Legal & Compliance Documents

Legal Policies &
Company Information

Privacy Policy, Terms & Conditions, Data Protection, Cookie Policy and Complaints Procedure for GM Secure Ltd — registered in England & Wales.

GM Secure Ltd — Registered Company

Company Number: 15623450  |  ICO Registration: ZB687885
Registered Office: Office 6429, 321-323 High Road, Chadwell Heath, Romford, Essex RM6 6AX, England
Governing Law: England & Wales  |  Effective Date: 1 January 2025

Privacy Policy

1. Who We Are

GM Secure Ltd ("GM Secure", "we", "us", "our") is a private limited company registered in England and Wales (Company No. 15623450) and registered with the Information Commissioner's Office (ICO Registration No. ZB687885) as required by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our registered office is at Office 6429, 321-323 High Road, Chadwell Heath, Romford, Essex RM6 6AX.

This Privacy Policy explains how we collect, use, store, protect, and share your personal data when you visit our website at gmsecure.co.uk, submit an enquiry, use our security services, or apply for employment with us.

2. Data We Collect

2.1 Information You Provide to Us

  • Full name, email address, telephone number, and postal address
  • Company or organisation name and business contact details
  • Details of your security requirements and site information
  • CV, employment history, and SIA licence details (job applicants)
  • Payment and billing information
  • Content of any correspondence with us

2.2 Technical Data Collected Automatically

  • IP address, browser type and version, device type
  • Pages visited, time on site, and referring URLs
  • Cookie data (see Cookie Policy below)

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and manage security services under a contract with you
  • To respond to enquiries and provide free security quotes
  • To process job applications and manage recruitment
  • To send service-related communications, invoices, and updates
  • To comply with our legal and regulatory obligations
  • To prevent fraud, detect security incidents, and protect GM Secure Ltd
  • To improve our website and services through analytics

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following legal bases:

  • Contract (Article 6(1)(b)): To perform or prepare to enter a contract with you
  • Legal Obligation (Article 6(1)(c)): To comply with applicable UK law
  • Legitimate Interests (Article 6(1)(f)): To operate, protect, and grow our business — including fraud prevention, IT security, and business administration — where these interests are not overridden by your rights
  • Consent (Article 6(1)(a)): Where you have given clear, specific consent (e.g. marketing communications). You may withdraw consent at any time by contacting us

5. Disclosure of Your Data

We may share your personal data with:

  • Clients of GM Secure Ltd where necessary to deliver contracted security services
  • Trusted third-party service providers (IT support, payment processors, email platforms) — all bound by data processing agreements
  • Regulatory authorities including the Security Industry Authority (SIA) and the Information Commissioner's Office (ICO) where required by law
  • Law enforcement agencies, courts, or other public authorities where required by law or to protect the rights, property, or safety of GM Secure Ltd, its staff, or others
  • Professional advisors including solicitors, accountants, and insurers, under confidentiality obligations
We never sell, rent, or trade your personal data to third parties for marketing purposes — ever.

6. Data Retention

  • Client and contract data: Retained for 7 years from the end of the contract, in line with HMRC accounting requirements
  • Enquiries and quotes: Retained for 12 months from the date of initial contact
  • Job applications (unsuccessful): Retained for 6 months, then securely deleted unless you consent to a longer period
  • Employee records: Retained for 6 years following termination of employment in line with statutory requirements
  • Website analytics data: Retained for up to 26 months

7. Your Rights Under UK GDPR

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request a copy of your personal data held by us (subject access request)
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your data where there is no compelling reason for us to retain it
  • Right to Restrict Processing (Article 18): Request that we limit how we use your data in certain circumstances
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Where processing is based on consent, withdraw it at any time without affecting prior processing

To exercise any of these rights, please contact us in writing at info@gmsecure.co.uk. We will respond within one calendar month as required by UK GDPR. We may need to verify your identity before processing your request.

