Compliance Policies

Privacy policy

This privacy policy explains how we (Paxton Access Ltd) use any personal information we collect about you. We hold personal data about our customers, employees and suppliers (known as “data subjects”) for a variety of business purposes and this falls within the scope of this policy and the requirements of the General Data Protection Regulation 2016 (‘GDPR’) effective from 25th May 2018.

Click here to read in full

The modern slavery act 2015

Section 54 of the Modern Slavery Act 2015 (the “Act”) requires commercial organisations supplying goods or services in the United Kingdom which have a turnover of over £36 million per annum to publish a “Slavery and Human Trafficking Statement”.

This statement must set out the steps an organisation has taken, if any, during its financial year to ensure that slavery or human trafficking is not taking place in any part of its business and supply chain, or to declare that no such steps have been taken.

Click here to read in full

Gender pay gap

Organisations with 250 or more employees have to report on their gender pay gap annually, by publishing the results on their website and uploading them to a Government website for public availability.

Our report shows the difference in average hourly pay between men and women at Paxton, the bonus pay gaps and the proportions of men and women in each pay band. It also highlights the steps we’re taking to close the gap.

Click here to read in full

S172 Statement

This statement explains how the Paxton Directors have had regard to broader stakeholder interests when performing their duty under section 172 of the Companies Act 2006, to promote the success of the company for the benefit of its members as a whole.

Click here to read in full

Vulnerability Disclosure Policy

Like all good technology companies we have a clear, formal and robust process for the reporting of bugs and issues. We have a schedule of improvement updates that we release throughout the year. We operate a policy of responsible disclosure for reporting security vulnerabilities.

Click here to read in full

Product Security Policy

Paxton is committed to the safety and security of our products and services.

Although we design in security measures and test our products during development, the cyber security landscape is ever evolving. In order to keep pace, we make continuous security improvements on our products and conduct security tests on a periodic basis to ensure the ongoing resilience of our product range.

Click here to read in full

Product conformity declaration

A Declaration of Conformity (DoC) is used to show compliance with the following European Directives:

  • Low Voltage Directive (LVD)
  • Electromagnetic Compatibility (EMC) Directive
  • Radio Equipment Directive (RED)
  • Restriction of the use of certain hazardous substances (RoHS)


To obtain a DoC for any given product, please contact Paxton Technical Support with the product name and sales code.

Contact Paxton Support


Product end of life disposal

When our products reach the end of their useful life, we encourage consumers to ensure they dispose/recycle metal and plastic components in accordance with local and national environmental regulations.

At the end of its serviceable life a Paxton product should not be treated as household or general waste, it should be handed over to the applicable collection point for the recycling of waste electrical and electronic equipment (WEEE) or returned to your supplier for disposal.


Paxton product compliance

Paxton has worked to ensure its compliance with legislation covering data protection including the General Data Protection Regulation (GDPR) by 25th May 2018.

Our access control products also include the features necessary for our customers to achieve compliance.

  • Our systems are protected with password protection and operator rights, limiting the access to the data within the system. For the benefit of increased security, the systems can be set to automatically log out an operator if the system is inactive for an extended period.
  • You can set the system to report on information held for an individual, as well as permanently delete a user and all associated information if requested.
  • User activity in the system, in the form of events, can be deleted manually at any given point or a set timescale (i.e. 30 days) automatically. In the case of Paxton10, video records can also be deleted in the same way. Event information can be retained in the case of Net2, but can be anonymised. Net2 does not hold video data but any links to associated video can also be removed as part of the deletion of user information and events.
  • Data security is achieved within the systems by the use of best practice methods and database structure


There are two new application notes relating to the security update within Net2 v5.04:


We have made sure that our products will provide the tools required to allow compliance if used correctly, however, Paxton is not responsible for a user’s compliance with GDPR and do not offer advice on how to be compliant.


Paxton10 End User License Agreement

The Paxton10 EULA is a legal agreement between the end-user and Paxton Access Limited for the Paxton10 software product, which includes computer software and any data supplied with it, printed materials and online or electronic documentation.

Click here to read in full


Paxton Telemetry & Analytics – Net2 Access Control

Paxton gathers information about your system composition and use. The information provided will allow us to improve the products and services we offer you and does not include any personal data or identifiable information held within the system.

The information we collect includes:

  • The version of Net2 originally installed
  • The date of original install
  • Upgrade history; when Net2 was upgraded and to which version
  • Number & Types of devices – ACU’s, I/O Boards, PaxLocks & Entry
  • Number of users within the system
  • Number of credentials within the system
  • Number of events generated by the system
  • The Language in use
  • PC/Server information – OS, RAM, CPU, HDD/SSD size/space remaining
  • Feature use; which Net2 features are being used and when
  • Integrations used with the Net2 system
  • User activity; when the system is being used and for how long
  • Net2 Operator types and the number of operator accounts


In accordance with GDPR, we do not gather or store identifying personal information contained within the system. Information gathered is used purely for the continued improvement of our products and services. We will not pass any information we gather onto any third-party companies and we will not use the information to engage you in marketing activities.