This policy applies to all prospective applicants, Customers, Sub-contractors & Suppliers, Website User and the owner and provider of this website SECOM Plc.
SECOM Plc takes the privacy of your information very seriously and this policy outlines our conduct of how we collect and use the Data that is provided.
This Policy does not cover companies, services or applications that are not owned or controlled by SECOM Plc and you should refer to the Privacy Notice/Policy of any such third party
Please read the policy carefully.
|Data||Collectively all information that is provided to SECOM Plc. This definition incorporates, where applicable, the definitions provided in GDPR.|
|EAA||European Economic Area is a secure server that is used to store data; this excludes any email alerts from SECOM Plc. Some of SECOM Plc suppliers based outside the EEA is strictly controlled with access of your data. By submitting your persona data, you have agreed to the terms.|
|GDS||Government Digital Service is only accessed by authorised people and our suppliers to; improve the site by monitoring how you use it; gather feedback to improve our services e.g. email alerts; respond to any feedback received and requested; send email alerts to users who request them; allow you to access government services and make transactions; provide you with information about local services if required.|
|SECOM Plc||A company incorporated in England Wales with registered number 2585807 whose registered office is: Secom House 52 Godstone Road Kenley, Surrey, CR8 5JF.|
|UK & EU Cookie Law||The Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011.|
|Third Party||Any third party that accesses the Website and is not either (i) employed by SECOM Plc and acting during their employment of (ii) engaged as a consultant or otherwise providing services to SECOM Plc and accessing the Website in connection with the provision of such services.|
|Website||The website that you are currently using, www.secom.plc.uk, and any sub-domains of this site unless expressly excluded by their own terms and conditions.|
|Cookies||A small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies).|
In this policy, unless the context requires a different interpretation:
Implementing, management and assurance of SECOM Plc GDPR policy is shared amongst the DPO and the GDPR committee. SECOM Plc Data Protection Officer (DPO) will be the first point of contact for all GDPR related enquires; Data Breaches, Subject Access & Erasure and General Customer Request’s. The GDPR Committee sits behind DPO to assist and sets policy in respect of the Company’s GDPR compliance and in the absence of the DPO the committee will be the second point of contact for any enquires and request made.
The GDPR Committee consist of members with relevant experience in the field of corporate governance/risk, business management and IT security the members are;
Head of Compliance and Training
The policy outlines SECOM Plc commitment to protect personal information. It is equally important for SECOM Plc to be compliant and by doing so we have adopted regulatory, statutory and industry guidelines to manage all personal data securely. The term “Personal Data” refers to personally identifiable information about “you”, such as your name, date of birth, e-mail address or postal address etc… Where data is submitted by “you” whether it is manually or in electronically, this means that consent has been given for SECOM Plc to process.
Your personal information will only be processed;
SECOM Plc are responsible for protecting your personal data at all time, this is done by;
In accordance with SECOM Plc policy, information that is collated consist of both general and special categorised data, this may include but not limited to the following;
For purposes of the General Data Protection Regulations (GDPR), SECOM Plc is the “data controller”. We will retain any Data that you have provided SECOM Plc for a minimum of 6 months where applicable;
|Data Type||Retention Period|
|Subcontractor Records||3 years|
|Head Office Admin||3 years|
|Business Systems||Minimum 2 years|
|CCTV/ Call Recordings||Minimum 12 months|
Unless we are obliged or permitted by law to do so, and subject to any third-party disclosures specifically set out in this policy, your Data will not be disclosed to third parties. This includes our affiliates and/ or other companies within our group.
All personal Data is stored securely in accordance with the principles of GDPR. For more details on security see the clause below (Security).
Any or all the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons:
All information provided are stored on SECOM Plc servers at Kenley and backed up to our secure inhouse servers in Hainault and Leeds.
Unfortunately, transmission of information via internet is not completely secure. SECOM Plc will do their best to protect your personal data, we can not guarantee the security of your data transmitted to our website: any transmission is at your own risk. However, once SECOM Plc has received your information we will use strict procedures and security protocols to try and prevent unauthorised access.
