Summary

We are Sentinel Fire and Security Solutions Limited, a fire and security company who specialise in installation and maintenance of fire, security and technology enabled care services throughout England. We are incorporated and registered in England with registration number 10072843 and our registered office is 1 Brixey Business Park, 18-26 Fancy Road, Poole, England, BH12 4PZ. Our VAT Number is GB239535583.

Sentinel Fire and Security Solutions Limited is the controller of and is responsible for your personal data. When we mention “we”, “us” or “our” in this privacy policy, we are referring to Sentinel Fire and Security Solutions Limited.

We are committed to protecting and respecting your privacy and protecting your personal data.  We have produced this document to help you understand what personal data we collect about you, how we use that data, and to give you clear and transparent guidance on your rights. This document covers the following areas:

1……… The data we collect about you
2……… How we collect your personal data
3……… How we use your personal data
4……… Promotional Communications
5……… Who we share your personal information with
6……… How long your personal information will be kept
7……… International transfers of your personal data
8……… Your rights
9……… Keeping your personal information secure
10……. How to complain
11……. Contact details

This privacy policy aims to give you information on how we collect and process your personal data through your use of this platform and website, including any data you may provide when you purchase a product or service from us, sign up to our newsletter or take part in a competition.

The website, www.sentinelfs.co, (the “Website”) is not intended for children and we do not knowingly collect data relating to children.

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the Data Protection manager using the details set out in section 11 below.

1.    The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you.

  • Identity Data: includes your first name first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, as well as employment history, educational or professional background, tax status, employee number, job title and function.
  • Contact Data: includes phone numbers, delivery address, billing address, residential address, and company details.
  • Transaction Data: includes your information about payments to and from you, details of products and services you have purchased from us.
  • Business Information including information provided during the contractual or client relationship between you or your organisation and us, or otherwise voluntarily provided by you or your organisation, as well as information available from public sources.
  • Technical Data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data: includes your username and password when you create an account to access our online platform, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage Data: includes information about how you use our website, Business Information including information provided during the contractual or client relationship between you or your organisation and us, or otherwise voluntarily provided by you or your organisation, as well as information available from public sources.
  • Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Aggregated Data. We may also collect, use and share Aggregated Data such as statistical or demographic data, for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data.

We do not collect any “Special Categories of Personal Data” about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you provide information to us about any person other than yourself, such as your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

2.    How we collect your personal data

Generally, we collect your personal information directly from you – in person, by telephone, text email and through your use of our website. In particular, this may occur in the following circumstances:

  • when you or your organisation seek our products and services or use any of our online services;
  • when you correspond with us by phone, email or other electronic means, or in writing, or when you provide other information directly to us, including to our consultants and staff;
  • when you subscribe to our service or publications;
  • when you enter a competition, promotion or survey; and
  • when you give us feedback or contact us.

We may also collect information about you indirectly, including:

  • from publicly accessible sources, e.g. Companies House or HM Land Registry;
  • from third parties with your consent, e.g. your bank or building society;
  • from cookies saved by our website in your browser (for more information on our use of cookies, please see our Cookie Policy;
  • through our IT systems monitoring your interaction with us, e.g. automated monitoring of your interaction with our websites and other technical systems, such as our computer networks and connections, communications systems, email and instant messaging systems;
  • through our IT systems monitoring your conduct on our premises, e.g. reception logs, CCTV and access control systems; and
  • we also collect information of site manager’s such as contact details, working hours from our client when providing a service at their premises.

We use Google Analytics, a web analytics service provided by Google. Google Analytics uses tracking codes and cookies to analyse how visitors use the website. The information generated by Google Analytics about you is transmitted to and stored by Google on servers in the US. Google participates in and has certified its compliance with US Privacy Shield. For further information about Google’s privacy, please see their Privacy policy.

