Privacy Notice

Privacy is what we do for a living; we take our work seriously and consequently are committed to protecting your privacy in our own processing. This notice describes the data which we will hold about you, what we will do with it and why, and how we will protect it. It also describes your rights and how to exercise them. 

Who are we? 

Securys is a group of companies. The ultimate parent company is Securys Limited, registered in England and Wales with company number 9084719 with registered address is  4th Floor, 91 Goswell Road, London EC1V 7EX, United Kingdom. 

Other group companies are: 

Privacy Made Practical Limited t/a Securys Ireland, registered in the Republic of Ireland with company number 663924 with correspondence address 12 Merrion Square, Dublin 2, D02 H798, Ireland.  

Securys, Inc. a company under the laws of the State of Delaware in the United States of America having its business office at Corporation Trust Center, 1209 Orange Street, Wilmington, Delaware 19801, United States of America (“SInc”), and 

Securys (St Lucia) Limited a company under the laws of St Lucia having its business office at 20 Micoud Street, Castries, Saint Lucia, W.I. (“SSLL”), and 

Securys (Jamaica) Limited a company under the laws of Jamaica having its business office at Temple Court, 85 Hope Road, Kingston 6, Jamaica, W.I. (“SJL”). 

If you have any questions about how we use your information, or want to exercise your rights over your information, you can write to us at our address above or contact us on:  

Telephone: +44 (0)800 193 8700 

Email: privacy@securys.co.uk 

EEA residents may also contact us on privacy@securys.ie  

Caribbean residents may also contact privacy@securys.com.jm 

What information do we collect and process about you, what do we do with it and why? 

When you visit our website 

We use cookies to collect and analyse information about how you use or interact with our website (website analytics). We justify this processing based on your consent given through our cookie banner. Please see our Cookie Notice for more information.  Cookies are small data files which are transferred and stored on your computer or device by a website you visit, and which may be used for different purposes.  

Most browsers will automatically accept a cookie, but it is possible to set your browser to notify you prior to it being set, at which point you can accept or reject it. 

We host our website with an external provider, HubSpot, using their managed platform. We do not control what information they may collect and they do not pass this data on to us. Their corporate privacy policy may be found here: https://legal.hubspot.com/privacy-policy  

If you have any questions, concerns or complaints about their privacy policy or their data collection and processing practices, you may contact them using this form. Alternatively, you may contact them by post: 

Nicholas Knoop 
HubSpot, Inc. 
25 First Street, 2nd Floor 
Cambridge, MA 02141 USA  

When you contact us 

If you get in touch with us – whether that is by phone, email, post or in person – you may provide us with personal information. For example, if you use our contact form, we ask for your name, email address and contact phone number. Only information that is needed to deal with your enquiry will be shared internally or with selected third parties. We will use the information you provide to deal with your enquiry and for no other purpose. 

We justify this processing on the basis of your consent. We will keep this information for no longer than six months from the last interaction with you. 

For marketing purposes 

We may add you to our marketing database in several ways. 

When you sign up via our website to hear from us, we will collect your business contact details and add you to our marketing database as requested. 

When you sign up for a webinar or other event that we are hosting

We will collect your business contact details to administer the event. 

When you sign up for a webinar or other event that we are sponsoring and opt-in to marketing 

Where the webinar is hosted by a third party, the event organiser may share your business contact details with us for marketing purposes if you provide consent at the point of registration. 

General 

When sending invitations to events we will do some profiling of you to select events that we think will be relevant to you. This profiling will use data you have provided directly to us, data we have gathered from the public domain limited to the location of your office, your business or organisational role and the nature of your business or organisation, and data we gather from your behaviour in opening emails, accepting invitations and attending events. You can opt out of this profiling at any time – just contact us and ask either never to be invited or always to be invited. 

We will only use your details for marketing where you have provided us consent In Jamaica and under our legitimate interest. You may unsubscribing to our marketing emails or by writing to us, emailing us or phoning us using our contact details above. We retain your personal data for marketing purposes until you unsubscribe or we get a hard bounce from an email we send you indicating that your email address is invalid. 

