Introduction
GGN Security Services Limited, PRIVACY POLICY This Privacy Policy outlines GGN Security Services Limited (“we”, “our” or “the Company”) practices with respect to information collected from users who access our website at www.ggnsecurity (“Site”) or otherwise share personal information with us (collectively: “Users”).
Responsible authority within the meaning of data protection laws, in particular the General Data Protection Regulations (GDPR): Information Commissioner’s Office User Rights You may request to:
1. Receive confirmation as to whether or not personal information concerning you is being processed and access your stored personal information, together with supplementary information.
2. Receive a copy of personal information you directly volunteer to us in a structured, commonly used and machine-readable format.
3. Request rectification of your personal information that is in our control.
4. Request erasure of your personal information.
5. Object to the processing of personal information by us.
6. Request to restrict processing of your personal information by us.
7. Lodge a complaint with a supervisory authority. However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements.
If you wish to exercise any of the above rights or receive more information, please contact our Data Protection Officer using the details provided below:
Taaeba Khan
0121 638 0475
10/04/2026
What personal data do we collect and process?
In order for us to operate our business we need to collect personal data from those who access our websites or premises, obtain products or services from us, provide products or services to us, are engaged by us or who we otherwise have dealings with in the course of our day to day activities.
We are committed to ensuring that the personal data we collect and use is appropriate for this purpose and does not constitute an invasion of an individual’s privacy. This section sets out further details of the types of personal data we collect in different circumstances and how we use it.
Visitors To Our Website
When you interact with GGN Security online, we may collect and process certain personal data about you. This includes your name, email address, telephone number, and any other contact information you provide. We collect this information when you:
- Visit or browse our website
- Register for access (where registration is required)
- Submit enquiries or request further services
- Subscribe to our updates or publications
- Post material or complete forms on our website
- Report an issue with our website or online services
We may occasionally invite you to complete surveys for research purposes. Participation is entirely optional.
We also collect technical information relating to your visits, including:
- Traffic data, location data, weblogs and communication data
- Details of the resources you access on our website
- Information about your device, such as IP address, operating system and browser type (This is used for system administration and to produce aggregated, non‑identifiable statistics.)
How We Use Your Information
We use the information we hold about you to:
- Ensure our website content is presented in the most effective way for your device
- Provide the information, products, or services you request
- Fulfil our contractual obligations to you
- Enable your participation in interactive features when you choose to use them
- Notify you of updates or changes to our services
Cookies
Our website uses cookies to distinguish you from other users. This helps us improve site performance and provide a better browsing experience. Our Cookie Policy is available on our website.
For more information on our cookie policy please click here. To go to our Cookie policy page.
Marketing, Events & Publications
If you sign up to attend GGN Security events, access publications, or receive marketing communications, we may use your information for those purposes in accordance with this notice. You may opt out of marketing communications at any time by contacting us at info@ggnsecurity.co.uk.
Business Contacts
If you register to attend one of our events, access our publications, or request to receive our marketing materials, we will collect personal data such as your name, email address, telephone number, and any other contact information you provide at the point of sign‑up.
We use this information to provide you with details about events, publications, products, or services that we believe may be of interest to you. When registering, you will be able to specify your communication preferences, including how you would like us to contact you.
You can update your communication preferences at any time using the options provided within our emails or by contacting us directly at info@ggnsecurity.co.uk.
Customers and Related Individuals
We collect personal data from our customers and related individuals where necessary to provide our services or where an individual has otherwise consented to its collection.
We may use the personal data collected for the purposes of:
Providing our products and services to you or the organisation you represent;
Operating back office and administration services connected with the provision of our products and services;
Managing our customer relationships including providing you with information on events and access to publications;
Enabling our transactional finance partners,
GGN Security Services Personnel
Personal data in relation to GGN Security Services personnel is collected and held on our systems and applications. Further information regarding the collection and use of personal data of GGN Security Services personnel is provided as part of our on-boarding process and can be obtained by GGN Security Services Limited personnel at any time by contacting personnel@ggnsecurity.
Job Applicants
If you register your interest in a vacancy with GGN Security Services, or submit a formal application, we will collect personal data including your name, address, email address, telephone number, and other relevant contact details.
Where a role requires vetting, we may also collect more detailed personal information. This can include your employment history, education history, references, professional memberships and qualifications, credit check results, criminal record check results, DVLA information, and proof of identity documents. These checks are carried out only where necessary and proportionate to the role you are applying for, as part of the process we are require to do credit checks on the individual.