3.    How we use your personal data

Under data protection law, we can only use your personal information if we have a proper reason for doing so, for example:

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

Generally, we do not rely on consent as a legal basis for processing your personal information although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the rules set out in this section, where this is required or permitted by law.

We will use your personal information for the following purposes and on the following grounds:

  • On the basis of fulfilling our contract with you or entering into a contract with you on your request, in order to:
  1. register you as a new client and update our client records;
  2. register you as a new supplier and update our supplier records;
  3. process and deliver your order, including sending you updates and managing payments, fees and charges;
  4. manage your subscriptions and user accounts;
  5. deal with and respond to requests, enquiries and complaints;
  • On the basis of our legal obligations, we process your personal information when it is necessary:
  1. for compliance with tax, accounting and other applicable law and obligations which we are subject to;
  2. for managing your statutory rights; and
  3. for ensuring security of your personal data by preventing unauthorised access to it.
  • On the basis of our legitimate interest, we will use your personal information for:
  1. allowing effective performance of our business by ensuring necessary internal administrative, commercial, and security processes (including in finance, controlling, business intelligence, legal & compliance, information security);
  2. collecting and recovering money you owed to us;
  3. asking you to provide feedback, leave a review or take a survey;
  4. sending you information about and enabling you to participate in events (including online events) organised by us (with or without another party), including seminars and training; leisure, sports and/or charity events; prize draws and competitions; and surveys, marketing campaigns, market analysis or other promotional activities;
  5. communicating with you and keeping you up-to-date on the latest developments, announcements, and other information about our services and solutions (including briefings, newsletters and other information), events and initiatives;
  6. promoting (including by delivering advertisements) and making suggestions and recommendations to you (including by email or when you visit our website) about products and services that may be of interest to you, as well as to personalise content you see on our website, and measuring and analysing the effectiveness of the promotions and suggestions we serve you;
  7. using statistical data analytics about your use of our website to improve the website, our services, marketing, customer relationships and experiences;
  8. preventing unauthorised access and modifications to systems;
  9. carrying out and dealing with security-related tasks, such as troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data;
  10. allowing interoperability within our applications; and
  11. establishing, exercising and/or defending our legal rights.
4.    Promotional Communications

We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services, including exclusive offers, promotions or information about new products and services.

We have a legitimate interest in processing your personal information for promotional purposes (see above). This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

We will not sell your personal information to or share it with other organisations for marketing purposes, except where we remain the controller of your personal information and share it with third parties who act as a data processor on our behalf and only process the personal information on our instructions and for the purposes set out above.

You have the right to opt out of receiving promotional communications at any time by contacting us or using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and services in the future, or if there are changes in the law, regulation, or the structure of our business.

5.    Who we share your personal information with

We routinely share personal information with service providers whom we use to help deliver our products and services to you, such as security providers, site contacts and contractors, payment service providers, warehouses and delivery companies. We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you.

We may also share personal information with:

  1. Logistic Providers. For example, when a purchase is made, we may share your name, delivery address and email address with third parties in order to enable shipment of goods.
  2. credit reference agencies who may, for example, supply anti-fraud and credit-insight information to us;
  3. social media companies and our advertising partners. For example, we might match your email address with Facebook and Twitter to enable us to run promotions on their platforms;
  4. legal and regulatory authorities. For example, we may need to share your information with the Solicitors Regulation Authority or the Legal Ombudsman if we are providing legal services to you;
  5. our professional advisers such as our lawyers or auditors when they need to give us their professional advice;
  6. public authorities, agencies and other government bodies. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations; and
  7. potential corporate buyer. We may also share some personal information in the case of transfer of some or all of our business, during re-structuring or change of ownership of the business. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

We use Microsoft Teams and Microsoft OneDrive as our communication and hosting providers and they store your data on their servers. We use these services to enable external and internal communication to and from us and to enable us to store information about you for business purposes. For further information on Microsoft and how they handle your data, please visit their website: www.privacy.microsoft.com/en-us/privacystatement.

