Introduction

The Surveillance Group Ltd (TSG) is committed to safeguarding the privacy of our customers, staff, stakeholders and website visitors; in this policy we explain how we will treat your personal information. This policy applies to all users of the website, all customers, all TSG staff and TSG stakeholders. This policy applies to our use of any and all data collected by us in relation to your employment, use of the website and any service rendered.

Who we are

The Surveillance Group Ltd is limited by guarantee and registered at Companies House, number 4246863. The company’s registered office can be found on the web site contact’s page, https://www.thesurveillancegroup.com/contact.

TSG are registered with the Information Commissioners Office:

Registration Number: Z738946X

Date Registered: 21 November 2002 Registration Expires: 20 November 2018

Data Controller: The Surveillance Group Limited

Address:
Brook Court
Whittington Hall
Worcester
WR5 2RX

Purpose and lawful basis for processing

By using our services and website or if you are an employee of The Surveillance Group, you provide TSG with certain information that TSG will process. The purpose for processing this information is to enable TSG to book students onto courses and ease of communication with them. Employees provide details to enable HR and Finance-related activities, such as payroll and administration. At no point will any of the details that you supply to TSG be used for marketing purposes or be passed to any third party company.

The lawful basis for TSG processing this data are as follows:

i) the individual has given clear consent for you to process their personal data for a specific purpose.
ii) the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.

This policy applies to data of which we are considered to be the controller, under the GDPR. In instances where we are acting as a processor, ie acting on behalf of another organisation, it is the controller’s legal responsibility to identify the lawful basis for processing the data. Please contact the GPO for further information – Thomas Hull thull@thesurveillancegroup.com.

You may withdraw such consent at any time by emailing your request to Thomas Hull (DPO) at thull@thesurveillancegroup.com.

Data Collected

Staff/Clients/Students

To ensure the welfare of staff whilst in the employment of TSG and competence to perform their role, we will process their personal data, some of which may be deemed as sensitive under the GDPR. That is to say that we may process data regarding an individual’s physical health, biometric data or commission of a criminal offence. Other typical data we will process are names, addresses and dates of birth which are vital for TSG to process for the day to day running of the company and is classed as personal data as it relates to a living individual who can be identified from that data.

Use of Information Collected

Information collected from staff/clients/students will be used for the purposes specified in this policy. You will be under a contractual obligation to provide us with this.

  • Administration of Human Resources
  • Payroll
  • Staff welfare
  • Security
  • Personal Development
  • Training and competency
  • Referencing
  • Pre-employment screening
  • Course bookings
  • Course payments
  • Administration of courses
  • Administration of clients

Data Sharing

Personal data provided will remain in-house within TSG, and will not be shared externally.

Website

Without limitation, any of the following data may be collected: Information that you provide to us when registering with our website; Information that you provide to us when using the services on our website, or that is generated in the course of the use of those services Information contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication) name; contact information such as email addresses and telephone numbers; IP address (automatically collected); web browser type and version (automatically collected); operating system (automatically collected); a list of URLS starting with a referring site, your activity on this Web Site, and the site you exit to (automatically collected); and Cookie information (see below).

Use of Information Collected

Information collected via this website will be used for the purposes specified in this policy.

  • Administer our website and business
  • Personalise our website for you
  • Enable your use of the services available on our website
  • Supply to you services purchased through our website
  • Send you email notifications that you have specifically requested
  • Provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information
  • Deal with enquiries and complaints made by or about you relating to our website

We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party's direct marketing.

Disclosure

We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this policy.

We may disclose your personal information to any of our employees, professional advisers, suppliers insofar as reasonably necessary for the purposes set out in this policy.

We may disclose your personal information:
to the extent that we are required to do so by law; in connection with any ongoing or prospective legal proceedings; in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)

Source of data

Primarily, our data will be provided to us by the data subject themselves. However, we are contractually required to ascertain details of the last five years residency for each new employee, as well as a consumer check. This information is accrued via third party searches and explicit consent will be gathered to undertake these before they are conducted.

