Security Scotland is dedicated to protecting personal data and will always process data in accordance with the Data Protection Act 2018 and The General Data Protection Regulation 2016 (GDPR). We will always ensure that personal data is processed in a fair, transparent and lawful manner. Company reserves the right to make changes to this policy.
We seek to protect any personal data, defined as information concerning any living person that is not already in the public domain, that is provided to us by our current and future potential clients, staff and any other parties. Security Scotland will process data in line with the GDPR main principles including collecting data for specified and legitimate purposes, data and storage minimisation and accuracy of data.
How is personal data collected?
We collect personal information about employees, workers and contractors through the application and recruitment process, either directly from candidates or from an employment agency. We may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies.
We will collect additional personal information in the course of job-related activities throughout the period of you working for us. We will also any collect personal data submitted via the employee portal on the website.
Legal basis for processing personal data
Our Legal basis for processing any personal data must be at least one of the following;
Special category data is personal data which is more sensitive and therefore requires more protection. For example, this could be information about an individual’s race, ethnic origin, politics, religion, trade union membership, genetics, health, sex life, or sexual orientation. We have in place appropriate safeguards to protect your data.
Our legitimate interests
Security Scotland may on occasions share personal data to third parties in order to fulfil contractual agreements and legal requirements. Security Scotland requires these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice and GDPR.
Security Scotland will only disclose personal data that is necessary to meet legal obligations, regulations or valid governmental request. Such an example of a third party may be and is not limited to HMRC, SIA, DWP, pension providers or insurance providers.
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as paying you), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our workers).
All personal data will be treated securely. Information will only be shared externally if there is a lawful basis to do so or if consent has been freely given by the data subject. All data is held in the United Kingdom. Security Scotland does not store personal data outside the EU.
Security Scotland will process personal data during the duration of any contract and will continue to store only the personal data necessary in line with our retention policy after the contract has expired to meet any legal obligations. (After five years any personal data not needed will be deleted.)
Subject Access Requests
You have the right to access of personal data. Security Scotland will accept the following forms of ID when on receipt of a subject access request: a copy of your national ID card, driving license, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required.
All requests should be made in writing to James Glackin, Data Controller or writing to us at the address further below.
Specifically, the Data Controller will ensure compliance with the following data protection principles:
In the event that Security Scotland refuses your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge.
Security Scotland, David Dale House, 159 Broad Street, Glasgow, G40 2QR
How to complain
We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner or further information about your rights and how to make a formal complaint.