Your personal information may be held at our offices and those of our third-party agencies, service providers, representatives and agents as described above. Some of these third parties may be based outside the UK. For more information, including on how we safeguard your personal information when this occurs, see Section 8 below.

6. How long your personal information will be kept

We will keep your personal information while we are providing products and services to you. Thereafter, we will keep your personal information for as long as is necessary:

  1. to respond to any questions, complaints or claims made by you or on your behalf;
  2. to show that we treated you fairly; and
  3. to keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. By law we must keep basic information about our customers (including Identity, Contact, Financial and Payment Data and Business Information) for six years after they cease being customers. If you want to learn more about our specific retention periods for your personal information, please contact us.

When it is no longer necessary to retain your personal information, we will securely destroy your personal information in accordance with applicable laws and regulations. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

7. International transfers of your personal data

If, to deliver our services to you, it is necessary for us to share or transfer your personal information outside the UK or European Economic Area (EEA), then some additional safeguards will apply.

Where we need to make a transfer of this nature, we will only do so if such a transfer is safe and your personal information will be secure.

This means that when we transfer your personal information outside the UK or EEA we will only do so where (i) there are Binding Corporate rules in place; or (ii) the country where we are making the transfer to a country deemed by the UK government or, where the EU GDPR applies, European Commission to have an adequate level of protection in place for your personal information; or (iii) if there is no adequacy decision, where we have contractual arrangement with the service provider containing protections for your personal information (the EU Commission approved Standard Contractual Clauses, for example) or (iv) where the service provider is part of an approved scheme (Privacy Shield, for example).

Please contact us if you want further information on the mechanisms used by us when transferring your personal information out of the UK or EEA.

8. Your rights

Under the applicable data protection laws, you have several rights, as set out below:

  1. Right to access your personal information. You may request confirmation that we hold personal information about you, as well as access to a copy of any such data.
  2. Right to rectification. You may ask us to correct any inaccurate information we hold about you.
  3. Right to erasure (or Right to be forgotten). You may, in certain circumstances, ask us to delete your personal information.
  4. Right to restriction. You may ask us to restrict the processing of your personal information if (i) you want us to establish the accuracy of the information, (ii) where our use of the information is unlawful but you do not want us to erase it, (iii) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims, or (iv) you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use it.
  5. Right to portability. You may request the receipt of the personal information that you have provided to us, in a structured, commonly used and machine-readable form, or its transfer to another organisation.
  6. Right to object. You may object to our processing of your personal information (i) at any time when your personal information is being processed for direct marketing, or (ii) where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  7. Right not to be subject to automated individual decision making. You have the right not be subject to a decision based solely on automated processing (or profiling) that produces legal effects concerning you or similarly significantly affects you.
  8. Right to withdraw consent. Where our processing of your personal information is based on your consent, you may withdraw this consent at any time, although this will not affect the lawfulness of any prior processing where we relied on your consent.
  9. Right to make a complaint. You may make a complaint about our processing of your personal information by contacting us via the contact details set out in this privacy policy. While we hope that we would be able to address any issues you have in respect of this processing, you may also make a complaint to the UK’s data protection regulator (see below).

For further information on each of these rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation available via the following link: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

If you would like to exercise any of these rights, please contact us using our contact details set out below.

You will not have to pay a fee to access your data or to exercise any of the other rights. However, we may charge a reasonable fee of your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

9. Keeping your personal information secure

We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed unlawfully, altered or disclosed. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

10. How to complain

We hope that we can resolve any query or concern you may raise about our use of your personal information.

The applicable data protection laws also give you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.

11. Contact details

If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager in the following ways:

Full name of legal entity: Sentinel Fire and Security Solutions Limited

Email address: Privacy@sentinelfs.co

Postal address: 1 Brixey Business Park, 18-26 Fancy Road, Poole, England, BH12 4PZ

Telephone number: 0333 012 4302

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.