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

8. Security of Your Data

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include SSL/TLS encryption for data transmitted via our website, restricted staff access on a need-to-know basis, secure server infrastructure, regular security reviews, and staff data protection training.

No transmission over the internet is 100% secure. While we take all reasonable steps to protect your data, we cannot guarantee the absolute security of information transmitted to our website.

Last Updated: January 2025  |  Next Review: January 2026

Terms & Conditions of Service

These Terms & Conditions ("Terms") govern all security services provided by GM Secure Ltd. By engaging our services or signing a Service Agreement, you confirm that you have read, understood, and agree to be bound by these Terms in their entirety. If you do not agree, you must not engage our services.

1. Definitions

In these Terms: "GM Secure" means GM Secure Ltd (Company No. 15623450); "Client" means the person or organisation engaging GM Secure; "Services" means the security services set out in any written Service Agreement or Purchase Order; "Officers" means SIA-licensed security personnel supplied by GM Secure; "Site" means the location(s) at which Services are to be provided; "Charges" means the fees payable for the Services as agreed in writing.

2. Provision of Services

GM Secure will provide the Services using reasonable skill and care in accordance with the written Service Agreement. All Officers deployed by GM Secure hold a valid SIA licence and have been DBS-checked and vetted in accordance with BS 7858:2019 prior to deployment. GM Secure reserves the right to substitute equivalent Officers at any time without notice, provided that the replacement Officer holds all required licences and clearances.

GM Secure is not responsible for any failure to perform or delay in performing the Services caused by circumstances outside its reasonable control, including but not limited to acts of God, extreme weather, strikes, civil unrest, government action, pandemics, or third-party failures.

3. Client Obligations

The Client must:

  • Provide GM Secure with accurate, complete, and up-to-date information about the Site and any known risks or hazards prior to deployment
  • Notify GM Secure in writing of any material change to the Site, requirements, or risk profile as soon as reasonably practicable
  • Ensure that the Site meets all applicable health and safety legislation and provide a safe working environment for GM Secure Officers at all times
  • Provide any Site-specific induction, access, facilities (including adequate welfare facilities), and equipment as required
  • Not give direction to GM Secure Officers that conflicts with GM Secure's instructions, training, or procedures without prior written agreement
  • Not instruct Officers to perform tasks outside the agreed scope of the Service Agreement
  • Comply with all applicable laws and regulations in connection with its use of the Services
Important: GM Secure Officers are not authorised to perform any duties outside the scope of their SIA licence or the written Service Agreement. Any instruction to do so will be refused. GM Secure accepts no liability for any loss arising from a Client's failure to comply with these obligations.

4. Charges and Payment

  • All Charges are as agreed in the written Service Agreement or Purchase Order. Verbal agreements are not binding on GM Secure
  • Invoices are issued weekly, fortnightly, or monthly as agreed. Payment is due within 14 days of the invoice date unless otherwise agreed in writing
  • GM Secure reserves the right to charge statutory interest on overdue invoices at 8% per annum above the Bank of England base rate pursuant to the Late Payment of Commercial Debts (Interest) Act 1998, together with reasonable debt recovery costs
  • In the event of non-payment, GM Secure reserves the right to suspend or withdraw Services immediately without liability to the Client, upon giving 24 hours' written notice where practicable
  • All Charges are exclusive of VAT, which shall be added at the applicable rate
  • GM Secure reserves the right to adjust Charges on 30 days' written notice to reflect changes in the National Living Wage, SIA licence requirements, or other regulatory costs
  • Any dispute regarding an invoice must be raised with GM Secure in writing within 7 days of receipt. Failure to do so will be deemed acceptance of the invoice

5. Limitation of Liability

Please read this section carefully. It limits GM Secure's liability to the Client.

The following limitations apply to the maximum extent permitted by applicable law and subject to Clause 5.4 below:

5.1 Financial Cap. GM Secure's total aggregate liability to the Client, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, arising out of or in connection with any Service Agreement shall not exceed the total Charges paid by the Client to GM Secure in the 3 months immediately preceding the event giving rise to the claim.

5.2 Excluded Losses. GM Secure shall not be liable, in any circumstances, for:

  • Loss of profits, revenue, business, contracts, or anticipated savings
  • Loss of or corruption to data or information
  • Business interruption or loss of business opportunity
  • Any indirect, special, or consequential loss or damage
  • Loss or damage caused by the Client's failure to comply with its obligations under these Terms or the Service Agreement
  • Loss or damage arising from the Client providing inaccurate, incomplete, or misleading information to GM Secure
  • Loss, theft, or damage to property not directly caused by the proven gross negligence of a GM Secure Officer on duty
  • Events occurring outside the agreed hours of deployment or outside the agreed Site boundaries

5.3 Security Limitations. The Client acknowledges that: (a) security services cannot guarantee the prevention of all criminal activity; (b) GM Secure Officers are not equipped or authorised to use force except in lawful self-defence or in the defence of others; (c) GM Secure cannot be held liable for criminal acts committed by third parties that could not reasonably have been prevented despite the exercise of professional care.

5.4 Exceptions. Nothing in these Terms limits or excludes GM Secure's liability for: (a) death or personal injury caused by GM Secure's negligence; (b) fraud or fraudulent misrepresentation; (c) any other liability that cannot lawfully be excluded or limited under the Unfair Contract Terms Act 1977 or the Consumer Rights Act 2015.

These limitations reflect a reasonable allocation of risk between commercial parties and are an essential element of the basis on which GM Secure provides its Services at the agreed Charges.

6. Insurance

GM Secure maintains the following insurance policies throughout the term of any Service Agreement:

  • Public Liability Insurance — covering third-party claims arising from our security operations
  • Employers' Liability Insurance — as required by the Employers' Liability (Compulsory Insurance) Act 1969
  • Professional Indemnity Insurance — covering claims arising from professional advice or services

Certificates of insurance are available on request. The existence of insurance does not extend GM Secure's liability beyond the limits set out in Clause 5.

7. Intellectual Property

All intellectual property rights in GM Secure's methodologies, procedures, reports, training materials, and documentation remain the exclusive property of GM Secure Ltd. The Client is granted a limited, non-transferable licence to use any deliverables solely for the purpose for which they were provided. The Client must not reproduce, distribute, or disclose GM Secure's proprietary materials to any third party without prior written consent.

8. Confidentiality

Each party agrees to keep confidential all information disclosed by the other party that is designated as confidential or that is of a confidential nature, and to use such information only for the purposes of the Service Agreement. This obligation survives termination of the Service Agreement for a period of 3 years. This clause does not apply to information that is or becomes publicly available through no fault of the receiving party, or is required to be disclosed by law or a court of competent jurisdiction.

The Client must not disclose the terms of any Service Agreement or the Charges paid to GM Secure to any third party without prior written consent, except to professional advisors bound by confidentiality.

9. Termination

9.1 Termination with Notice. Either party may terminate a Service Agreement by giving written notice as specified in the relevant agreement (minimum 4 weeks unless otherwise agreed). During the notice period, both parties shall continue to perform their obligations.

9.2 Immediate Termination by GM Secure. GM Secure may terminate a Service Agreement immediately, without liability, by written notice if the Client: (a) fails to pay any amount due and has not remedied the non-payment within 7 days of written demand; (b) commits a material breach of these Terms or the Service Agreement that is incapable of remedy or, if capable of remedy, fails to remedy it within 14 days of written notice; (c) becomes insolvent, enters administration, liquidation, or receivership; (d) engages in any unlawful activity or conduct that exposes GM Secure Officers to risk; or (e) acts in a way that brings GM Secure into disrepute.

9.3 Outstanding Charges. Termination of a Service Agreement does not affect any accrued right of GM Secure to receive Charges or other payments due before the date of termination.

