Statement on GDPR

Business-to-Business Services

Security Management Consultants LTD provides only ‘business to business’ services. We do not provide services to consumers. Our clients are sole traders, partnerships, private limited companies, public limited companies and government agencies.

Personal Identifiable Data (PID)

We do not store, process or transmit consumer data or personal identifiable data (PID) for our own purposes or on behalf of clients except for PID relating to our current and former employees as described below.

Employee Personal Identifiable Data

We do store and process personal data relating to our current and former employees in accordance with the requirements of the current UK Data Protection Act and the General Data Protection Regulation (GDPR) that will officially come into force on 25 May 2018. This data is not shared with third parties except where required by law or necessary for the operation of our pension scheme.

Receipt of Unsolicited Personal Information

If, unsolicited, a member of the public provides personal identifiable data (PID) to us we delete the data as soon as practicable and advise the sender of this using contact information they have provided.

Speculative Employment Enquiries

We do not retain unsolicited employment enquiries for future reference.

Data Protection Officer (DPO)

Richard Murray, Director, is our designated Data Protection Officer.  Please refer to the Contact page for details of how to submit enquiries.

Protection of Client Data

Please see our ‘Client Data Security‘ post for details of how we keep client information safe.