When you interact with us on social media 

We use LinkedIn and in some regions Instagram and WhatsApp to raise awareness of our brand, promote our activities and events and contact potential customers. When you comment on our posts or send us a private message you may provide us with your personal data. We will only use the personal data you provide us to communicate with you and for no other purpose. We may also obtain information from LinkedIn about how you interact and engage with our posts and pages on their platform. We process your personal data on the basis our legitimate interest in promoting our business, increasing audience engagement on social media, and responding to your comments and queries. If you wish, please contact us for a copy of the Legitimate Interest Assessment relevant to this processing. 

We are not responsible for the privacy practices of social media platforms. If you wish to obtain more information about how LinkedIn, Instagram and WhatsApp collect and manage your personal data, please visit the privacy notices on their websites. 

When you apply for a job with us 

When you apply for a position at Securys, the personal information you provide to us may include, your name, address (including email address), job and career history, educational background, professional membership and other relevant information from your CV.  

We process the information you provide to us on the basis of discussing a possible contract of employment. We will keep this information for no longer than 12 months from the last interaction with you. After that time, we will retain your name, address (including email address), date of application and post applied for, and a brief and objective record of the employment decision taken until 5 years after our last contact with you. 

When you visit our offices 

When you visit our offices in London you will be recorded by our CCTV system. The privacy notice for that system can be found here. 

We will also record your name and the times of your arrival and departure in our visitor log; this is done to ensure your safety in the event of an evacuation of the building for any reason. The visitor log is retained for 90 days from the date of your visit. We justify this processing on the basis of our legal obligation under the Health and Safety at Work Act. 

Who else will see your information? 

We share your information within Securys between our constituent companies. These transfers are protected by our internal data sharing agreement, which incorporates the European Union’s standard contractual clauses. You may request a copy of this agreement by contacting us as set out above. 

We will never sell your data nor provide access to it to any third parties for marketing purposes. We will share your data with our subcontractors because, like many businesses, we don’t do everything ourselves. When we have someone else help us handle an aspect of our business, we will pass them some of your data so that they can do their work. We will only ever give them the minimum information that they need and it will always remain under our control. This means that they can only do with your data what we tell them to, and can’t keep it once they no longer need it or pass it on to anyone else. We vet suppliers who handle confidential information, including personal data, and have contracts with them which require them to protect data appropriately. 

Where legally required to do so we will share your information with other third parties such as our insurers or government agencies and regulators. 

How do we look after your data? 

We take the security of your data very seriously. We are ISO27001:2013 and ISO 27701:2019 certified; these certifications cover our entire organisation.  

We have strict contracts with anyone with whom we share information to ensure they take appropriate care of your data, in line with relevant data protection legislation including but not limited to the General Data Protection Regulation 2016, the UK Data Protection Act 2018, the Jamaican Data Protection Act 2020, the Barbados Data Protection Act 2021 and the amended St Lucia Data Protection Act 2015. 

Personal data can be processed anywhere in our group of companies, safeguarded by our intragroup agreement. 

Your rights 

Your personal data belongs to you. We use it to provide products and services to you, to obey the law and to improve our services.  

Different countries have different laws regarding personal data. Your legal rights will depend on where you live and where we process your data; you can find more details in the relevant country-specific sections below. To make things simple, wherever you live and whatever your relationship with us, we give you the following rights over your data: 

“Transparency” 

You have the right to a detailed explanation of what data we have about you, how and where we use it, how long we keep it and with whom it is shared. That information is contained in the details of our data processing below. 

“Access” 

You have the right to a copy of the data we hold about you. We will not charge you for providing this information in electronic form; we may charge for providing it on paper to reflect the costs and environmental impact of doing so. We may ask you to prove your identity before we release your data to you. If you want the data for a specific reason, you can help us by letting us know. Please be aware that no-one can force you to get a copy of your data and no-one should ask you to share it with them.  