Credit Reference and Affordability Checks
To help us assess applications, prevent fraud, and meet our legal and regulatory obligations, we may obtain information about you from credit reference agencies (CRAs).
We obtain this information via Creditsafe, which uses its data partner TransUnion to supply consumer credit and identity data.
- Creditsafe Business Solutions Limited is authorised and regulated by the Financial Conduct Authority
FCA Firm Reference Number: 742313 - TransUnion International UK Limited is authorised and regulated by the Financial Conduct Authority
FCA Firm Reference Number: 805757
The information we receive may include data relating to your identity, credit commitments, payment history, and public record information. This data is used solely for legitimate business purposes, including creditworthiness assessment, identity verification, and fraud prevention, in accordance with applicable data protection laws.
Further information about how Creditsafe and TransUnion process your personal data can be found in their respective privacy notices:
- Creditsafe Privacy / Transparency Notice:
Transparency Notice | Customers & Suppliers - TransUnion CRAIN (Credit Reference Agency Information Notice):
https://www.transunion.co.uk/legal/privacy-centre/pc-credit-reference
TransUnion Bureau Privacy Notice:
We use the information we collect to process and assess your application, determine your suitability for employment, and complete any required on-boarding and compliance checks should you be engaged or employed by GGN Security Services.
Legal Basis for Processing Personal Data
GGN Security Services processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Depending on the purpose of the processing, we rely on the following lawful bases:
Performance of a Contract
Processing is necessary to enter into or perform a contract with you, including the delivery of services and fulfilment of contractual obligations. This may include obligations involving third‑party partners such as TransUnion.
Legal Obligation
Processing is required to comply with applicable laws, regulatory requirements, and statutory duties.
Legitimate Interests
Processing is carried out for our legitimate business purposes, including:
- maintaining system and data security
- preventing fraud and financial crime
- managing risk
- supporting audit and compliance activities
- protecting the integrity of TransUnion data (where applicable)
These interests are assessed to ensure they do not override the rights and freedoms of individuals. Appropriate safeguards are always applied.
Consent
Where required by law, we will obtain your consent before processing your personal data. You will always be given a clear choice and may withdraw consent at any time.
Source of Personal Data
Where personal data is not collected directly from you, it may be obtained from the following sources:
- employers or clients when you apply for, or are considered for, a role
- referees (where relevant and permitted)
- publicly available sources (e.g., professional networking sites, business directories, public records)
- credit reference agencies (CRAs) for identity, credit, or affordability checks
- third‑party service providers supporting recruitment, screening, or compliance processes
International Transfers & Safeguards
We may transfer personal data to service providers or partners located outside the UK and/or the European Economic Area (EEA).
Where international transfers occur, we ensure that appropriate safeguards are in place, such as:
- approved Standard Contractual Clauses (SCCs)
- International Data Transfer Agreements (IDTAs)
- transfers to countries recognised as providing an adequate level of protection
These measures ensure your data remains protected in line with UK data protection law
Data Retention
Personal data is retained only for as long as necessary to fulfil the purpose for which it was collected and to meet legal, regulatory, or contractual requirements.
Data used for credit reference or affordability checks is retained only for the period required to complete those checks and is then securely deleted.
Right to Lodge a Complaint
If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or another relevant supervisory authority.
Provision of Personal Data
Is the provision of personal data statutory or contractual?
Certain personal data is required:
- to enter into or perform a contract
- to process orders, manage accounts, or deliver services
- to verify identity and prevent fraud
- to comply with legal, regulatory, accounting, or tax obligations
Consequences of not providing personal data
If you choose not to provide required personal data:
- we may be unable to enter into a contract with you
- we may be unable to provide goods or services
- we may be unable to complete identity, compliance, or fraud‑prevention checks
- services may be delayed, restricted, or declined
Where personal data is requested for optional purposes (e.g., marketing communications), providing it is voluntary and you may withdraw consent at any time without affecting your access to services.
Non-Automated Decision-Making and Profiling
We may use automated tools to support certain business processes, such as fraud prevention, risk assessment, identity verification, or record management. These tools may analyse personal data using predefined rules to generate indicators or recommendations.
However, we do not make decisions that produce legal or similarly significant effects based solely on automated processing. Any such decisions involve meaningful human review. Automated tools may influence the speed or level of review applied, but individuals will not be subject to automatic rejection or adverse outcomes without human involvement.
If you wish to make a complaint about how your personal data is being processed by us (or the third parties referred to in this Privacy Notice), or how your complaint has been handled, you have a right to lodge a complaint with our Data Protection Officer using the contact details above or by contacting:
The Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Email: casework@ico.org.uk