International data transfers

We will not transfer data outside of the EEA.

Rights of Individuals

Rights of Access
You have the right to access your personal data and supplementary information.
The right of access allows you to be aware of and verify the lawfulness of the processing.

Right to rectification
The GDPR includes a right for you to have inaccurate personal data rectified, or completed if it is incomplete.

You can make a request for rectification verbally or in writing to Thomas Hull (thull@thesurveillancegroup.com). You have one calendar month to respond to a request. In certain circumstances TSG can refuse a request for rectification.

This right is closely linked to the controller’s obligations under the accuracy principle of the GDPR (Article (5)(1)(d)).

Right to erasure
The GDPR introduces a right for you to have personal data erased.

The right to erasure is also known as ‘the right to be forgotten’.

You can make a request for erasure verbally or in writing to Thomas Hull (thull@thesurveillancegroup.com).

TSG will have one month to respond to a request.

The right is not absolute and only applies in certain circumstances.

Right to restrict processing
You have the right to request the restriction or suppression of your personal data.

This is not an absolute right and only applies in certain circumstances.

When processing is restricted, TSG are permitted to store the personal data, but not use it.

You can make a request for restriction verbally or in writing to Thomas Hull (thull@thesurveillancegroup.com).

You have one calendar month to respond to a request.

This right has close links to the right to rectification (Article 16) and the right to object (Article 21).

Right to data portability
The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.

Upon request, TSG must move, copy or transfer personal data from one IT environment to another in a safe and secure way, without hindrance to usability.

Right to object
You have the right to object to:
processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

Rights related to automated decision making including profiling
TSG does not utilise any automated decision-making strategies.

Right to complain
All internal complaints or for further information regarding the processing of data, please contact Thomas Hull (Data Protection Officer) at thull@thesurveillancegroup.com or on 01905-767-879.

Alternatively, the Information Commissioners Office can be contacted on 0303 123 1113 or via their website https://ico.org.uk/concerns/.

Data retention

This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.

Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

Notwithstanding the other provisions of this section, we will retain documents (including electronic documents) containing personal data:
to the extent that we are required to do so by law; if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).

To stay in line with the fifth data protection principle TSG/NETWATCH will do the following to ensure that “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

  • review the length of time we keep personal data;
  • consider the purpose or purposes we hold the information for in deciding whether (and for how long) to retain it;
  • securely delete information that is no longer needed for this purpose or these purposes; and
  • update, archive or securely delete information if it goes out of date.

Retention Times

INFORMATION ASSETSRETENTION PERIOD
Company Pay Roll Information6+ years, in line with tax legislation
TSG client accounts7
Third party misc data7
Company Information, financial data and documentation6+ years, in line with tax legislation
TSG certifications3+ years
Employee Information1-3 years in line with data protection act
Staff And Third Party Contracts7 +
TSG Policy Documentation7+
TSG Training document7+
Manned/Unmanned/Brand Protection Reports7+ years, longer if requested by client
2 Databases holding manned/unmanned/brand protection reports.7+ years, longer if requested by client
Exchange server holding emails7 years
Training departments student data7 years
Training departments records7 years
Fleet Inventory listing rented/owned cars/misc7 years

Security of Data

The Surveillance Group Ltd will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information at all times.

Use of Cookies

This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user's computer / device.

Cookies are small files saved to the user's computer’s hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google's privacy policy here for further information [http://www.google.com/privacy.html].

Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

Contact & Communication

Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.

Social Media Platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

Payment Processing

The Surveillance Group's website accepts payments through Realex Payments; a fully PCI DSS compliant payment provider. Your credit card details are never exposed to The Surveillance Group and are never recorded on their servers.

Resources & Further Information

Data Protection Act 1998
Privacy and Electronic Communications Regulations 2003
Twitter Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Linkedin Privacy Policy
GDPR 2018
v.1.0 August 2017 Edited & customised by: The Surveillance Group Ltd. Brook Court, Whittington Hall, Whittington Road, Worcester, WR5 2RX