C Plus Security

Phone: +4407437 574241

Email: Info@cplussecurity.co.uk

Facebook Instagram X-twitter Linkedin Youtube

Menu

1. Policy Statement

C Plus Security is committed to protecting the privacy and personal data of all individuals we interact with, including employees, clients, customers, visitors, contractors, and members of the public.

As part of our security operations, we may collect, store, and process personal information in the course of providing guarding services, CCTV monitoring, event security, access control, reporting, and incident management. We understand the importance of handling such information responsibly and lawfully.

C Plus Security will comply with all relevant UK data protection laws, including:

• UK General Data Protection Regulation (UK GDPR)
  
• Data Protection Act 2018
  

We ensure that personal data is processed fairly, securely, and only for legitimate business purposes.

2. Purpose

The purpose of this policy is to ensure that:

• Personal data is handled legally, fairly, and transparently
  
• Personal data is protected against loss, misuse, or unauthorised access
  
• Employees understand their responsibilities when handling data
  
• C Plus Security maintains compliance with UK GDPR requirements
  

3. Scope

This policy applies to:

• All employees of C Plus Security
  
• Contractors and temporary staff working on behalf of the company
  
• Any individual or organisation processing data on behalf of C Plus Security
  

This policy covers all forms of personal data including paper records, digital records, CCTV footage, emails, and incident reports.

4. Key Definitions

Personal Data: Any information that can identify a person directly or indirectly (e.g., name, address, phone number, ID documents).

Special Category Data: Sensitive personal information such as health data, ethnicity, religion, biometric data, or criminal offence records.

Processing: Collecting, storing, sharing, recording, using, or deleting personal data.

5. Data Protection Principles

C Plus Security will follow the UK GDPR principles, ensuring personal data is:

1. Processed lawfully, fairly, and transparently
   
2. Collected only for specific and legitimate purposes
   
3. Adequate, relevant, and limited to what is necessary
   
4. Accurate and kept up to date
   
5. Stored only as long as required
   
6. Kept secure and protected from unauthorised access
   
7. Managed with accountability and responsibility
   

6. Lawful Basis for Processing

C Plus Security may process personal data under lawful bases such as:

• Contractual necessity (providing security services to clients)
  
• Legal obligation (employment law, reporting requirements)
  
• Legitimate interests (security reporting, investigations, incident prevention)
  
• Consent (where required, such as marketing communications)
  

Special category data will only be processed when legally permitted and necessary.

7. Data Collection and Use

Personal data may be collected through:

• Staff recruitment and employment records
  
• Visitor logs and access control records
  
• Incident and accident reports
  
• CCTV recordings and surveillance systems
  
• Client contracts and service agreements
  

C Plus Security will ensure that only authorised staff have access to personal data, and data will not be shared unnecessarily.

8. Data Storage and Security

C Plus Security will take reasonable steps to protect personal data by using:

• Password-protected systems and controlled access
  
• Locked cabinets for physical documents
  
• Secure handling of incident reports and CCTV footage
  
• Restricted access to client and staff records
  
• Secure disposal methods (shredding or permanent deletion)
  

Employees must not store company data on personal devices unless authorised.

9. Sharing Personal Data

Personal data will only be shared when necessary and lawful, such as:

• With clients (where required for service delivery)
  
• With police or law enforcement (where legally required)
  
• With regulators or legal advisors
  
• With authorised subcontractors under strict confidentiality agreements
  

C Plus Security will never sell personal data to third parties.

10. Data Subject Rights

Individuals have rights under UK GDPR, including the right to:

• Access their personal data
  
• Correct inaccurate data
  
• Request deletion (where legally possible)
  
• Restrict or object to processing
  
• Request data portability
  
• Raise complaints with the Information Commissioner’s Office (ICO)
  

Requests must be reported to management immediately and handled within legal timeframes.

11. Data Breaches

A data breach includes loss, theft, unauthorised access, accidental sharing, or improper disposal of personal data.

All suspected breaches must be reported immediately to management. C Plus Security will investigate and, where required, report breaches to the ICO within the legal timeframe.

12. Employee Responsibilities

All staff must:

• Handle personal data responsibly
  
• Maintain confidentiality at all times
  
• Follow company procedures for incident reports and CCTV data
  
• Never share personal data without authorisation
  
• Report data breaches or concerns immediately
  

Failure to follow this policy may lead to disciplinary action.

13. Policy Review

This policy will be reviewed annually or when legal or operational changes occur.