1.1. The Sands Security Group Ltd offers security services to a wide range of customers in a variety of industries. In the framework of its activities, The Sands Security Group Ltd sometimes collects, holds, discloses or otherwise processes personal data.
1.3. If you have any other question or a request in relation to the processing of your personal data, you may contact us at any time in writing at the address indicated above.
2. General data protection principles that we abide to
2.1. The Sands Security Group Ltd highly value and respect the privacy and the security of your personal data. Personal data means any information relating to an identified or identifiable natural person (the ‘data subject’).
2.2. In the framework of our activities, The Sands Security Group Ltd aims to ensure, at all times, that personal data is:
· processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’);
· collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
· adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
· accurate and, where necessary, rectified or kept up to date (‘accuracy’); kept in a form which permits identification of the data subjects for no longer than is necessary for the purposes for which the personal data is processed (‘storage limitation’);
· processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
2.3. Processing of your personal data will only be performed for achieving specific legitimate purposes (see title 5 below, ‘Purposes of the processing: Why do we process your personal data’) and when justified on the basis of a valid legal ground (see title 6 below, ‘Legal Basis for the Processing of Your Personal Data’).
3. What categories of data do we process?
3.1. The Sands Security Group Ltd may have to collect or otherwise process the following personal data:
· your name;
· your address, email, phone number or other contact details; your language preferences;
· information about the use you make of our products or services.
3.2. Depending on the product or service you are interested in, you may also be asked to provide us with the following information:
· bank account details;
· insurance, financial, credit or bankruptcy history.
4. How do we collect your personal data?
4.1. When providing our services to you, we may collect or receive your data via different channels:
· via written forms;
· via the internet, including our website, online forms or emails;
· via telephone contact;
· in person to person contact.
4.2. We may receive your personal data directly from you, from a business partner or from publicly available information. The Sands Security Group Ltd will only disclose or receive personal data from a third-party in compliance with the applicable data protection legislation. For more information in this respect, please refer to the title 7 “To whom may we disclose your personal data?”.
5. Purposes of the proceeding: Why do we process your personal data?
5.1. The collection and processing of the above-listed types of personal data is necessary for us to achieve specific legitimate purposes in the conduct of our business activities. In particular, we process your personal data for the following purposes:
· to provide you our services;
· to improve our services and products;
· for customer administration, for example to answer requests or questions from customers, customer satisfaction surveys, or manage complaints on a service;
· for supplier administration;
· for administration and management of personnel and intermediaries;
· for management of commercial relationships with third parties;
· for administrative purposes within The Sands Security Group Ltd Group;
· for back-up or archiving purposes;
· to respect our legal obligations the authorities or in the framework of judicial proceedings;
· for statistical research or market research;
· for (direct) marketing purposes;
· for combating fraud and other crime;
· for dispute management;
· to protect society, our industry sector or The Sands Security Group Ltd;
· for account management;
· for credit approval and management;
· for global overview of clientele;
· for brokerage / agency services;
· for management of personal insurances;
5.2. The Sands Security Group Ltd commits not to process or further process your personal data in a manner that is incompatible with the above mentioned purposes.
6. Legal basis for the processing of your personal data
6.1. The Sands Security Group Ltd commits to process your personal data lawfully, i.e. relying on one of the valid legal bases, as explained below.
6.2. Your personal data will primarily be processed when necessary for the performance of the contract concluded between you and us, or in order to take steps at your request prior to entering into a contract.
6.3. Your personal data might be processed based on your consent. In that case, we will always ensure to have received your free, specific, informed and unambiguous consent.
6.4. Your personal data might be processed based on the legitimate interests pursued by us for example, for administrative purposes, or for the purpose of research and development.
6.5. Your personal data might be processed because it is necessary for compliance with a legal obligation which we are subject to.
6.6. Your personal data might be processed because it is necessary in order to protect somebody’s vital interests (e.g. in case of accidents or incidents), or because necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
7. To whom we may disclose your personal data?
7.1. Please note that The Sands Security Group Ltd may disclose your personal data to, our agents, representatives or other intermediaries in order to achieve one of the above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’).