SECOM Plc reserve the right to disclose any personal information we have concerning you if we are compelled to do so by a court of law or requested to do so by a governmental entity or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property in accordance with applicable laws;
*Refer to Section 4 – Data Collected
|Data Collected||SECOM Plc will use this personal data for the following purposes:||Legal Grounds for SECOM Plc collection and use of your personal data|
|A, B, C, D, E, F, G||Obtaining and using the information for contacting prospective customers, complaints, feedback and service ratings.||Legitimate interest for SECOM Plc to provide quotes, assist and respond customer feedback/experience|
|A, B, C, D, E||Obtaining customer information to process system before scanning on to SECOM Plc business management system.||This use, including the collection of the personal data needed to do it, is necessary for our legitimate interest to sustain the partnership with you/the company|
|A, B, C, D, E||Running and managing regulatory obligations where SECOM Plc will use your data to provide government officials and courts.||It is SECOM Plc legal obligation to provide evidence of record.|
|A, B, C, D, E||Invoices and statements containing personal data to trade.||The purposes of obtaining and processing invoices/statements it is SECOM Plc legitimate interest as well as contractual and legal obligation to retain and use the personal information.|
|A, B, C, D, E||To provide you with marketing communications, where you have opted in to receive such communications (including information about us, our products, solutions and services). These can be shared via electronically and post.||This use, including the collection of the personal data needed to do it, is necessary for the purpose of our legitimate interest to market, promote and demonstrate our business, products and services, and any other information.|
|A, B, C, D, E, H, G||To do other things that you have explicitly asked us to do, for example if you chose to opt in to one or more specific activities that we offer.||If you have opted in to a specific activity that we offer, this use, including the collection of the personal data needed to do it, is necessary for the performance of the contract we have with you/the company – that is, our obligation to provide to you or enable you to take part in the offered activity|
|G, I||Running and managing the process of pre-employment process; dependant on the role of the job, health status will be requested.||Legitimate interest and legal obligation|
SECOM Plc performs several functions to provide the best quality service. In some cases, data may be shared based on business, legal and contractual agreement. Our reason for the sharing data varies from marketing to background checks. We ensure that all data held and processed by Secom is only accessed by employees and approved 3rd party suppliers. Outlined below are the categories of whom SECOM Plc may share personal data with and our legitimate reason for sharing.
|Data Centre||Daily backup|
|Marketing & Sales Force||Providing products and services updates|
|Courts||Compelled to comply with request|
|Finance, Auditors, Credit Control and Advisors||Audits|
|Employees||Accessing accounts to assist with quires|
|Engineers and Subcontractors||Service and product installation continuous routine maintenance checks|
|Credit Referencing/ DBS||Staff Vetting/Security Checks|
|Employees – Compliance||Invoice payments and personnel files|
SECOM Plc acknowledges that the information that is provided may be confidential and to ensure that your data is protected SECOM Plc will maintain the confidentiality of your data and information in accordance with all applicable laws.
We may also disclose Data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
Wherever you are required to submit Data, you will be given options to restrict our use of that Data. This may include the following:
SECOM Plc may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. The providers of such services do not have access to certain personal Data provided by Users of this Website.
Google may use your personal data when you give content on the site. Please see Google’s Privacy & Terms site for more information.
All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
Before the Website place Cookies on your computer, you will be presented with a pop-up requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling SECOM Plc to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
This Website may place the following Cookies:
|Type of cookies||Purpose|
|Strictly necessary cookies||These cookies are essential in order for you to move around the website and use its features, for example such as accessing secure areas of the website. talk to Marketing|
|Analytical/performance cookies||They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily|
|Functionality cookies||These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region)|
|Targeting cookies||These cookies record your visit to our website, the pages you have visited and the links you have followed. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers|
You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser.
You can choose to delete Cookies at any time; however, you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
Data security is of great importance to SECOM Plc and to protect you Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collection via this Website. If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.
We endeavour to do our best to protect your personal Data. However, transmission of information over the internet is not entirely secure and its done at your own risk. We cannot ensure the security of your Data transmitted to the Website.
You have the right to ask for a copy of any of your personal Data held by SECOM Plc as a Subject Access Request (SAR’s). All requests must be in writing and addressed to the ‘Data Controller’, the request may include but not limited to;
SECOM Plc will aim to acknowledge any Subject Access Request within 48hrs of receipt and complete the process within 30 days. In some cases, processing SAR’s may take longer, and it is SECOM Plc’s duty to keep you informed.
This is non-chargeable request; however, SECOM Plc has the rights to charge a ‘reasonable fee’ when a request is manifestly unfounded, excessive or repetitive.
SECOM Plc Staff, Customers, Sub-contractors & Suppliers, Website User shall have the right to obtain from the Data Protection Controller to delete personal data concerning them without undue delay.
Where the controller has made the personal data public and is obliged pursuant to section 32 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform relevant data controllers which are processing the personal data that the individual has requested for deletion
The above will not apply to the extent that processing is necessary:
SECOM Plc will manage all complaints in accordance with the company Complaints Management Policy. All complaints related to personal data will be reviewed, investigated and processed by SECOM Plc Data Protection Officer (DPO).
Complaints regarding the conduct of processing personal data by Secom Plc should be in writing and forwarded to the Data Protection Officer.
An investigation of the complaint will be carried out to the extent that is appropriate based on the merits of the specific case. The Data Protection Officer will inform the data subject of the progress and the outcome of the complaint within a reasonable period.
If the issue cannot be resolved or dissatisfied with the way SECOM Plc has handled your data, you have the rights to lodge a complaint with the Information Commissioner’s Office (ICO), Tel: 0303 123 1113, Website: www.ico.org.uk (https://www.ico.org.uk). However, SECOM Plc would appreciate the chance to deal with your concerns before you approach the ICO details can be found in section 2 of the policy.