PRIVACY NOTICE – CLIENTS & SUPPLIERS AND WEBSITE USE
Professional Surveillance Management (PSM) Ltd (PSM) respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you deal with us or visit our website and tells you about your privacy rights and how the law protects you.
This privacy notice aims to give you information on how PSM collects and/or processes your personal data from time to time.
PSM is a ‘Data Controller’. This means that we are responsible for describing how we hold and use Personal Data about you. PSM may also from time to time be a ‘Processor’ too, where we are viewing, storing or otherwise accessing images from your CCTV cameras.
A General Data Protection Regulation Procedure (Procedure 7 in our Quality Management System) exists as ensure that we manage your data securely and responsibly. This is available on request.
THE INFORMATION WE HOLD ABOUT YOU
We collect, store and use the following information:
- Your forenames and surname;
- Contact information, including your address, email address and telephone number;
- Details in respect of your authorised users and personnel (which is required to enable us to provide our services);
- Financial information, such as payment-related information, credit references and bank account details;
- Marketing and communications data including your preferences in respect of receiving marketing material from us and your communication preferences;
- Technical information, such as information from your visits to our website;
- Other information relevant to the provision of our services; and
- CCTV Images from your business and/or home premises.
If you are an individual whose Personal Data is processed by us as a result of us providing our services to our clients, we will collect and process a variety of different Personal Data depending on our relationship with you. This may include Personal Data relating, to any of our business clients’ or prospective clients’ officers or personnel, any supplier or purchaser Personal Data including Personal Data relating to their personnel.
If you visit our website, we may automatically collect technical data about your equipment and browsing history. We collect this personal data by using cookies. See our Cookies Policy below for more information.
If you consent to being added to our marketing database we will collect the following Personal Data from you:
- Telephone number;
- Email address; and
- Marketing preferences.
We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising and we will only contact you if we have your consent to do so.
We may use your Personal Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased services from us based on your marketing preferences.
You can ask us to stop sending you marketing messages at any time by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchased.
HOW WE USE THE INFORMATION WE HOLD ABOUT YOU
We will only use your personal data where the law allows us to do so – which includes the following circumstances:
- the provision of services to you;
- where we need to perform the contract we are about to enter into or have entered into with you;
- to manage and administer our relationship with you;
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- where we need to comply with a legal or regulatory obligation;
- to improve our services;
- the processing of CCTV images, for the purpose of crime prevention; or
- where you have given consent to the processing of your personal data for one or more specific purposes including marketing.
Please note that there may be circumstances where we may process your personal data without your knowledge or consent, where this is required or permitted by law.
HOW WE SHARE THE INFORMATION WE HOLD ABOUT YOU
We may from time to time have to share your data with the following:
- the police and the courts;
- regulatory authorities;
- third parties to whom we outsource certain services such as, without limitation: chartered accountants and confidential waste disposal.
- third party service providers to assist us with client insight analytics, such as Google Analytics.
Please note this list is non-exhaustive and there may be other examples where we need to share your Personal Data with other parties in order to provide our services as effectively as we can. Please note that any third parties with whom we share your personal data with will be screened to ensure they respect the security of your data and treat it in accordance with all applicable laws.
We will not sell, distribute or lease your Personal Data to third parties unless we have your consent to do so or we are required by law to do so.
HOW WE STORE AND DESTROY YOUR DATA
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
All personal data is stored on the password protected PSM server within our National Security Inspectorate Gold Level CCTV remote monitoring station.
A Data Loss and Breach section exists in our Contingency Manual to mitigate the risk of software corruption, computer virus, computer theft and breach of firewalls.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Details of retention periods for different aspects of your personal data are set out below and a Quality Management System exists to ensure that all records are retained and disposed of correctly. Documents are retained as follows: