• Business Hours: Monday – Friday: 8:00 AM – 6:00 PM
Request A Call Back
Request A Call Back
logotype

# Privacy Notice

*Last updated: 4 November 2025*

This Privacy Notice explains how **TRIPLEGUARD SECURITY SERVICES LIMITED** (“we”, “us” or “our”) collects and uses personal data, and the choices and rights available to you.

**Who we are**
Registered name: TRIPLEGUARD SECURITY SERVICES LIMITED
Company number: 16676280 (England & Wales)
Registered office: 22 Malyon Road, Hadleigh, Ipswich, England, IP7 6RE
Trading names: *Triple Guard Security Services* (if used)
Website: [https://tripleguardsecurityservices.co.uk/](https://tripleguardsecurityservices.co.uk/)

**How to contact us about privacy**
Email: *[[[email protected]](mailto:[email protected])]*
Postal: Privacy Team, TRIPLEGUARD SECURITY SERVICES LIMITED, 22 Malyon Road, Hadleigh, Ipswich, England, IP7 6RE
We have not appointed a Data Protection Officer. If you have questions about this notice or how we handle your personal data, please contact us using the details above.

## 1) When we act as controller vs processor

* We are the *controller* for personal data we collect for our own purposes (e.g., website enquiries, customer administration, our own CCTV on our premises, recruitment and HR).
* When we provide services to clients (e.g., manned guarding, key holding, mobile patrols, incident response, or operating CCTV/surveillance systems on a client’s site) we usually act as a *processor* on the client’s instructions. In those cases, the client’s privacy notice applies and you should contact the client (the controller) first.

## 2) The data we collect and how we get it

We may collect and process the following categories of personal data:

**Website visitors and enquiries**

* Identification and contact details (name, email, phone) when you contact us via forms, email or phone.
* Technical data from your device (IP address, browser type, pages viewed, time-zone, referral URL) and cookie identifiers. See our *Cookie Policy* for details.

**Customers and prospective customers**

* Contact details (name, role, employer, email, phone), service requirements, site addresses, instructions and correspondence, purchase/orders, invoices and payment records.
* Records of site visits and service delivery (e.g., patrol logs, key movements, incident notes, GPS/attendance data where used).

**CCTV, body‑worn video and incident reporting**

* Images and audio captured on CCTV/body-worn devices and details in incident reports. Where we operate equipment for a client, the client is typically the controller; for our own premises/equipment, we are the controller. Signage is displayed where recording occurs.

**Job applicants, workers and contractors**

* CV/application data, employment history, qualifications and licences (including SIA licence details), right‑to‑work documentation, references.
* Where lawful and necessary for the role: results of background checks (e.g., DBS/Disclosure Scotland), training and competence records, and where applicable information about criminal convictions/offences.
* Optional equal opportunities data you provide (e.g., ethnicity, disability) – used only in aggregated or anonymised form unless the law requires otherwise.

We collect personal data directly from you, from your employer (if you are a client contact), from our clients (where we act as processor), from service partners, from referees/background check providers (with your authorisation where required), and from publicly available sources.

## 3) Our purposes and lawful bases

We use your personal data for:

**Providing and administering our services**

* To respond to enquiries, prepare proposals, enter into and fulfil contracts, schedule and deliver security services, verify service quality, and manage invoices and payments.
*Lawful bases:* performance of a contract or steps prior to entering into a contract; our **legitimate interests** in operating our business efficiently.

**Safety, security and incident management**

* To protect people and property, prevent and investigate incidents, and cooperate with law enforcement/regulators. This may involve CCTV or body‑worn video.
*Lawful bases:* legitimate interests; **legal obligations**; in rare cases **vital interests**.

**Compliance and record‑keeping**

* Meeting our legal, regulatory and tax obligations (e.g., Companies Act, HMRC).
*Lawful bases:* legal obligation.

**Recruitment and workforce management**

* Evaluating candidates, verifying right‑to‑work and licences, conducting background checks where appropriate, onboarding, scheduling and paying staff/contractors, and maintaining training/competence records.
*Lawful bases:* contract; legal obligation; legitimate interests.
*Special category/criminal offence data:* only where necessary and lawful (e.g., **employment, social security and social protection** law obligations; **substantial public interest** such as **safeguarding**; or your **explicit consent** where relied on). Additional safeguards apply.

**Marketing and business development**

* Sending service updates or marketing to business contacts.
*Lawful bases:* **consent** (where required) or legitimate interests for business‑to‑business communications. You can opt out at any time.

**Website analytics and cookies**

* Measuring site usage and improving our website.
*Lawful bases:* consent for non‑essential cookies/analytics; legitimate interests for strictly necessary cookies.

We balance our legitimate interests against your interests and rights. You can object to processing based on legitimate interests (see Section 8).

## 4) Sharing your data

We share personal data with:

* **Service providers** acting under contract (e.g., website hosting, IT support, email/CRM, secure file storage, background‑check providers, training platforms, payroll/accounting, couriers).
* **Clients** (where we act as processor) and, where appropriate, their other suppliers.
* **Professional advisers** (lawyers, auditors, insurers) and **authorities** (e.g., police, courts, regulators) when legally required or to protect rights and safety.
* **Business transfers**: if we undergo a reorganisation, merger or sale, data may transfer to the new owner under appropriate safeguards.
We require recipients to protect the data and use it only for the agreed purposes.

## 5) International transfers

Our core systems are located in the UK/EEA. If we transfer personal data outside the UK (for example, to a cloud provider or support team in another country), we will ensure a lawful transfer mechanism is in place, such as a UK adequacy decision or the **International Data Transfer Agreement (IDTA)** / UK Addendum to the EU Standard Contractual Clauses, plus additional safeguards where required.

## 6) How long we keep data

We keep personal data only for as long as necessary for the purposes described above, including to meet legal, accounting or reporting requirements. Typical retention periods are:

* Enquiry records and routine correspondence: **up to 24 months** from last contact.
* Contracts, service records, invoices and financial data: **7 years** from the end of the financial year.
* CCTV/body‑worn video: **30–90 days** by default unless required longer for an investigation or legal claim.
* Incident reports and safeguarding records: **3–7 years** (longer if required by law or for legal claims).
* Job applicant data (unsuccessful): **6–12 months** from decision.
* HR records (employees/contractors): retained in line with legal requirements and our internal retention schedule.

## 7) Your rights

Depending on the circumstances, you have the right to:

* **Access** your personal data and receive a copy (data portability applies in certain cases).
* **Rectify** inaccurate or incomplete data.
* **Erase** your data in certain situations.
* **Restrict** or **object** to our processing (including objecting to direct marketing at any time).
* **Withdraw consent** where we rely on consent (this will not affect prior processing).
* **Complain** to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data (see Section 10).
To exercise your rights, contact us using the details above. We may need to verify your identity.

## 8) Cookies and similar technologies

We use cookies to make our website work and, with your consent, to measure usage. You can update your preferences at any time via the *Cookie Settings* link on our site. For more detail, please see our **Cookie Policy**.

## 9) Security

We use administrative, technical and physical safeguards appropriate to the risk (including access controls, encryption in transit where supported, and staff training) to protect personal data. We also have processes to assess and respond to suspected personal‑data breaches.

## 10) How to complain

Please contact us first so we can try to resolve your concern. You also have the right to contact the UK data protection regulator:
**Information Commissioner’s Office (ICO)**
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113
Online: [https://ico.org.uk/make-a-complaint/](https://ico.org.uk/make-a-complaint/)

## 11) Changes to this notice

We may update this notice from time to time. We will post the latest version on this page with a new “Last updated” date.