Seccom Group is committed to meeting our legal requirements with respect to Privacy for all who access and use our websites and services (Seccom Group is a trading name of GDPR Auditing Limited). Under the General Data Protection Regulation the UK General Data Protection Regulation and Data Protection Act 2018, we must comply with certain requirements that are designed to ensure that any personal data you provide to us is processed with due care and attention, and that you as an individual are aware of and know how to exercise your rights with respect to any personal data you trust us with.
What data do we collect and why?
Seccom Group collects the personal information that you provide when you enter your details into the Contact Us form, we will also receive some personal information if you email us directly.
On the contact form we collect the following details:
- Name – so we know who to get back to
- Email address – so we know how to email you
- Phone number (optional) – should you want us to call you back
- Message – the message you provide so we can address your request
Contact via Email:
We have no control over what you might put in a message, we will however, have at least the email address you mailed us from and what you put into the message. We recommend that you keep any personal details sent to us to an absolute minimum.
How we use your information
This privacy notice tells you what to expect when Seccom Group collects personal information. It applies to information we collect about:
- visitors to our websites;
- people who enquire about or use our services;
- people who email us.
Visitors to our websites
When someone visits any of our websites we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the sites. This information is only processed in a way which does not identify anyone.
We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our websites, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
People who Purchase or Contract with us for a Service
If you enter into an agreement with us for services, we collect enough information to enable us to process your order and/or provide you with the services you require. We collect and process this information using the ‘performance of a contract’ legal basis so that we may provide the services to you.
Unless you have specifically opted in to receive information about products and services from Seccom Group and or GDPR Auditing Ltd. during the contract negotiation and sign off process we will not send you any communication other than what is required for the supply of the service, these messages may include details about new products and features available.
We keep this data for as long as we are providing the service to you, after you have stopped using the service(s) we keep the data for 12 months, then we anonymise it removing any personal information. Any data classified as financial that we are required to keep will be retained according to UK HMRC rules, currently 6 years plus current year.
Using our eLearning Platform
If you are registered with and or using our eLearning platform to undertake training and or education your personal information will have been provided to us by your employer or organisation acting in a similar capacity.
In this instance we are acting as a data processor and only hold information about you that belongs to the data controller. Your organisation who contracts with us.
If you wish to exercise any of your personal data rights please contact the relevant person or department in your organisation.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with company policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
If we consider the contents of an email to contain personal data we have not requested or more detail than we need then we will delete some or all of it immediately and request another with less personal details, or no personal details.
By submitting personal data to us by way of an email or an enquiry you necessarily consent to us using that information to contact you in return to complete that enquiry. We do not use that data for any other purpose. For the avoidance of doubt the legal basis for processing your enquiry is ‘consent’.
If you agree to allow us to send you information about Seccom Group Products and Services by opting into that service, you do that on the basis of ‘consent’.
Who we Share Information with
Your information may be shared with any of our consultants, associate consultants, or Group or Member Companies, for the provision of services only. Seccom Group remains the controller of the information. We do not share your information with anyone else. If for some reason we did need to share your information further we will inform you directly or amend this policy to reflect those changes.
Our eLearning platform is developed and hosted on European Systems with a provider who has a US parent company. Our hosting agreement is based on standard contractual clauses with supplementary measures which ensure that within reason US Government and Security Services are unable to access our data even if requested from the US parent company.
Otherwise Seccom Group is a UK company and all other systems and services are provided from the UK.
For more information contact firstname.lastname@example.org.
Notification of Changes
Any policy changes, either due to business reasons or future changes in legislation will be posted on this page and, if material, may be promoted on the relevant websites or through e-mail notification.
Your rights as an individual in respect of the data we hold
We respect the rights and freedoms of individuals and as such we would like to make you aware of the following.
Depending on the lawful basis for processing your personal data you are able to exercise some or all of the following rights:
- Request access to your data
- Request rectification of your data where there are errors or inaccuracies, or the data is not current
- Request that the data we hold is removed entirely from our systems (the right to have data removed is only applicable where it does not conflict with our legal and regulatory requirements to keep certain records according to the data retention period)
- Request us to restrict processing of your data
- Object to our processing of your data
- Request your data in a format that is commonly used/accepted
- Send your data to another controller
- Withdraw consent already provided – at any time
You also have the right to complain to this organisation as detailed within the ‘Complaints or Queries’ section of this Policy.
To exercise your rights above please contact Seccom Group using any of the methods described under How to Contact us.
You also have the right to lodge a complaint with a supervisory authority, see Complaints or Queries below.
Complaints or Queries
Seccom Group tries to meet the highest standards when collecting and using personal information and take any complaints we receive about this very seriously.
We encourage people to bring to our attention, if they think that our collection or use of information is unfair, misleading, or inappropriate.
If you wish to complain about this policy or any of the procedures set out in it please contact: email@example.com.
If for any reason you believe that Seccom Group is not in full compliance with the GDPR, UK GDPR or Data Protection Act 2018 or that a request or complaint has not been properly dealt with you have the right to lodge a complaint with the relevant supervisory authority, in the UK this is the ICO.
https://ico.org.uk/concerns/handling/ or call the ICO on 0303 123 1113.
Seccom Group is a trading name of GDPR Auditing Limited whose registered office is:
47 The Lanes
Company number: 5435232
VAT Number: 944569581
Last updated 4th December 2020
To find out more about us or our services please email us at firstname.lastname@example.org or send us a message using the form below.