Privacy Notice

Privacy is what we do for a living; we take our work seriously and consequently are committed to protecting your privacy in our own processing. This notice describes the data which we will hold about you, what we will do with it and why, and how we will protect it. It also describes your rights and how to exercise them.

Who are we?

Securys is a group of companies. The ultimate parent company is Securys Limited, registered in England and Wales with company number 9084719 with registered address is 161-165 Farringdon Road London EC1R 3AL, United Kingdom.

Other group companies include:

Privacy Made Practical Limited t/a Securys Ireland, registered in the Republic of Ireland with company number 663924 with correspondence address 12 Merrion Square, Dublin 2, D02 H798, Ireland.

If you have any questions about how we use your information, or want to exercise your rights over your information, you can write to us at our address above or contact us on:

Telephone: +44 (0)800 193 8700

Email: privacy@securys.co.uk

EEA residents may also contact us on privacy@securys.ie

What information do we collect and process about you, what do we do with it and why?

When you visit our website

We use cookies to collect and analyse information about how you use or interact with our website (website analytics). We justify this processing based on your consent given through our cookie banner. Please see our Cookie Notice for more information. Cookies are small data files which are transferred and stored on your computer or device by a website you visit, and which may be used for different purposes.

Most browsers will automatically accept a cookie, but it is possible to set your browser to notify you prior to it being set, at which point you can accept or reject it.

We host our website with an external provider, Hubspot, using their managed platform. We do not control what information they may collect and they do not pass this data on to us. Their corporate privacy policy may be found here: https://legal.hubspot.com/privacy-policy

If you have any questions, concerns or complaints about their privacy policy or their data collection and processing practices, you may contact them using this form.

Alternatively, you may contact them by post:

Nicholas Knoop
HubSpot, Inc.
25 First Street, 2nd Floor
Cambridge, MA 02141 USA

When you contact us

If you get in touch with us – whether that is by phone, email, post or in person – you may provide us with personal information. For example, if you use our contact form, we ask for your name, email address and contact phone number. Only information that is needed to deal with your enquiry will be shared internally or with selected third parties. We will use the information you provide to deal with your enquiry and for no other purpose.

We justify this processing on the basis of your consent. We will keep this information for no longer than six months from the last interaction with you.

For marketing purposes

We may add you to our marketing database in several ways.

  • When you sign up via our website to hear from us
  • We will collect your business contact details and add you to our marketing database as requested.

When you sign up for a webinar or other event that we are hosting

We will collect your business contact details to administer the event.

We use LogMeIn Inc’s GoToWebinar platform to host our webinars. The privacy notice for our webinars can be found here. We will only use your business contact details for marketing if you opt-in to receiving marketing materials from us.

When you sign up for a webinar or other event that we are sponsoring and opt-in to marketing

Where the webinar is hosted by a third party, the event organiser may share your business contact details with us for marketing purposes if you provide consent at the point of registration.

General

When sending invitations to events we will do some profiling of you to select events that we think will be relevant to you. This profiling will use data you have provided directly to us, data we have gathered from the public domain limited to the location of your office, your business or organisational role and the nature of your business or organisation, and data we gather from your behaviour in opening emails, accepting invitations and attending events. You can opt out of this profiling at any time – just contact us and ask either never to be invited or always to be invited.

We will only use your details for marketing where you have provided us consent. You may withdraw your consent at any time by unsubscribing to our marketing emails or by writing to us, emailing us or phoning us using our contact details above. We retain your personal data for marketing purposes until you unsubscribe or we get a hard bounce from an email we send you indicating that your email address is invalid.

When you interact with us on social media

We use Twitter and LinkedIn to raise awareness of our brand, promote our activities and events and contact potential customers. When you comment on our posts or send us a private message you may provide us with your personal data. We will use the personal data you provide us to communicate with you and for no other purpose. We may also obtain information from Twitter and LinkedIn about how you interact and engage with our posts and pages on their platform. We process your personal data on the basis of our legitimate interest in promoting our business, increasing audience engagement on social media, and responding to your comments and queries. If you wish, please contact us for a copy of the Legitimate Interest Assessment relevant to this processing. We are not responsible for the privacy practices of social media platforms. If you wish to obtain more information about how LinkedIn and Twitter collect and manage your personal data, please visit the privacy notices on their websites.

When you apply for a job with us

When you apply for a position at Securys, the personal information you provide to us may include, your name, address (including email address), job and career history, educational background, professional membership and other relevant information from your CV.

We process the information you provide to us on the basis of discussing a possible contract of employment. We will keep this information for no longer than 12 months from the last interaction with you. After that time, we will retain your name, address (including email address), date of application and post applied for, and a brief and objective record of the employment decision taken until 5 years after our last contact with you.

When you visit our offices

When you visit our offices in London you will be recorded by our CCTV system. The privacy notice for that system can be found here.

We will also record your name and the times of your arrival and departure in our visitor log; this is done to ensure your safety in the event of an evacuation of the building for any reason. The visitor log is retained for 90 days from the date of your visit. We justify this processing on the basis of our legal obligation under the Health and Safety at Work Act. 

Who else will see your information?

We share your information within Securys between our constituent companies. These transfers are protected by our internal data sharing agreement, which incorporates the European Union’s standard contractual clauses. You may request a copy of this agreement by contacting us as set out above.

