Privacy & Cookies Policy — Integrated Alarms

This privacy and cookies policy is a generic template for a UK-based CCTV and security company and will need tailoring to your specific services, systems and retention periods. It does not constitute legal advice and should be checked against current ICO guidance and UK GDPR/Data Protection Act 2018 requirements.

1. Who we are

Integrated Alarms (“we”, “us”, “our”) is a CCTV and security services provider established in the United Kingdom.
We act as a data controller for personal data that we collect in the course of providing security systems, CCTV installation, monitoring and maintenance services to our customers.

Registered office: UK-wide (operating address available on request).
Company number: Not yet registered (pre-launch business).
Data Protection contact: Privacy Lead – Lloyd Connors
Contact details:

  • Email: lloydjohnconnors@gmail.com

  • Telephone: 07580864533 (WhatsApp preferred)

2. Personal data we collect

We may collect and process the following categories of personal data in connection with our CCTV and security activities:

  • Identity and contact data: name, job title, business name, address, email address, telephone number for customers, suppliers and site contacts.

  • CCTV and surveillance data: images and video recordings, audio where applicable, vehicle registration numbers (e.g. ANPR), date and time of recordings, location of cameras.

  • Access control and security data: fob or card identifiers, access logs, alarm activation logs, incident reports.

  • Technical and usage data (website): IP address, browser type and version, device identifiers, time zone setting, operating system, and information about how you use our website.

  • Communication and enquiry data: records of communications, enquiries, quotes, service requests and complaints.

3. How we use personal data and legal bases

We use personal data for the following purposes and on the following legal bases under the UK GDPR:

  • Providing CCTV and security services: designing, installing, configuring and maintaining CCTV, alarms and related systems; monitoring and responding to alerts; arranging site visits and ongoing support (performance of a contract or steps before entering into a contract).

  • Security, crime prevention and detection: protecting people, premises and assets, investigating incidents, assisting law enforcement where appropriate (legitimate interests and, where relevant, substantial public interest as permitted by law).

  • Managing customer relationships and accounts: invoicing, payments, renewals, contract management, and responding to queries (performance of a contract and legitimate interests).

  • Website operation and improvement: operating our website, security logs, troubleshooting, analytics and usage insights (legitimate interests and consent for non-essential cookies).

  • Marketing and business development: sending existing business customers information about related products or services, unless they opt out (legitimate interests), and sending marketing to individuals with their consent where required.

  • Legal, regulatory and compliance: maintaining records, handling disputes, and complying with legal obligations (legal obligation and legitimate interests).

Where we rely on consent (for example, for certain types of marketing or non-essential cookies), you may withdraw your consent at any time using the contact details in this policy or the unsubscribe/consent tools we provide.

4. CCTV and surveillance data

Where we install or operate CCTV systems, we do so to help protect people, property and assets; to prevent and detect crime; and, where agreed with the customer, to support health and safety and incident investigation.

  • Camera locations and signage: Cameras are positioned to meet the stated security purposes and to minimise intrusion into areas where people have a higher expectation of privacy. Clear signage is used where CCTV is in operation, naming us or the relevant system operator and giving contact details.

  • Monitoring and access: Live monitoring and access to recorded footage is restricted to authorised personnel and, where relevant, to authorised customer staff. Access is logged and provided only where necessary for the purposes described in this policy or the customer’s own policy.

  • Covert surveillance: Covert surveillance is not used unless strictly necessary and lawful (for example, at the request of law enforcement) and subject to appropriate authorisation and safeguards.

  • Audio recording: If audio recording is enabled on any system, this will be clearly signposted and justified by a specific, documented need, with additional safeguards where required.

If we act purely as a processor operating CCTV on behalf of a customer (the data controller), we will process CCTV data strictly in accordance with that customer’s written instructions and contract.

5. Sharing personal data

We may share personal data, including CCTV footage, with:

  • Customers and site owners, to investigate incidents, support security operations or comply with contractual obligations.

  • Service providers and subcontractors, such as monitoring centres, IT hosting and maintenance providers, equipment manufacturers or engineers, who support our services under appropriate data protection terms.

  • Law enforcement and other public authorities, where necessary for the prevention or detection of crime, for the apprehension or prosecution of offenders, or where we are otherwise legally required to do so.

  • Professional advisers, such as insurers, lawyers, auditors and accountants, where necessary in connection with claims, compliance or business operations.

  • Potential buyers, investors or other parties in the context of a business sale, merger or restructuring, subject to confidentiality and data protection safeguards.

We do not sell personal data to third parties. Any sharing is limited to what is necessary for the purposes described in this policy.

6. International transfers

Our systems and some of our third-party service providers may store or process personal data outside the UK. Where this happens, we will ensure that appropriate safeguards are in place, such as:

  • An adequacy decision from the UK government for the destination country; or

  • Standard contractual clauses or other appropriate safeguards approved for use under UK data protection law.

You can contact us for more information about the specific safeguards used for international transfers relevant to your data.

