Here at NW Security Group, data privacy and protection are at the heart of all our processes. Our privacy notice aims to communicate these processes which will honour your right to be informed. We intend that the document be informative with direction and guidance with clarity. Our privacy notice aims to inform you of your data protection rights governed by the European Union General Data Protection Regulation (EU GDPR), and how we process your Personally Identifiable Information (PII). The privacy notice will also set out how you can exercise these rights and, of course, how we intend to honour them.
The GDPR has provisions on:
When we collect your personal information, we only collect exactly what is required to provide you with the service you have requested.
We will always notify prior to or at the time of us collecting your data.
If you have placed an order through our e-commerce service, we will only require information to fulfil your request and ensure your goods are shipped to the correct location. This may include your name, personal address or a business address relating to you. We will obviously have to collect financial data to fulfil your order requirements but these details are not retained and are not stored or transmitted through our servers.
In some cases, we may collect contact information like emails and phone numbers. This information will only be used to aid communication and in relation to the service you have requested.
Of course, we may want to send you information regarding our other services and products. We will always ask for your consent first.
We will have to collect your information when you are conducting any training with us. We may have to use this information to prove your attendance and your identity. We may also use this information to provide you with qualifications and certifications.
When recruiting our future security professionals and supporting staff, we may of course process your personal information to help us process your journey to future employment. Of course, if you become a team member then other PII will have to be collected including payroll and emergency contact information.
Whatever the reason for processing your data, we will only retain it if we have to and only to meet operational retention needs.
As with most organisations, we may have to share your data with third party processors. This will only be the case to fulfil a service requirement. An example of this may be passing shipping information to our trusted couriers. Some of our training will be conducted and certified under a particular governing body, again we may have to share your data in order to certificate and for training records.
We can inform you of all our third-party processors should you require this information. What we can assure, is that all our third-party processors will be adhering to the EU GDPR and are setting technical and organisational security measures no less stringent than our own.
They will only process your data for reasons we have originally stipulated. Full communication from them to both us and you will always be the case should they want to process in any other manner.
Our third-party processors understand what they can and cannot do with your data. They fully understand their obligations and the importance of the security of your personal data.
Data security forms part of our service offering. It is therefore of upmost priority that our own technical and organisational security measures are of the highest standard.
We are very proud to boast a Cyber Essentials Plus accreditation. These means that our technical security measures have been examined and have been proven fit for purpose by an external agency. This will continue on an annual basis to ensure our high levels are maintained.
Our organisational security procedures are overseen by our very own expert security and risk management consultants. All our staff are trained in GDPR and Cyber security awareness and we boast a high internal security appetite.
When we supply you with a security system like CCTV, Access control or another similar system, we will advise you regarding end user obligations under GDPR. Generally, this is where full responsibility of PII protection lands with you as the controller.
We may of course offer you a Service Level Agreement (SLA) where processing activities may take place. We will only conduct processing activities where you have directed. We may come in to contact with personally identifiable information in video format or legacy access control data, this may be part of our service support during a system fault or during a maintenance check. Again, this will only be conducted with your consent and with full confidentiality.
All or your personally identifiable information (PII) has been collated in a data mapping exercise. This exercise has identified how your data flows throughout our business including third-party processors. We have mapped the data flow from the time of collection until the data has been stored or destroyed.
We have identified what our legal basis is for processing, we are more than happy to share this information on request.
We periodically assess whether retained data is still of any use, and so therefore destroy data that which we can no longer process with justification.
Most of our legal basis for processing is in the form of \"your consent\", we periodically assess our consent mechanisms to ensure continuous validity and to ensure they are still pursuant to the original reason for processing.
We employ CCTV on our premises in order to prevent, deter and detect crime whilst at the same time for industry product development. Our data may at times capture PII and therefore you can exercise your right to access this data by submitting a Subject Access Request. Please get in touch and we can advise you with this if required. Our video data is not retained after the retention period has elapsed.
Certain 3rd-party services in use on our websites such as TrustPilot (the service reviews system we use) and AffiliateFuture (the service we use to attract online sales via other websites) may place cookies in your browser as you browse our websites. Please consult their cookie policies for further information on this. Cookies collected by Google Analytics may be used by Google to serve appropriate ads to you when you visit other websites which allow this. This is known as 'remarketing'.
We would be delighted to help with your data privacy enquiries.
Please contact our data protection and privacy experts should you need further information.
Please write to us or give us a call:
NW Security Group Limited
Claddagh Business Centre
New Hall Lane
0151 633 2111