Privacy Policy

Last updated: December 2023

Flair Security ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security services or visit our website, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Controller Information

Flair Security is the data controller responsible for your personal data. Our contact details are:

If you have any questions about this Privacy Policy or our data processing practices, please contact us using the details above.

2. Information We Collect

We collect and process the following categories of personal data:

2.1 Information You Provide Directly

  • Contact Information: Name, email address, telephone number, postal address, and business address
  • Service Information: Details about your security requirements, event information, venue details, dates, times, and specific security needs
  • Business Information: Company name, job title, business type, and industry sector
  • Communication Records: Correspondence, emails, phone call records, and meeting notes
  • Payment Information: Billing address, payment method details (processed securely through payment processors), and transaction history
  • Employment Information: If you apply for a position with us, we collect CVs, application forms, references, and SIA licence details

2.2 Information Collected Automatically

  • Website Usage Data: IP address, browser type, device information, operating system, pages visited, time spent on pages, click patterns, and referring website addresses
  • Cookies and Tracking Technologies: We use cookies and similar technologies to enhance your browsing experience and analyse website traffic. For more information, see our Cookie Policy section below
  • Location Data: General location information based on your IP address (not precise GPS location)

2.3 Information from Third Parties

  • We may receive information from business partners, subcontractors, or service providers who refer clients to us
  • Publicly available information from company registers or professional directories
  • Information from SIA (Security Industry Authority) regarding licence verification

3. Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal bases:

  • Contractual Necessity: To perform our contract with you, including providing security services, processing bookings, managing service delivery, and handling payments
  • Legitimate Interests: For business operations, marketing (where you have not opted out), fraud prevention, network security, and improving our services. We balance our legitimate interests against your privacy rights
  • Legal Obligation: To comply with legal requirements, including tax obligations, employment law, health and safety regulations, and SIA licensing requirements
  • Consent: Where you have given explicit consent, such as for marketing communications or non-essential cookies. You can withdraw consent at any time
  • Vital Interests: To protect the vital interests of you or others, particularly in emergency situations

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Provision: To provide, manage, and deliver security services, including scheduling, deployment of security personnel, and service coordination
  • Communication: To communicate with you about services, bookings, changes to services, and respond to enquiries
  • Business Operations: To manage client relationships, process payments, maintain records, and manage accounts
  • Legal Compliance: To comply with legal obligations, including tax, employment, health and safety, and SIA licensing requirements
  • Marketing: To send you information about our services, special offers, and industry updates (with your consent or where we have a legitimate interest and you have not opted out)
  • Website Improvement: To analyse website usage, improve user experience, and enhance our website functionality
  • Security and Fraud Prevention: To protect our business, prevent fraud, and ensure network and information security
  • Recruitment: To process job applications and manage recruitment processes

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party service providers who assist us in operating our business, including IT service providers, payment processors, cloud storage providers, and professional advisors (accountants, lawyers)
  • Security Personnel: Our SIA licensed security officers who require access to service information to perform their duties
  • Business Partners: Subcontractors or partner security companies where services are provided jointly or subcontracted
  • Regulatory Authorities: The Security Industry Authority (SIA), HMRC, and other regulatory bodies where required by law
  • Legal Requirements: Where required by law, court order, or to respond to legal process, or to protect our rights, property, or safety
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not sell your personal data to third parties for marketing purposes.

6. International Data Transfers

Your personal data is primarily processed within the United Kingdom and European Economic Area (EEA). If we need to transfer your data outside the UK or EEA, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), or adequacy decisions. We will only transfer data to countries that provide an adequate level of data protection or where we have implemented appropriate safeguards.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit and at rest
  • Secure access controls and authentication procedures
  • Regular security assessments and updates
  • Staff training on data protection and security
  • Physical security measures for our premises and equipment
  • Regular backups and disaster recovery procedures
  • Incident response procedures

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Client Records: For the duration of our business relationship and for 7 years thereafter for legal and tax purposes
  • Marketing Data: Until you withdraw consent or opt out, or for 3 years from last contact if based on legitimate interests
  • Website Analytics: Aggregated and anonymised data may be retained indefinitely
  • Employment Records: For successful applicants, for the duration of employment plus 7 years. For unsuccessful applicants, for 12 months
  • Financial Records: For 7 years as required by HMRC
  • Legal Claims: For the duration of any legal proceedings and for 6 years thereafter

After the retention period, we will securely delete or anonymise your personal data, unless we are required to retain it for longer by law.

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you (a "data subject access request")
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): You have the right to request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the original purpose or you withdraw consent
  • Right to Restrict Processing: You have the right to request that we limit how we use your personal data in certain circumstances
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller
  • Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes
  • Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects
  • Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time

To exercise any of these rights, please contact us at support@flairsecurity.co.uk. We will respond to your request within one month, though this may be extended by two months for complex requests. We may need to verify your identity before processing your request.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies are small text files stored on your device. We use the following types of cookies:

  • Essential Cookies: Required for the website to function properly. These cannot be disabled
  • Analytics Cookies: Help us understand how visitors use our website. These are anonymised and do not identify you personally
  • Functional Cookies: Remember your preferences and enhance functionality
  • Marketing Cookies: Used to deliver relevant advertisements (with your consent)

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality. For more information about our use of cookies, please contact us.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information promptly.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. For significant changes, we may also notify you by email. We encourage you to review this Privacy Policy periodically.

14. Complaints

If you have concerns about how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority. You can contact the ICO at:

Information Commissioner's Office

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone: 0303 123 1113

Website: https://ico.org.uk

We would appreciate the opportunity to address your concerns first, so please contact us at support@flairsecurity.co.uk before making a complaint to the ICO.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Flair Security

Unit 2a, 349, Green st, London E13 9AR, United Kingdom

Email: support@flairsecurity.co.uk

Telephone: 07379297373

Are you ready to start new project ?

If you have any projects in mind say hello at support@flairsecurity.co.uk or just call us at 07379297373

Get in touch

©2023 Flair Security | Professional SIA Licensed Security Services