7. Data retention

We keep personal data only for as long as reasonably necessary to fulfil the purposes set out in this policy, including to meet legal, regulatory, tax, accounting or reporting requirements, or to resolve disputes.

As a general guide (subject to system configuration and customer requirements):

  • CCTV footage: usually retained for approximately [e.g. 30 days] and automatically overwritten unless required for a specific incident, investigation or legal claim, in which case it may be retained for longer until the matter is resolved.

  • Customer and contract records: generally retained for the duration of the contract and for up to [e.g. 6–7 years] afterwards to comply with legal and accounting obligations.

  • Enquiries and correspondence: typically retained for up to [e.g. 2 years] after resolution, unless needed for ongoing matters or legal reasons.

  • Technical logs (website and systems): retained for a period appropriate to security, troubleshooting and analytics, typically between [e.g. 6 months and 2 years].

Retention periods may vary depending on the nature of the data, the system and any specific contractual or legal requirements. When data is no longer needed, it will be securely deleted or anonymised.

8. Cookies and similar technologies

Our website uses cookies and similar technologies to distinguish you from other users, to help the site function, and to improve your experience.

What are cookies?

Cookies are small text files placed on your device when you visit a website. They can be “session” cookies (which expire when you close your browser) or “persistent” cookies (which remain for a set period or until you delete them).

Types of cookies we use

  • Strictly necessary cookies: Required for the operation of the website (for example, enabling basic security, navigation or accessing secure areas). These cannot be turned off through our cookie tools.

  • Functional cookies: Used to remember your preferences (such as language or cookie choices) and provide enhanced features.

  • Performance/analytics cookies: Help us understand how visitors use our website (for example, which pages are visited most often) so that we can improve it. We typically use aggregated, anonymised statistics.

  • Targeting/advertising cookies: If used, these cookies record your visit to our site, the pages you visit and the links you follow so we or our partners can show you relevant adverts on our site or elsewhere. These cookies are set only with your consent.

Cookie consent and control

When you first visit our website, you will see a cookie banner or tool explaining the types of cookies we use and enabling you to:

  • Accept all cookies.

  • Reject non-essential cookies.

  • Manage your cookie preferences in more detail.

You can change your preferences at any time using the cookie settings link on our site or by adjusting your browser settings to block or delete cookies. However, blocking some cookies may affect how the site works.

More detailed information about the specific cookies we use, their purposes and expiry periods is available in our cookie settings or a separate cookie schedule.

9. Your data protection rights

Under UK data protection law, you have certain rights in relation to your personal data. These include:

  • Right of access: To request a copy of the personal data we hold about you and certain information about how we use it.

  • Right to rectification: To request correction of inaccurate or incomplete personal data.

  • Right to erasure: To request deletion of your personal data in some circumstances (also known as the “right to be forgotten”).

  • Right to restriction: To request that we limit how we use your personal data in certain situations.

  • Right to data portability: To receive personal data you have provided to us in a structured, commonly used, machine-readable format and to request that we transfer it to another organisation where technically feasible and lawful.

  • Right to object: To object to processing based on our legitimate interests or for direct marketing. If you object to direct marketing, we will stop sending it.

  • Rights in relation to automated decision-making and profiling: To request human intervention and to challenge a decision where we make decisions about you solely by automated means that have legal or similarly significant effects.

These rights are subject to conditions and exemptions. For example, we may not be able to delete CCTV footage if it is required for an ongoing investigation or legal claim.

If you wish to exercise any of these rights, please contact us using the details in section 1. We may need to verify your identity before responding.

10. Access to CCTV footage

If you appear in CCTV footage that we control, you may have the right to request access to footage that identifies you, subject to data protection and third-party privacy considerations.

  • Requests should include the location of the CCTV system, dates and times, and any other information that can help us locate the footage.

  • Where the footage is under our customer’s control, we may redirect you to the relevant customer or cooperate with them to respond.

  • We may need to blur or otherwise protect the privacy of other individuals in the footage, or we may not be able to provide footage if it would unreasonably affect others’ rights or ongoing investigations.

11. Security of personal data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction or damage. These measures include:

  • Physical security controls on premises and equipment.

  • Access controls, authentication and role-based permissions for systems containing personal data.

  • Encryption and secure transmission where appropriate.

  • Regular maintenance, patching and security monitoring of systems.

  • Staff training on data protection and information security.

  • Contracts and due diligence with third-party providers handling personal data on our behalf.

While no system can be completely secure, we aim to ensure that the level of security is appropriate to the risks associated with the personal data we process.

12. Complaints and how to contact us

If you have questions about this policy or how we handle your personal data, or if you wish to exercise your rights, please contact:

Email: lloydjohnconnors@gmail.com
Post: Privacy Lead, Integrated Alarms, UK-wide
Telephone: 07580864533

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
www.ico.org.uk | 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

13. Changes to this policy

We may update this privacy and cookies policy from time to time, for example to reflect changes in our services, technology, or legal obligations.
Any updates will be posted on our website with a revised “last updated” date, and material changes may be notified to you directly where appropriate.