Privacy Policy

Our full privacy policy is explained below, but the main points to note are:

  • We will only ever ask for what we really need to know.
  • We will collect and use the personal data that you share with us transparently, honestly and fairly.
  • We will always respect your choices around the data that you share with us and the communication channels that you ask us to use.
  • We will put appropriate security measures in place to protect the personal data that you share.
  • We will never sell your data.

Who are we?
Definitive PSA Limited t/a Secure24, TSG, Definitive Security, is committed to safeguarding your privacy. This Privacy Policy (“Policy”) sets out our data collection and processing practices and your options regarding how your personal information is used.

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website and requesting services, you’re agreeing to be bound by this Policy.

The provision of your personal data to us is voluntary. However, without providing us with your personal data we may be unable to process a service request.

1. How we use the information to help us run Secure24 effectively.
We may use your information to:

  • process service requests;
  • carry out our duties arising from any agreements you have entered into by you and us;
  • notify you of changes to our organisation;
  • process a job application.
  • Conduct research into the impact of our services;

2. What information do we collect?
The type and amount of information we collect depends on why you are providing it. We will usually ask you for your name, email address and information about your organisation, including name of organisation and region.

However, we may request other information where it is appropriate and relevant, for example if we are processing a service request you have submitted. Additional information may include but won’t be limited to:

  • details of why you have decided to contact us
  • information about your computer and about your visits to and use of our website including your IP address, geographical location, browser type, referral source, length of visit and number of page views;
  • If you are a job applicant, the information you are asked to provide is as set out in the application and necessary for the purposes of considering the application.
  • Any other information shared with us in relation to the different purposes set out at clause 1

Do we process sensitive personal information?
Applicable law recognises certain categories of personal information as sensitive and therefore require more protection, including health information, ethnicity and political opinions. In limited cases, we may collect sensitive personal data about you. We would only collect sensitive personal data if there is a clear reason for doing so; and will only do so with your explicit consent.

3. Communications and marketing
Where you have provided us with your physical address, we may contact you by post; and where you have provided appropriate consent, also by telephone and e-mail, with targeted communications to let you know about our activities that we consider may be of particular interest.

4. Children’s data
We do occasionally process data of persons under the age of 16. If we come to discover, or have reason to believe, that you are 15 and under and we are holding your personal information, we will delete that information within a reasonable period and withhold our services accordingly.

5. Security of and access to your personal data
We endeavor to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure or of access to your personal information;

  • Your information is only accessible by appropriately trained staff, and contractors.
  • The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.
  • While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
  • As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant UK and EU legislation.
  • Otherwise than as set out in this Privacy Policy, we will only ever share your data with your informed consent.

6. Your rights and how consent works
You have a choice about whether or not you wish to receive information from us. If you do not want to receive communications from us, then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.
Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for direct marketing purposes or to be unsubscribed from our email list at any time. You also have the following rights;

  1. Right to be informed – you have the right to be told how your personal information will be used. This Policy and other policies and statements used on our website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.
  2. Right of access – you can write to us to ask for confirmation of what information we hold on you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we have 40 days to comply. As from 25 May 2018, we will have 30 days to comply.
  3. Right of erasure – as from 25 May 2018, you can ask us for your personal information to be deleted from our records. In many cases we would propose to suppress further communications with you, rather than delete it.
  4. Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.
  5. Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
  6. Right to data portability – to the extent required by the General Data Protection Regulations (“GDPR”) where we are processing your personal information (i) under your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact or (iii) by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.

To exercise these rights, please send a description of the personal information in question using the contact details in section 14 below.
Where we consider that the information with which you have provided us does not enable us to identify the personal information in question, we may ask you for (i) personal identification and/or (ii) further information.

Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you consult ICO guidance

You are further entitled to make a complaint about us or the way we have processed your data to the Information Commissioner’s Office (“ICO”). For further information on how to exercise this right, please see the guidance from the ICO.

9. Lawful processing
We are required to have one or more lawful grounds to process your personal information. Only 4 of these are relevant to us:
i. Consent
We will ask for your consent to use your information to send you electronic communications such as newsletters and marketing and fundraising emails, for targeted advertising, and if you ever share sensitive personal information with us.
ii. Contractual relationships
Most of our interactions with subscribers and website users are voluntary and not contractual. However, sometimes it will be necessary to process personal information so that we can enter contractual relationships with people. For example, if you apply for employment or to volunteer with us, or if you purchase something via our online shop.
iii. Legal obligations
sometimes we will be obliged to process your personal information due to legal obligations which are binding on us. We will only ever do so when strictly necessary.
iv. Legitimate interest’s
Applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights).

We will rely on this ground to process your personal data when it is not practical or appropriate to ask for consent. When we use your personal information, we will consider if it is fair and balanced to do so and if it is within your reasonable expectations. We will balance your rights and our legitimate interests to ensure that we use your personal information in ways that are not unduly intrusive or unfair in other ways.

10. Data retention
In general, unless still required in connection with the purpose(s) for which it was collected and/or is processed, we remove your personal information from our records five years after the date it was collected. However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you ask us to delete it we will remove it from our records at the relevant time.
In the event that you ask us to stop sending you direct marketing/fundraising/other electronic communications, we will keep your name on our internal suppression list to ensure that you are not contacted again.

We review our retention periods for personal information on a regular basis (see item 11 of this Privacy Statement). We are legally required to hold some types of information to fulfil our statutory obligations (for example the task forms). You can request to remove your personal information at any time by emailing the appropriate brand operations team;
opertaions@tsg-ea.org.uk
operations@secure24.org.uk
operations@definitivesecurity.org.uk

11. Policy amendments
We keep this Privacy Policy under regular review and reserve the right to update from time-to-time by posting an updated version on our website, not least because of changes in applicable law. We recommend that you check this Privacy Policy occasionally to ensure you remain happy with it. We may also notify you of changes to our privacy policy by email.

12. Third party websites
We link our website directly to other sites. This Privacy Policy does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

13. Updating information
You can check the personal data we hold about you, and ask us to update it where necessary, by emailing us the appropriate brand operations team;
opertaions@tsg-ea.org.uk
operations@secure24.org.uk
operations@definitivesecurity.org.uk

14. Contact
We are not required by law to have a “Data Protection Officer” – however we have a Data Protection Manager. Please let us know if you have any queries or concerns whatsoever about the way in which your data is being processed by either emailing the Data Protection Manager at
opertaions@tsg-ea.org.uk
operations@secure24.org.uk
operations@definitivesecurity.org.uk

Or, by writing to us at the following address;
Secure 24
Unit 7 The felbridge Cenre
Willard Way
East Grinstead
West Sussex
RH19 1XP