Privacy is what we do for a living; we take our work seriously and consequently are committed to protecting your privacy in our own processing. This policy describes the data which we will hold about you, what we will do with it and why, and how we will protect it. It also describes your rights and how to exercise them.
Who are we?
Securys is a group of companies. The ultimate parent company is Securys Limited, registered in England and Wales with company number 9084719 with registered address is 161-165 Farringdon Road London EC1R 3AL, United Kingdom.
Other group companies include:
Privacy Made Practical Limited t/a Securys Ireland, registered in the Republic of Ireland with company number 663924 with correspondence address 12 Merrion Square, Dublin 2, D02 H798, Ireland.
If you have any questions about how we use your information, or want to exercise your rights over your information, you can write to us at our address above or contact us on:
Telephone: +44 (0)800 193 8700 Email: firstname.lastname@example.org
EEA residents may also contact us on email@example.com
What information do we collect and process about you, what do we do with it and why?
Most browsers will automatically accept a cookie, but it is possible to set your browser to notify you prior to it being set, at which point you can accept or reject it.
Alternatively, you may contact them by post:
25 First Street, 2nd Floor
Cambridge, MA 02141 USA
When you contact us
If you get in touch with us – whether that is by phone, email, post or in person – you may provide us with personal information. For example, if you use our contact form, we ask for your name, email address and contact phone number. Only information that is needed to deal with your enquiry will be shared internally or with selected third parties. We will use the information you provide to deal with your enquiry and for no other purpose.
We justify this processing on the basis of your consent. We will keep this information for no longer than six months from the last interaction with you.
For marketing purposes
We do research to identify potential customers. We do not sell to consumers; our interest is in marketing to your business or organisation. Where we obtain personal details as part of this research, these are limited to your name, work email address, work telephone number and job role. If we obtain these details through research we will make contact with you within one month of data collection to inform you that we have the data and to ask you to confirm that you are the correct representative of your business or organisation to receive our marketing material. You may opt out of receiving marketing communications or provide alternative contact details at that time or at any time thereafter. Please note that if you provide alternative contact details we will in turn make contact for the same purpose with the person you nominate. If you opt out we may continue to send marketing information to your business or organisation but will not address it to you nor use any personal contact details in so doing.
Any emails we send you will include an option to opt out of future marketing communication. You can also opt out by writing to us, emailing us or phoning us using our contact details above.
When sending invitations to events we will do some profiling of you to select events that we think will be relevant to you. This profiling will use data you have provided directly to us, data we have gathered from the public domain limited to the location of your office, your business or organisational role and the nature of your business or organisation, and data we gather from your behaviour in opening emails, accepting invitations and attending events. You can opt out of this profiling at any time – just contact us and ask either never to be invited or always to be invited.
We justify this processing on the basis of our legitimate interest in marketing our products and services to you. If you wish, please contact us for a copy of the Legitimate Interest Assessment relevant to this processing. Where we have asked for your consent this is purely consent to receive this material by email in accordance with the Privacy and Electronic Communications Regulation; it does not change the lawful basis we rely upon for our processing. We retain personal data used for marketing for no longer than 18 months from the date of your last interaction with us.
When you interact with us on social media
We use Twitter and LinkedIn to raise awareness of our brand, promote our activities and events and contact potential customers. When you comment on our posts or send us a private message you may provide us with your personal data. We will only use the personal data you provide us to communicate with you and for no other purpose. We may also obtain information from Twitter and LinkedIn about how you interact and engage with our posts and pages on their platform. We process your personal data on the basis our legitimate interest in promoting our business, increasing audience engagement on social media, and responding to your comments and queries. If you wish, please contact us for a copy of the Legitimate Interest Assessment relevant to this processing.
We are not responsible for the privacy practices of social media platforms. If you wish to obtain more information about how LinkedIn and Twitter collect and manage your personal data, please visit the privacy notices on their websites.
When you apply for a job with us
When you apply for a position at Securys, the personal information you provide to us may include, your name, address (including email address), job and career history, educational background, professional membership and other relevant information from your CV.
We process the information you provide to us on the basis of discussing a possible contract of employment. We will keep this information for no longer than 24 months from the last interaction with you.
When you register for our webinars
We use LogMeIn Inc’s GoToWebinar platform to host our webinars. The privacy notice for our webinars can be found here.
When you visit our offices
When you visit our offices you will be recorded by our CCTV system. The privacy notice for that system can be found here.
We will also record your name and the times of your arrival and departure in our visitor log; this is done to ensure your safety in the event of an evacuation of the building for any reason. The visitor log is retained for 90 days from the date of your visit. We justify this processing on the basis of our legal obligation under the Health and Safety at Work Act.
Who else will see your information?
We share your information within Securys between our constituent companies. These transfers are protected by our internal data sharing agreement, which incorporates the European Union’s standard contractual clauses. You may request a copy of this agreement by contacting us as set out above.
We will never sell your data nor provide access to it to any third parties for marketing purposes. We will share your data with our subcontractors because, like many businesses, we don’t do everything ourselves. When we have someone else help us handle an aspect of our business, we will pass them some of your data so that they can do their work. We will only ever give them the minimum information that they need and it will always remain under our control. This means that they can only do with your data what we tell them to, and can’t keep it once they no longer need it or pass it on to anyone else.
Where legally required to do so we will share your information with other third parties such as our insurers or government agencies and regulators.
How do we look after your data?
We take the security of your data very seriously. We are ISO27001:2013 and ISO 27701:2019 certified; these certifications cover our entire organisation. Where we collect your personal data, we ensure that this data is retained within the EEA.
We have strict contracts with anyone with whom we share information to ensure they take appropriate care of your data, in line with the European General Data Protection Regulation 2016 and the UK Data Protection Act 2018. We will always obey both the letter and the spirit of the data protection laws that apply to us.
What are your rights?
You have the right to request a copy of all the information we hold about you and to ask us to correct any inaccurate personal information concerning you. We may in some circumstances need to check that what you have told us is accurate and require a form of identification.
You have the right to ask us to delete your information, to stop processing it or to restrict our processing of it. However, we may not be able to do so immediately if we have a lawful reason or a legal or contractual obligation to retain the information or continue the processing. We will notify you if this is the case.
Where you have given consent, you have the right to withdraw it at any time.
To exercise any of these rights, please contact us using the details at the top of this policy.
You also have the right to make a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK. You can contact them at:
You also have the right to make a complaint to the Information Commissioner’s Office – the supervisory authority that handles data protection law in the UK. You can contact them at: https://ico.org.uk/make-a-complaint/
Information Commissioner’s Office
Cheshire SK9 5AF
Telephone: 0303 123 1113
If you are resident in the European Economic Area you have the right to make a complaint to the Irish Data Protection Commissioner – the supervisory authority that handles data protection law in Ireland . You can contact them at: https://forms.dataprotection.ie/contact
Data Protection Commission
21 Fitzwilliam Square South
This policy was last updated on the 4th of February 2021. We may update it at any time.