10. Subcontracting and Assignment

GM Secure may subcontract the provision of Officers or elements of the Services to appropriately licensed and vetted third parties without prior consent from the Client, provided that all such Officers hold valid SIA licences. GM Secure remains responsible for the performance of subcontracted Services.

The Client may not assign, transfer, or subcontract any of its rights or obligations under a Service Agreement without GM Secure's prior written consent.

11. Force Majeure

GM Secure shall not be liable for any failure or delay in performing its obligations under a Service Agreement where such failure or delay results from circumstances beyond its reasonable control, including but not limited to: acts of God, extreme weather conditions, natural disasters, epidemic or pandemic, fire, flood, war, terrorism, civil unrest, strikes or industrial action (other than by GM Secure's own staff), government orders or regulations, or failure of third-party utilities or communications networks. GM Secure will notify the Client promptly and take all reasonable steps to resume performance.

12. Entire Agreement

These Terms, together with any written Service Agreement, constitute the entire agreement between GM Secure and the Client regarding the Services and supersede all prior representations, warranties, statements, agreements, negotiations, or understandings between the parties, whether oral or written. No variation of these Terms is effective unless made in writing and signed by an authorised representative of GM Secure.

13. Severability

If any provision of these Terms is found to be invalid, unlawful, or unenforceable by a court of competent jurisdiction, such provision shall be severed from the rest of these Terms, which shall continue in full force and effect. Where a provision is severed, the parties shall negotiate in good faith to replace it with a valid provision that achieves the same commercial intent.

14. Waiver

No failure or delay by GM Secure in exercising any right, power, or remedy under these Terms shall constitute a waiver of that right. A waiver of any breach does not constitute a waiver of any subsequent breach.

15. Governing Law and Jurisdiction

These Terms and any Service Agreement are governed by and construed in accordance with the laws of England and Wales. Each party irrevocably submits to the exclusive jurisdiction of the courts of England and Wales to resolve any dispute arising out of or in connection with these Terms or any Service Agreement.

Last Updated: January 2025  |  Next Review: January 2026

Data Protection Policy

1. Our Commitment

GM Secure Ltd is committed to full compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable data protection legislation. We are registered with the Information Commissioner's Office (ICO Registration No. ZB687885).

2. Data Protection Principles

All personal data processed by GM Secure is handled in accordance with the following principles (UK GDPR Article 5):

  • Lawfulness, Fairness & Transparency: Data is processed lawfully with clear notice to individuals
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not processed in a manner incompatible with those purposes
  • Data Minimisation: Only data that is adequate, relevant, and limited to what is necessary is collected
  • Accuracy: Data is kept accurate and up to date; inaccurate data is rectified or erased without delay
  • Storage Limitation: Data is retained only for as long as necessary for the stated purpose
  • Integrity & Confidentiality: Data is processed securely, protected against unauthorised access, accidental loss, or destruction
  • Accountability: GM Secure takes responsibility for and is able to demonstrate compliance with these principles

3. Employee and Officer Data

For security officers and employees, we process personal data including name, address, NI number, bank details, SIA licence number, DBS certificate details, emergency contact information, and employment records. This data is processed to fulfil employment contracts, comply with legal obligations (including SIA licensing requirements), and manage payroll and HR functions. Employee data is retained for 6 years following the end of employment.

4. BS 7858:2019 Vetting

All security officers supplied by GM Secure are vetted in accordance with BS 7858:2019 (Screening of individuals working in a secure environment). This includes identity verification, employment history checks, criminal record (DBS) checks, and right to work verification. This vetting data is processed under our legitimate interests and legal obligations and is held securely with restricted access.

5. Data Breach Response

In the event of a personal data breach, GM Secure will:

  • Contain the breach immediately upon discovery
  • Assess the risk to individuals affected
  • Notify the ICO within 72 hours of becoming aware, where the breach is likely to result in a risk to individuals' rights and freedoms
  • Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms
  • Document all breaches and the remedial action taken

6. Data Processing Agreements

Where GM Secure engages third-party processors to handle personal data on our behalf (e.g. payroll providers, IT support), we ensure that appropriate Data Processing Agreements (DPAs) are in place in accordance with UK GDPR Article 28. All processors are assessed to ensure they provide sufficient guarantees of technical and organisational security measures.

