PRIVACY POLICY

Version 4

Release Date: 20th June 2018
You can download a copy of this Privacy Policy or view any newer versions on our website: www.zicam-security.co.uk

Zicam Integrated Security Limited takes the privacy of your personal data very seriously. This policy explains how and for what purposes we use the personal data we collect when you:
– Purchase our products or services;
– Contact our sales or support services;
– Visit our website;

(1.) By engaging our services you agree to the personal data you provide to us being used in accordance with this policy and confirm that you have obtained the consent of any data subjects whose personal data you provide to us. Any person disclosing personal data to us must do so in compliance with all applicable data protection laws.

(2.) Why do we need your personal data?
In compliance with the General Data Protection Regulation (GDPR), we are required to specify the lawful basis’s for which we are processing your Personal data:
Personal data will only be processed to enable compliance with legal obligations, fulfilment of contractual obligations or the legitimate interests of the business. Our definition of ‘legitimate interests’ includes any processing required to:
– Design the layout of, install, commission and maintain a CCTV, intruder alarm, access control, fire or any other security system;
– Meet the requirements set by external compliance agencies;
– Allow us to conduct internal compliance checks and maintain internal record keeping;
– Provide support services to our customers following their installation;
– Conduct direct marketing where we have received your explicit consent to do so;

(3.) What personal data do we collect from you?
When you contact us via e-mail, telephone or social media channels, we will collect the following personal data:
– Any information you have provided that enables us to respond to your correspondence: (name, telephone numbers, e-mail address, physical address, company details and any other personal data you supply voluntarily in the body of your enquiry);
When we carry out an installation at your premises, we will also collect the following personal data:
– Any additional information required to provide our services to you: (site address details, site contact details: (name, telephone numbers, e-mail address), key holder contact details: (name, telephone numbers, e-mail address), IP addresses relevant to electronic systems installed by us and system passwords);

(3.1.) What personal data do we collect from our website?
When you visit our website, the following personal data will be collected from you:
– Any information provided on the contact form: (name, telephone numbers, e-mail address, company details and any other personal data you supply voluntarily in the body of your enquiry);

(3.1.1.) What cookies do we run on our website?
Cookies are text files placed on your computer to track visitor use of a website and to compile statistical reports on website activity.
The only cookies we run on our website are:
– Session cookies, for when our employees or our website providers log into the website;
– Analytical cookies that collect anonymised data to provide analytical information about how the website is performing;
The Cookie Control on our website advises that you can set your browser to disable these cookies, and doing so will not disable any of the website features.

(3.2.) How long do we store your data?
In line with the National Security Inspectorate’s recommendation that we retain customers’ personal data for seven years following the termination of a contract, we will retain your personal data for seven years from the date of our most recent communication with yourselves. You are entitled to request that your personal data be deleted before this time if you do not intend to use our services in the future, and you can do so by following the guidance detailed in (9.)

(4.) We record images via. CCTV system within and outside our premises in accordance with the ICO Code of Practice for CCTV. Reasonable technical precautions are in place to ensure
the security of any personal data captured on these recordings, and the footage will be deleted after 31 days, unless it is being used to fulfil legal obligations.

(5.) Provision of the services detailed in (2.) may involve the disclosure of your personal data to auditors, e.g. The National Security Inspectorate and Alarm Receiving Centre.

(6.) We may also disclose personal data to:
– Any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation;
– A third party that purchases or to which we transfer, some, all or substantially all of our assets and/or business;

(6.1.) Depending on the circumstances, the disclosure of personal data (including special category data) may involve a transfer of data outside the European Economic Area (“EEA”).

(7.) When processing your personal data, we have adopted a ‘privacy by design’ approach to ensure the security of your personal data is a high priority across all areas of our business. We take reasonable steps to keep all personal data provided by you secure and will maintain data security procedures designed to protect against loss or compromise of personal data.

(8.) We store electronic data on secure servers within the European Economic Area (“EEA”).

(9.) What are your rights?
– The right to be informed. This is the right to be told how your personal data will be processed. This Policy is intended to provide you with a concise and transparent description of how your personal data may be used.
– The right to access. This right entitles you to contact us to ask for confirmation of what information we hold on you. You can make a Subject Access Request to receive a copy of this personal data. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we have 30 days to comply, or to request an extension of up to 60 further days if the request is complex to fulfil.
– The right to erasure. From 25th May 2018, you can ask for any personal data we hold on you to be erased. We have 30 days to comply, to request an extension of up to 60 further days if the request is complex to fulfil or to advise why we can’t fulfil this request and the lawful basis to justify this.
– The right to rectification. If you believe our records of your personal data are inaccurate, you have the right to ask for those records to be updated.
– The right to restrict processing. This right allows you to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
– The right to data portability. This right enables you to request that we provide a copy of your personal data to yourself or another service provider in a machine-readable format.

(9.1.) To exercise these rights, please send the details of your request to: info@zicam-security.co.uk

(9.2.) Contact details for the Data Controller are as follows: matt.packwood@zicam-security.co.uk

(9.3.) If you aren’t satisfied with our response or believe we are misusing your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can find more information regarding the General Data Protection Regulation (GDPR) on the ‘Information Commissioner’s Office’ website: https://ico.org.uk

(10.) We keep this Privacy Policy under regular review and reserve the right to update from time-to-time by posting an updated version on our website, not least because of changes in applicable law. We recommend that you check this Privacy Policy occasionally to ensure you remain happy with it. We may also notify you of changes to our Privacy Policy by email.

(11.) Should you have any questions regarding this Privacy Policy, please feel free to contact us by:
– Sending an e-mail to: info@zicam-security.co.uk
– Writing to us at: Zicam Integrated Security Ltd
Zicam House
4 Firs Street
Dudley
DY2 7DN