7.2. Other recipients of your personal data may also include our service providers or business partners, such as:
· IT service providers;
· marketing services providers;
· claims management service providers;
· analytic consultants;
· data storage service provider;
· research and development organisations;
· professional advisers;
· if The Sands Security Group Ltd purchase or sell a company or company assets, The Sands Security Group Ltd may disclose your personal data to a potential buyer or seller of such company or company assets;
· if The Sands Security Group Ltd or a substantial part of The Sands Security Group Ltd assets is acquired by a third party, your personal data may be disclosed to that third-party buyer;
7.3. In some specific circumstances, we may also disclose your personal data to government, public authorities, statutory or regulatory bodies and enforcement bodies, when compelled to do so.
7.4. The Sands Security Group Ltd will only disclose your personal data to parties providing sufficient guarantees to ensure the protection of your data and the realisation of your rights as data subject (see title 10 below, ‘What are your rights as data subject?).
8. How long do we store your personal data?
8.1. The Sands Security Group Ltd undertake to comply with the storage limitation principle. In that perspective, we will not store your personal data for longer than necessary for the performance of our contract and/or for achieving one of the other above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’). Please notice that The Sands Security Group Ltd may also be legally obliged to store your personal data for a minimum time period to comply with statutory requirements.
8.2. We will perform regular checks to identify personal data which no longer serve any purpose in order to delete them or otherwise anonymize them.
9. What are your rights as a data subject?
9.1.You have right to control the way your personal information is used, as listed below.
9.2. Your rights as data subject are:
· The right to access: you may at any time request to access your personal data. Upon request, we will provide a copy of your personal data undergoing processing. For any further copies, we may charge a reasonable fee based on administrative costs. If you request a copy of your data by electronic means, and unless otherwise requested, we will provide you all relevant information in a commonly used electronic form.
· The right to rectification: you have the right to obtain from us, without undue delay, the rectification or completion of any inaccurate or incomplete personal data concerning you.
· The right to be forgotten: you may request us to delete (part of) your personal data in the following situations:
o when the processing was based on your consent and you have decided to withdraw that consent;
o when your data are no longer necessary for achieving the purposes for which they were collected or otherwise processed;
o when you objected to the processing of your data for direct marking purpose;
o when you objected to the processing of your data (see ‘right to objection’ below), and it appeared upon verification that your rights, freedoms or personal interests prevail over our legitimate interests;
o when your personal data have been unlawfully processed (e.g. because your consent was not validly obtained);
o when your personal data have to be erased in compliance with a legal obligation to which The Sands Security Group Ltd is subject.
· The right to object: you may object at any time to the processing of (part of) your personal data when used for profiling or direct marketing purposes. You may also object to the processing of your personal data, when such processing is based on our legitimate interests. In that latter case, we will no longer process your personal data, unless we have compelling legitimate grounds to do so, or because such a processing is necessary in the establishment, exercise or defence of a legal claim.
· The right to restriction of processing: you may in any case request from us to restrict the processing of your personal data in the following situations:
o when contesting the accuracy of your data;
o when the processing appears to be unlawful;
o when we no longer need your personal data for the purposes of the processing; or
o pending verification whether our legitimate grounds override yours in the framework of an objection.
If you exercise your right to restriction of processing, we will only be allowed to process your data with your consent, with the exception of storage.
· The right to data portability: upon request, you have in some cases the right to receive all your personal data in a structured, commonly used and machine-readable format, in order to transmit those data to another entity. Where technically feasible, you may also request from us to transfer your personal data directly to this other entity. Your right to portability may be denied to the extent that it has an adverse effect on the data protection rights of other individuals.
· The right to withdraw your consent: when processing is based on your consent, you remain free at all time to withdraw your consent. To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make to exercise your data protection rights.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
9.3. In case of issue in relation to your personal data or other privacy concern, you may also lodge a complaint with the Information Commissioner’s Office (ICO).
10. How do we ensure the security of your personal data?
10.1. The Sands Security Group Ltd highly value the security of your data.
We, at The Sands Security Group Ltd, take all the necessary administrative, technical and organisational measures to ensure the security and confidentiality of your personal data and to protect your personal data against unauthorised or accidental access, loss, misuse, disclosure, alteration or destruction.
10.2. Prior to disclosing your personal data to a third-party / data processor, we will always ensure that this third-party / data processor offers an adequate level of security.