It is important for us to process and use your data only in accordance with the General Data Protection Regulation (“GDPR”, from the GDPR implementation date) or, until GDPR implementation date, the Data Protection Act 1998, (collectively the “Data Protection Laws”) and your expectations, and to be transparent with you in how we process and use your data.
We are a National supplier providing services, as set out on our website, to our clients. As a private, owned business we are all about supporting our clients’ long-term vision and objectives. We work at the heart of our clients’ businesses, and our sector expertise means we can design innovative service solutions that align with their business strategies.
In connection with the different ways we may interact with you and the various services that we provide, we collect the following categories of data (C=THE SECURITY BENCHMARK category):
C1: Contact information, including name, address, telephone number and e-mail address.
C2: Identity data, including gender and date of birth.
C3: Communication data between you and us, including recordings of calls to our control room or offices, e-mail communication, online chats, comments and reviews collected through surveys or posts on social media platforms.
C4: Digital information data collected when you visit our website, applications or other digital platforms, including IP-addresses, browser data, traffic data, social media behaviour, and user patterns. If you subscribe to our newsletters, we may collect data regarding which newsletters you open, your location when opening them and whether you access any links inserted in the newsletters.
Most of the data that we have about you are provided directly by you. We collect C3 and C4 data from our websites, applications and similar digital platforms.
Description: We use C1, C2 and C3 data to ensure that we can supply the goods, Data or services you have requested us to do so. We may provide such information by electronic or other means.
Legal basis: We use such data as part of our business relationship. Further, we use such data to provide you with other information necessary to fulfil our legitimate interests, including to ensure that we process invoices and to contact you, where necessary, concerning any orders you may place or services you supply to THE SECURITY BENCHMARK.
Disclosure: We may disclose C1 and C2 data to our corporate partners, as they may need this information to communicate with you and to provide support and assistance.
Description: We may use C1, C2 and C4 data to provide you with newsletters from us about our products and services.
Legal basis: Our use of such data is based on our legitimate interests in providing you with relevant information to promote our products and services. You may at any time opt out of receiving such information.
Disclosure: We may process your data to enable us to send you relevant information to promote our products services.
Description: We may use and compile C1, C2, C3 and C4 data for profiling purposes. Profiling is an automated processing of personal data where your personal data is used to evaluate, analyse and predict your preferences, interests and behaviour (profiling). We may use this data to provide you with customised information about services and offers that you may appreciate.
Legal basis: We carry out profiling to fulfil a legitimate interest, which is to customise our services for your benefit. You may at any time object to our use of your personal data for profiling purposes.
Disclosure: We will not disclose the profiles we have generated based on your data to third parties other than any member of our group.
Description: We may carry out video surveillance on premises and store C4 data to prevent crime and ensure your safety.
Legal basis: We carry out video surveillance that is necessary to fulfil a legitimate interest which is to prevent crime and ensure your safety while you are on our premises.
Disclosure: We will not disclose video surveillance footage to third parties unless required by law or on request from authorities.
We will only store your data for as long as it is necessary to fulfil the purpose of the processing of your data.
We will store your C1, C2, C3, C4 data from the point for the duration of our contractual relationship and up to a period of three years after our contractual relationship has ended, if we believe this is necessary to handle potential complaints or claims. We may store your data longer if you wish for us to keep your data and you have consented to this.
We will store C4 data as required by applicable law.
We will store your C1, C2 C3 & C4 data for as long as you wish to receive information and marketing communications from us where necessary.
We store video surveillance footage for a period of 31 days where necessary. The system has an overwrite facility thereafter and all data is deleted. If we deem it necessary to deliver video surveillance footage to the police due to a criminal incident or similar, we may store the video surveillance footage for legal reasons.
THE SECURITY BENCHMARK does not currently provide services outsider of the UK. All our data currently remains in the UK and we do not share this with International processors. However, if this changes we will ensure that your data is adequately protected by the receiving parties in such countries if necessary and approved by you. Adequate protection may typically be to impose on the receiving party contractual obligations that ensure that it maintains the same level of privacy and data security as practised by us. You may ask for further information or a copy of the safeguards that we have in place to ensure lawful transfer of your data where appropriate.
Where you have provided us with your details for marketing purposes, we will not share this with or permit other companies in our network, to contact you about their related products and services without your prior consent.
If we pass your information to non-EEA/International organisations for processing on our behalf, we will ensure the appropriate level of protection is offered to your information, to ensure its protection as per the Data Protection Laws, while taking into account that the non-EEA country may not have equivalent data protection and privacy laws to the EEA.
Finally, if our business or part of it enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
We take appropriate measures to ensure that any personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
Under the General Data Protection Regulation (GDPR), you have a number of important rights. In summary, those include rights to:
- Require us to correct any mistakes in your information which we hold.
- Require the erasure of personal data concerning you in certain situations.
- Receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit the data to third parties in certain situations.
- Object at any time to processing of personal data concerning you for direct marketing.
- Object in certain other situations to our continued processing of your personal data.
- Otherwise restrict our processing of your personal data in certain circumstances.
- Claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
(If you would like to exercise any of those rights, please contact us via the details below.)
If you wish to make a complaint about how your personal data is being processed by THE SECURITY BENCHMARK or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and THE SECURITY BENCHMARK’S data protection representatives. Please see the relevant contact details below.
THE SECURITY BENCHMARK LIMITED, King Edward House, 82 Stourbridge Road, Halesowen, West Midlands, B63 3UP. Email – Info@thesecuritybenchmark.com