Blackdrop Security (“we”, “us”, “our”) is committed to protecting the privacy of everyone whose personal information we handle. This policy explains what information we collect, how we use it, how we keep it secure and the choices you have. It applies to visitors to our website, clients, prospective clients, suppliers, job applicants and anyone who contacts us by phone, email or social media.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using this website or providing your information to us, you acknowledge that you have read this privacy policy.

1. Information we collect

We may collect and process the following types of personal data:

Contact details – such as your name, job title, company name, postal address, email address and telephone number.

Account and service information – details relating to security services we provide to you, including site addresses, access requirements, risk information and keyholder details.

Communications – copies of emails, messages, call notes and other correspondence with you.

Website usage data – information about how you use our website, including IP address, device information, browser type, pages visited and referring website. This may be collected via cookies and similar technologies.

Recruitment information – CVs, application forms, employment history, qualifications, licences (such as SIA licences), references and right-to-work documentation where you apply for a role with us.

We normally collect personal data directly from you, but we may also receive information from third parties such as referees, subcontractors, public sources and background-check providers where required for security or employment purposes.

2. How we use your information

We may use your personal data for the following purposes:

To respond to enquiries, provide quotations and set up security services.

To deliver and manage contracts, including site instructions, rostering, invoicing and client reporting.

To improve our services and website, monitor usage and troubleshoot technical issues.

To fulfil our legal and regulatory obligations, including security vetting, health and safety, incident reporting and accounting requirements.

To communicate with you about existing services, contract updates or changes to this policy.

With your consent, to send marketing communications about our services which we think may be relevant to you. You can opt out of marketing at any time by following the unsubscribe link or contacting us directly.

Our lawful bases for processing personal data include performance of a contract, compliance with legal obligations, our legitimate interests in running and developing our business, and consent where required for specific activities.

3. Sharing your information

We do not sell your personal data. We may share it with:

Security officers and authorised staff who need the information to perform their duties.

Service providers and professional advisers, such as IT hosts, payroll providers, accountants, insurers or legal advisers, who act on our instructions and are required to keep your data secure and confidential.

Regulatory authorities, law-enforcement agencies or emergency services where we are legally required to do so or where disclosure is necessary to protect people, property or vital interests.

Prospective purchasers or business partners in the event of a merger, sale or corporate restructuring, in which case data will remain subject to this policy or an equivalent one.

Where any transfer of data outside the UK or European Economic Area is necessary, we will ensure appropriate safeguards are in place as required by data-protection law.

4. Data retention

We keep personal data only for as long as reasonably necessary to fulfil the purpose for which it was collected and to meet legal, regulatory, tax and reporting requirements. The retention period may vary depending on the type of information, for example:

Client and contract records – normally up to seven years after the end of the relationship.

Incident and accident reports – retained in line with relevant legal and insurance requirements.

Recruitment records – usually up to twelve months for unsuccessful candidates, unless you consent to a longer period.

At the end of the retention period, data will be securely deleted, anonymised or archived.

5. Security of your data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, alteration, disclosure or destruction. These include access controls, secure systems, staff training and policies on data handling. While we do our best to safeguard your information, no system can be guaranteed to be completely secure.

6. Cookies and website tracking

Our website may use cookies and similar technologies to enhance your browsing experience, remember preferences and collect statistics about how the site is used. You can usually control cookies through your browser settings. For more information, please refer to our separate Cookie Policy (where available) or contact us using the details below.

7. Your rights

Under data-protection law you have a number of rights, which may include the right to:

Access the personal data we hold about you.

Request correction of inaccurate or incomplete information.

Request deletion of your personal data, where there is no lawful reason for us to continue processing it.

Restrict or object to the processing of your data in certain circumstances.

Withdraw consent where processing is based on consent.

Data portability, in limited circumstances, by requesting a copy of your data in a structured, commonly used format.

To exercise any of these rights, please contact us using the details below. We may need to verify your identity before responding to your request.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data, although we encourage you to contact us first so we can try to resolve any concerns.

8. Contact us

If you have any questions about this privacy policy or how we handle your personal data, please contact:

Blackdrop Security

Email: info@blackdropsecurity.co.uk

9. Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised “last updated” date. We recommend that you review the policy periodically.