Privacy Policy

Understanding the Purpose of This Document

This privacy statement outlines how Select Security safeguards your personal data, ensuring compliance with UK data protection laws, including the UK GDPR and the Data Protection Act 2018. It applies to all employees, workers, and contractors, detailing how personal information is collected, used, and protected. While this notice is not part of any employment or service contract, it is essential to review it alongside other privacy notices to understand how and why your data is processed. Select Security reserves the right to update this notice as necessary.

Select Security is now part of the Allied Universal group, expanding our reach and capabilities. This updated privacy notice explains how we manage your personal data during the integration of Select Security into the wider Allied Universal group. As the integration progresses, this notice will be regularly reviewed and updated to reflect any changes in our data management practices.

Please read this privacy notice carefully, as it provides essential information about who we are, how and why we collect, store, use, and share your personal information. It also outlines your rights regarding your personal data and explains how you can contact us or relevant supervisory authorities if you have any concerns or complaints.

Select Security, in the course of its working relationship with you, collects, uses, and is responsible for certain personal information about you. As we operate under the UK GDPR, we act as the ‘controller’ of your personal information in accordance with these regulations. The specific entity acting as the controller will typically be your Select Security employer, such as Select Security Secure Solutions (UK) Limited or Select Security Facilities Management (UK) Limited, as outlined in your employment contract. For simplicity, we refer to these entities collectively as “Select Security.”

Select Security is committed to complying with data protection laws, ensuring that the personal information we hold about you is:

1. Used lawfully, fairly, and transparently.
2. Collected for specific, explicit, and legitimate purposes
3. Relevant and limited to what is necessary for processing.
4. Accurate and, where necessary, kept up to date.
5. Stored only as long as required for its intended purpose.
6. Handled securely to protect against unauthorized or unlawful processing, loss, destruction, or damage.

Information We Collect and How We Use It

Types of Information We Collect;

Personal data refers to any information that can identify an individual. This does not include anonymous data, where identifying details have been removed.

We may collect certain Special Categories of Personal Data, including information about your race, ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, health, and biometric data. This data is collected for monitoring purposes or when provided during employment. Additionally, we may gather information on criminal convictions and offences when required for your role or to comply with internal or external vetting standards.

Additional Sources of Personal Data Collection

We also acquire personal information from external sources, including medical professionals, referees for vetting and screening purposes, or third parties who share data with us during your employment.

Utilization of Your Personal Data

This refers to any details that can be used to identify an individual. However, once the information is anonymized and cannot be linked to a specific person, it is no longer considered personal data.

The data we collect and process allows us to fulfill our legal responsibilities as an employer and supports essential business operations. This includes:

• Evaluating Your Qualifications for Employment Before Joining Our Team
• Ensuring Accurate Employment Records and Payroll Processing
• Maintain Emergency Contact Information
• Monitor and Evaluate Your Workplace Conduct and Performance
• Enable Your Participation in Pension Plans and Employee Benefit Programs
• To process statutory payments, including National Insurance contributions, Tax, Statutory Sick Pay, as well as Statutory Maternity, Paternity, and Adoption Pay, while also managing entitlements to parental leave.
• Meet Legal Obligations, Including Debt Repayments
• Facilitate Employee Consultation Throughout Your Employment
• Authorize Payroll Deductions for Union Contributions (If Applicable)
• Facilitate Post-Employment Payments and Authorized Reference Requests
• Oversee and Advance Investigations and Internal Procedures

Sharing Your Personal Information

When We May Share Your Personal Data

Sharing Within the Allied Universal Group

As part of the Allied Universal group, we may share your personal data with other companies within the group when necessary for business and workforce management purposes, including talent development, organizational reviews, and incentive programs. This sharing primarily applies to senior employees. Access to personal data within the group is strictly controlled and granted only on a need-to-know basis, ensuring that only relevant information is shared for specific purposes.

When any Allied Universal group company shares or processes your personal data on our behalf, we ensure they uphold stringent security standards to safeguard your information effectively.

External Data Sharing

We may disclose your personal information to third parties when required by law, to manage our working relationship with you, or for other legitimate business purposes. This may include sharing data for payroll processing, pension schemes, tax and national insurance contributions, statutory payments, employee benefits, and trade union subscriptions where applicable.

Disclosure to Law Enforcement and Authorities

We will share your personal information with third parties only when necessary for legitimate purposes and ensure that only the relevant information is shared for the specific purpose. This may include organizations outside the European Economic Area (EEA) that assist us with providing services, including IT support and email systems hosted on secure data centers globally. In the event of data transfer outside the EEA, we ensure that adequate safeguards are in place to protect your personal data.

We may transfer your personal information outside the UK to other businesses within the Allied Universal group to support specific HR functions, such as talent management, benefits administration, and incentive programs. While this does not apply to all employees, given the global nature of the Allied Universal group, your data may be transferred to locations such as the USA, India, or South Africa for these purposes.

Some of these countries may not have data protection laws that are equivalent to those in the United Kingdom. Although the UK Secretary of State has not formally determined that these countries offer an adequate level of data protection, we are committed to ensuring that any transfer of your personal information is carried out with appropriate safeguards. These safeguards may include mechanisms like Standard Contractual Clauses, as outlined under Article 46 of the GDPR, to help protect your privacy rights and provide you with recourse in the unlikely event of misuse of your personal data.