We will never sell your data nor provide access to it to any third parties for marketing purposes. We will share your data with our subcontractors because, like many businesses, we don’t do everything ourselves. When we have someone else help us handle an aspect of our business, we will pass them some of your data so that they can do their work. We will only ever give them the minimum information that they need and it will always remain under our control. This means that they can only do with your data what we tell them to, and can’t keep it once they no longer need it or pass it on to anyone else. We vet suppliers who handle confidential information, including personal data, and have contracts with them which require them to protect data appropriately.

Where legally required to do so we will share your information with other third parties such as our insurers or government agencies and regulators.

How do we look after your data?

We take the security of your data very seriously. We are ISO27001:2013 and ISO 27701:2019 certified; these certifications cover our entire organisation. Where we collect your personal data, we ensure that this data is retained within the EEA.

We have strict contracts with anyone with whom we share information to ensure they take appropriate care of your data, in line with the European General Data Protection Regulation 2016 and the UK Data Protection Act 2018. We will always obey both the letter and the spirit of the data protection laws that apply to us.

What are your rights?

You have the right to request a copy of all the information we hold about you and to ask us to correct any inaccurate personal information concerning you. We may in some circumstances need to check that what you have told us is accurate and require a form of identification.

You have the right to ask us to delete your information, to stop processing it or to restrict our processing of it. However, we may not be able to do so immediately if we have a lawful reason or a legal or contractual obligation to retain the information or continue the processing. We will notify you if this is the case.

Where you have given consent, you have the right to withdraw it at any time.

To exercise any of these rights, please contact us using the details at the top of this policy.

You have the right not to be subjected to automated processing of your data in a way which will have a material impact on you. We do not use automated processing.

You also have the right to make a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK. You can contact them at: 

https://ico.org.uk/make-a-complaint/

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Email: icocasework@ico.org.uk

Telephone: 0303 123 1113

If you are resident in the European Economic Area you have the right to make a complaint to the Irish Data Protection Commissioner – the supervisory authority that handles data protection law in Ireland. You can contact them at:

https://forms.dataprotection.ie/contact

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

 

Webinar Privacy Notice Addendum

This is an addendum to our main privacy policy which can be found here.
This addendum relates to data collection and processing if you sign up for a webinar hosted by us using GoToWebinar.

Data collected

We will collect your business contact details at the time of sign-up.
If you attend the webinar live, we will collect additional information about your attendance including time attended, IP address, some technical information about your browser and LogMeIn client, your interactions with the webinar, if any. The webinar itself is being recorded including any comments posted on the public comment thread.
If you watch the recording of the webinar, we will collect additional information about your interaction with the recording including time watched, IP address and some technical information about your browser.

How we use this information

We will use your email address to send you content and attendance updates about the webinar prior to its scheduled presentation time.
We will also send you a link to the recording following the initial broadcast, whether you attend live or not. We will include some marketing information relating to our services in these emails. We will not send you further marketing material following the post-broadcast communication unless you ask us to or have previously been receiving marketing communications from us. Contact details for opting out can be found in our main privacy policy and every marketing communication you receive from us will include an opt-out option.
If you contribute to the webinar whether in speech, video or text comment, you will be identifiable to other participants in the webinar and on the recording, and we will use your name to identify you if we respond to your contribution.
We use the technical and attendance information collected to help us understand and improve the performance of our webinars. This information is collected and retained in identifiable form but is only used in anonymised form for this purpose.

Our basis for using this information

We consider this processing to be justified on the basis of your consent. Please note that you can withdraw your consent at any time by unsubscribing to our emails or by writing to us, emailing us or phoning us using our contact details below.

Your rights

Your rights are detailed in our main privacy policy. However, we make the following additional stipulations with regard to the webinar:
Once you choose to attend the webinar it will not be technically possible for us to remove any contributions you make from the recording, so your right to deletion cannot be applied in this specific case.
We cannot control the uses to which others may put the recording and we are not screening attendees by geography, so we cannot guarantee that your personal information in the form of contributions made to the webinar either as recorded speech and video, or as text in the public chat, will not be transferred outside the EEA.
You may, of course, choose not to contribute (although we very much hope you will), and you may leave the webinar at any time.

Sharing data with third parties

We use LogMeIn Inc’s GoToWebinar platform for our webinars. Their privacy policy also applies and can be found from the link on the registration page. We cannot control what use they make of the data they collect and make no warranties in that regard.
We will share your registration and attendance information with our partners for each webinar. These partners are listed in the invitation as sponsors, speakers or facilitators and you may request a full list of partners, with contact information, for any specific webinar at any time by contacting the Securys privacy office using the details in our main privacy policy. We cannot control to what uses our partners put the information we share with them, and we regard them as separate individual controllers for this purpose. Our webinar partners are nonetheless required to abide by all of the provisions of the UK Data Protection Act 2018 and Privacy and Electronic Communications Act 2003.

Securys Limited is the data controller.
The contact details to exercise your rights or to request clarification of any aspect of this notice are:

Privacy Office
Securys Limited
161-165 Farringdon Road
London EC1R 3AL
email: privacy@securys.co.uk
telephone: 0800 193 8700

You also have the right to make a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK. You can contact them at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
email: casework@ico.org.uk
telephone: 0303 123 1113

Notice Information

This notice was last updated on the 11th of May 2022. We may update it at any time.