“Correction” 

You have the right to have your data corrected. If you believe we have incomplete or incorrect information about you, please let us know. We may ask you to provide your identity and to provide evidence supporting the changes you would like made.  

“Erasure and the right to be forgotten” 

You have the right to have your data erased if we no longer need it. Note that in many cases we need to retain data about you in order to honour our obligations to you, because we are required to by law, or to protect your and our interests. 

“Review of automated decision making” 

You have the right to a human review of decisions we have made about you by purely automated means. Please note that almost all of our decision-making is already reviewed by a person – we do not use automated decision making. 

“Objection to processing on the basis of legitimate interest” 

You have the right to object to processing of your data where we use it to help us improve our services and develop our business. Technically this is known as processing on the basis of our legitimate interests and there is more information about this processing in the privacy notice. We are required carefully to consider and respond to your objection and show that we have taken care to protect you when doing such processing; you may also require that we do not process your data while we are considering your objection. 

“Restriction of processing” 

You have the right, in certain other circumstances, to require us to stop processing your data. These circumstances are: 

  • Where we disagree about the accuracy of the information we hold about you and while we are verifying that information. 
  • Where we no longer require personal data that we hold about you and would normally erase it, but you wish us to retain it without otherwise processing it, for instance where you believe that you may need the information for your own purposes in a legal claim. 
  • You believe that the processing of your data may cause you substantial harm or distress and that our processing is not justified in accordance with the law. 

“Direct marketing” 

You have the right to opt out of direct marketing. Note that if you do not specify which marketing you no longer wish to receive, we will stop sending you any marketing information. You will need to tell us the email addresses, phone numbers and other relevant details, and you will understand that we will need to keep these details so that we can be sure not to add you back to marketing lists in error. You also, of course, have the right to opt back into marketing at any time. 

“Data portability” 

In some circumstances you have the right to ask us to transfer your data to another service provider directly. This can only be done where it is technically possible both for us and for the other service provider; we and they will let you know when this is the case. 

“Withdrawal of consent” 

Most of our processing of your data is performed for one of three reasons: 

  • in service of a contract between you and us, or in order to enter into such a contract; 
  • to comply with legal obligations placed on us by the government and our regulators; or 
  • to help us improve our services by better understanding our customers and their needs. 

However, in some cases we will ask you for your consent to processing. Where we have done so, you have the right to withdraw your consent at any time and we will stop processing. We will explain the consequences of withdrawing consent at the time we ask for it and when you ask to withdraw it. 

If you would like to know more about our processing of your data or would like to exercise any of your rights, you can email us at privacy@securys.co.uk 

You also have the right to make a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK. You can contact them at:  

https://ico.org.uk/make-a-complaint/ 

 

Information Commissioner’s Office 

Wycliffe House 

Water Lane 

Wilmslow 

Cheshire 

SK9 5AF 

 

Email: icocasework@ico.org.uk

Telephone: 0303 123 1113 

 

If you are resident in the European Economic Area you have the right to make a complaint to the Irish Data Protection Commissioner – the supervisory authority that handles data protection law in Ireland. You can contact them at: 

https://forms.dataprotection.ie/contact 

 

Data Protection Commission 

21 Fitzwilliam Square South 

Dublin 2 

D02 RD28 

Ireland

 

If you are resident in Jamaica, you have the right to complain to the Information Commissioner there.

 

Office of the Information Commissioner 

The Masonic Building (2nd Floor) 

45-47 Barbados Avenue 

Kingston 5 

Jamaica 

 

Tel: +1 (876) 920-4390 

Email: info@oic.gov.jm   

 

Notice Information 

This notice was last updated on 1st May 2024. We may update it at any time. 

Website and contents ©2024 Securys Limited or their respective owners all rights reserved.
Securys, the Securys logo, “Information Security Made Practical”, “Data Privacy Made Practical”, “Privacy Made Practical” and “Privacy Made Positive” are trademarks of Securys Limited.

Switch region
Ireland