Requirement for Your Consent

In cases where special categories of your personal data are used, we do not require your consent if the processing is necessary for fulfilling our legal obligations, as outlined in our written policy. However, in certain limited situations, we may seek your written consent to process particularly sensitive data. If this occurs, we will clearly explain the details of the information we wish to collect and the reasons for doing so, allowing you to make an informed decision regarding your consent. Please note that while providing consent may not always be a contractual requirement, failure to give consent could limit the processing activities we can undertake, and we may need to make decisions based on the data available to us.

Data Retention Period: How Long We Keep Your Personal Information.

We retain your personal information only for the necessary duration to meet the purposes for which it was collected, including fulfilling legal, accounting, or reporting obligations. Our Data Retention Policy, which is regularly reviewed, outlines our standard retention periods, though these may vary depending on the type of data.

In certain situations, we may anonymise your personal information, making it no longer identifiable to you. In such cases, we may use this information without further notice. After you are no longer an employee, your personal information will be managed in accordance with our Data Retention Policy and relevant laws and regulations.

Your Data Protection Rights

Under the GDPR, you are entitled to a range of important rights, all of which are free of charge. Depending on the circumstances, you may exercise the following rights:

• We are committed to processing your personal information fairly and transparently. This document outlines how we collect, use, and store your personal data. If you have any questions or concerns regarding this process, please feel free to contact us at info@selectsecurityservices.co.uk
• You have the right to request access to your personal data and obtain certain additional information that this Privacy Notice already covers. If you'd like to request this, please contact us, and we will assist you in obtaining the relevant details.
• You have the right to request correction of any incomplete or inaccurate personal information we hold about you. If you believe any of your data is incorrect, please let us know, and we will promptly make the necessary amendments.
• You have the right to request the deletion or removal of your personal information when there is no valid reason for us to continue processing it. Additionally, you may request erasure if you have exercised your right to object to processing. We will assess your request and take appropriate action in accordance with applicable data protection laws.
• You have the right to object to the processing of your personal information for direct marketing purposes. If you exercise this right, we will cease processing your data for these purposes, and we will respect your preference in line with applicable data protection regulations.
• You have the right to object to decisions made solely based on automated processing, including profiling, that significantly affect you. This includes decisions that have a legal impact or create significant consequences for you. If you exercise this right, we will review the automated decision and consider alternatives where applicable.
• You have the right to object to our continued processing of your personal information in certain situations, where our processing is based on legitimate interests, public interest, or when the processing is necessary for legal claims. We will assess your objection and cease processing your data unless we can demonstrate compelling legitimate grounds to continue processing it or if it is necessary for legal purposes.
• You have the right to request the transfer of your personal information to another organization or party. This right allows you to obtain and reuse your personal data across different services, where technically feasible, and provided the processing is based on your consent or contractual necessity.

You will not be required to pay a fee to access your personal information or exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. In such cases, we may also refuse to comply with your request.

To ensure the security of your personal data, we may ask you to provide specific information to verify your identity before granting access or fulfilling any other rights request. This is to prevent unauthorized access to your personal information. In some cases, we may contact you for additional details to expedite our response.

We aim to address all legitimate requests within one month. However, if your request is complex or if you've made multiple requests, it may take longer. In such cases, we will inform you and provide regular updates on the status of your request.

For more details on each of these rights and the specific circumstances under which they apply, please refer to the UK Information Commissioner’s Office (ICO) guidance on individuals' rights under the General Data Protection Regulation. You can access this guidance at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights

In certain situations, you may be entitled to claim compensation for damages that have been caused by our breach of data protection laws. If you believe that your personal data has been mishandled or misused, and this has resulted in harm or damage, you have the right to seek compensation under the relevant data protection regulations.

If you would like to exercise any of these rights, please:

• Contact us directly through our designated communication channels (e.g., email, phone) provided in this notice.info@selectsecurityservices.co.uk
• Provide the necessary information or documentation to help us verify your identity and process your request accurately.
• Specify clearly which right you wish to exercise and any relevant details pertaining to your request.
• let us know the information to which your request relates.

In the limited circumstances where you may have provided your consent to the collection, processing, and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact info@selectsecurityservices.co.uk. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so under the law.

Protecting Your Personal Information

We implement robust security measures to safeguard your personal information against accidental loss, unauthorized access, or misuse. Access to your personal information is strictly limited to individuals with a legitimate business need to know. Those handling your data will do so in accordance with authorized protocols and are bound by confidentiality obligations.

We have established procedures to address any potential data security breaches. In the event of a suspected breach, we will notify you and the relevant regulatory authorities as required by law.

Data Protection Officer (DPO) Contact Information.

We have designated a Data Protection Officer (DPO) to ensure our adherence to this privacy notice. If you have any questions or concerns about this notice or how we manage your personal data, please reach out to the DPO.

You have the right to file a complaint at any time with the Information Commissioner’s Office (ICO), which is the UK’s supervisory authority for data protection matters.

Updates to This Privacy Notice

This privacy notice was last reviewed and updated on 28 November 2022.

We reserve the right to update this privacy notice as needed. Any updates will be communicated to you through email or other electronic means.

Contact Information

For any questions about this privacy notice or the information we hold about you, please reach out to your local Data Protection Officer or email us at info@selectsecurityservices.co.uk

We are registered in England & Wales under registration number 11364631.