Effective Date: January 1st, 2025

Fortis Security Consult (“we”, “our”, “us”) is committed to safeguarding the privacy and confidentiality of our clients, website visitors, and partners.

This Privacy Policy explains how we collect, use, and protect your personal information in line with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

We collect and process personal information necessary to deliver our security and consultancy services, maintain client relationships, and ensure the integrity of our operations.

This may include:

• Contact Information: Name, address, email, and phone number.
   
• Professional Information: Job title, organisation, and business contact details.
   
• Technical Data: IP address, device information, browser type, and analytics data collected through cookies or similar technologies.
   
• Operational & Security Data: Information provided during risk assessments, security reviews, system installations, or consultancy engagements.
   
• Service Interaction Data: Records of communications, enquiries, consultations, and service history.
   
• Surveillance & Monitoring Data (if applicable): When providing monitoring or smart security system services, data may include CCTV footage, alarm event logs, or access control records — collected strictly for the purpose of client safety and system performance.
   

We use your information to deliver secure, efficient, and personalised services. This includes:

• Providing and managing security, consultancy, or monitoring services you request.
   
• Conducting risk assessments, system designs, or compliance reviews.
   
• Responding to enquiries and managing client relationships.
   
• Maintaining and improving our website, digital systems, and user experience.
   
• Ensuring regulatory compliance, data integrity, and operational accountability.
   
• Sending service updates, reports, or marketing communications (with your consent).
   
• Protecting life, property, and safety through lawful security operations.
   

We process personal data under the following lawful bases:

• Consent: When you have provided explicit permission for specific purposes.
   
• Contractual Necessity: To deliver our services or enter into a contract with you.
   
• Legal Obligation: To meet legal, regulatory, or law enforcement requirements.
   
• Legitimate Interest: To operate and improve our business in ways that do not override your privacy rights.
   

We may share information only when necessary and always under strict confidentiality.

This includes:

• Trusted Service Providers: IT support, system monitoring, or operational partners assisting in the delivery of services.
   
• Technical Partners: Companies supporting AI analytics, CCTV monitoring, or system maintenance under strict data protection agreements.
   
• Law Enforcement or Regulatory Bodies: When required by law or to prevent harm or criminal activity.
   
• Business Transitions: In the event of mergers, acquisitions, or restructuring, subject to equivalent privacy safeguards.
   

We will never sell or trade your personal data to third parties.

We retain personal data only for as long as necessary to fulfil our contractual, operational, or legal obligations.

Retention periods vary based on the nature of the service — for example, consultancy records, system logs, or incident data may be retained for compliance and auditing.

When no longer needed, information is securely deleted, anonymised, or archived in accordance with data protection standards.

Under the UK GDPR, you have the right to:

• Access your personal data and obtain a copy.
   
• Rectify inaccurate or incomplete information.
   
• Erase data where it is no longer required.
   
• Restrict or object to processing based on legitimate interests.
   
• Data Portability – request transfer to another provider.
   
• Withdraw Consent – at any time, where consent was the lawful basis.
   

To exercise these rights, contact us using the details below. We will respond within statutory timelines.

We implement robust technical and organisational measures to protect your data from unauthorised access, alteration, or loss.

These include:

• Encrypted communication and data storage.
   
• Multi-factor authentication and access control.
   
• Regular cybersecurity audits and staff training.
   
• Secure CCTV and monitoring infrastructure with restricted access.
   

However, no system is entirely infallible, and while we take all reasonable precautions, we cannot guarantee absolute security.

Our website uses cookies and tracking technologies to analyse performance and enhance user experience.

You can adjust your cookie preferences via your browser settings.

For further details, see our [Cookie Policy].

We may periodically update this Privacy Policy to reflect legal, technological, or operational changes.

Updates will be published on this page with a revised effective date.

Significant updates will be communicated via our website or directly where appropriate.

For questions, data access requests, or privacy concerns, please contact:

Data Protection Officer

Fortis Secure Global Solutions Limited

📧 admin@fortissecurityconsult.com

🌐 www.fortissecure.io