have previously supplied to us, i.e. where the processing is by automated means and you wish to transfer to a new service provider;
11.1.6 The right to object – in certain circumstances you have the right to object to the processing of your personal data by us. In particular, where you can demonstrate that such processing would be detrimental to your interests. If this right is exercised processing of personal data will stop, subject to us demonstrating compelling legitimate grounds for the processing to continue; or for the establishment, exercise or defence of legal claims.
11.2 If you seek to exercise a right and we consider an exemption applicable (or the relevant right is not exercisable), we will explain this to you in as clear a way as possible.
12. What Cookies Do We Use and What For?
12.2 By using Our Site you may also receive certain third-party Cookies on your computer or device. Third party Cookies are those placed by websites, services, and/or parties other than Us. We use third party Cookies on Our Site to better understand visitors to our site. These Cookies are not integral to the functioning of Our Site.
12.3 All Cookies used by and on Our Site are used in accordance with current France and EU Cookie Law.
12.4 Certain features of Our Site depend on Cookies to function. France and EU Cookie Law deems these Cookies to be “strictly necessary”. Your consent will not be sought to place these Cookies. You may still block these Cookies by changing your internet browser’s settings as detailed below in section 12.10, but please be aware that Our Site may not work as intended if you do so.
12.5 The following first party Cookies may be placed on your computer or device:
Cookies belonging to website tools for remembering preferences
and the following third party Cookies may be placed on your computer or device:
Cookies for tracking return visitors by industry standard tools such as Google Analytics
12.6 Our Site uses analytics services provided by Google and others. Website analytics refers to a set of tools used to collect and analyse usage statistics, enabling Us to better understand how people use Our Site. This, in turn, enables Us to improve Our Site and the products and services offered through it. You do not have to allow Us to use these Cookies, as detailed below, however whilst Our use of them does not pose any risk to your privacy or your safe use of Our Site, it does enable Us to continually improve Our Site, making it a better and more useful experience for you.
12.7 The analytics service(s) used by Our Site use(s) Cookies to gather the required information. Certain of these Cookies may be placed immediately when you first visit Our Site and it may not be possible for Us to obtain your prior consent. You may remove these Cookies and prevent future use of them by following the steps set out below in section 12.10.
12.8 You can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.
12.9 You can choose to delete Cookies at any time however you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings.
12.10 It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.
13. Contacting Us
We welcome your feedback and questions on this policy or Our Site. If you wish to contact us, please email us at [email protected]
If you have any concerns about how we collect or process your Information, please contact us on the above details.