7. International Transfers

GM Secure does not routinely transfer personal data outside the United Kingdom. Where any transfer outside the UK is necessary, it will only take place if an adequacy decision is in place, appropriate safeguards are applied (such as Standard Contractual Clauses), or a valid exemption under UK GDPR applies.

Last Updated: January 2025  |  Next Review: January 2026

Cookie Policy

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites function efficiently and to provide information to website owners. This policy explains what cookies we use on gmsecure.co.uk and how you can manage them.

2. Our Use of Cookies

Essential Cookies

These cookies are strictly necessary for the website to operate and cannot be disabled. They include session management cookies and security authentication cookies. No consent is required for these under the Privacy and Electronic Communications Regulations (PECR).

Analytics Cookies

We may use analytics cookies (such as Google Analytics) to understand how visitors use our website, which pages are most popular, and how users navigate the site. This data is aggregated and anonymous and helps us improve our website. These cookies are only placed with your consent.

Functional Cookies

These cookies remember your preferences and choices to enhance your experience, such as retaining form data or your cookie consent decision.

3. Managing Your Cookie Preferences

You can control and delete cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of this website. Guidance on managing cookies in common browsers:

  • Google Chrome: Settings > Privacy and Security > Cookies and other site data
  • Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
  • Apple Safari: Preferences > Privacy > Manage Website Data
  • Microsoft Edge: Settings > Cookies and site permissions

You can also opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.

Last Updated: January 2025  |  Next Review: January 2026

Complaints Procedure

1. Our Commitment

GM Secure Ltd is committed to delivering the highest standards of professional security service. We take all complaints seriously, investigate them thoroughly, and aim to resolve them promptly, fairly, and transparently. Making a complaint will not affect the service you receive from us.

2. How to Submit a Complaint

Please submit your complaint in writing, including your full name, contact details, nature of the complaint, date(s) of the incident, and any supporting evidence:

  • Email: info@gmsecure.co.uk (subject line: "Formal Complaint")
  • Telephone: +44 794 782 2002 or +44 204 502 5752
  • Post: Office 6429, 321-323 High Road, Chadwell Heath, Romford, Essex RM6 6AX

3. Our Response Timelines

  • Acknowledgement — within 2 working days: We will confirm receipt of your complaint and provide a reference number
  • Investigation — within 5 working days: We will conduct a thorough investigation, including reviewing all relevant records and speaking with the staff involved
  • Written Response — within 10 working days: We will provide a full written response setting out the outcome of our investigation, any action taken, and any steps being taken to prevent recurrence

Where a matter is complex, we may require additional time. We will inform you of this and provide a revised timescale.

4. Escalation and External Bodies

If you are not satisfied with our final response, you may escalate your complaint to:

  • Security Industry Authority (SIA) — for complaints relating to the conduct or licensing of security officers: sia.homeoffice.gov.uk
  • Information Commissioner's Office (ICO) — for complaints relating to data protection or privacy: ico.org.uk | 0303 123 1113
  • Companies House — for complaints relating to company matters: gov.uk/contact-companies-house

5. Confidentiality

All complaints are treated in the strictest confidence. Information relating to your complaint will only be disclosed to those within GM Secure who need to know in order to investigate and resolve it, in accordance with our Data Protection Policy and UK GDPR.

6. Vexatious or Malicious Complaints

GM Secure reserves the right to decline to investigate or respond to complaints that are found to be vexatious, frivolous, or made in bad faith. In the event that a complaint constitutes defamation, harassment, or a malicious falsehood, GM Secure reserves all legal rights to take appropriate action under applicable UK law.

Last Updated: January 2025  |  Next Review: January 2026