The Bridge Group Privacy Statement
The Bridge Group Bromley Limited, its business units and Subsidiary Companies (Bridge Security Limited, Bridge Fleet Solutions Limited, Bridge Parking and Asset Management, Bridge Fire and Alarm Services Limited, Bridge Security Investments Ltd, Bridge Northern Limited, Bridge Vision Limited, MM Electrical and Building Services Limited, Seco Construction Services Limited, Urban Brickwork Limited and Fitness In Services Ltd) are committed to protect and respect your privacy in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th, 2016. This Privacy Statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies to the use of our services, systems, products and to our sales, marketing and customer contract fulfilment activities. It also applies to individuals seeking a job at The Bridge Group and its subsidiaries.
Who are we?
The Bridge Group is the gateway to all the latest technology and innovation in security, vehicle tracking and safety systems, guarding and all other aspects of security and facilities management including scaffolding, building and electrical services. Our company’s headquarters are in Bromley, Kent. The Bridge Group Head Office is the data controller and our Data Protection Officer can be contacted by email: info@thebridgegroup.uk.com
Security
The Bridge Group and its subsidiaries are committed to protecting and respecting your privacy. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. For example, we store the personal information you provide on computer systems with limited access that are in facilities to which access is limited. For sites to which you log in, it is your responsibility to ensure the security of your password and not to reveal this information to others. When you move around a site to which you have logged in, or from one site to another that uses the same login mechanism, we verify your identity by means of an encrypted cookie placed on your machine.
Reviewing your personal information
In some cases, you can review and correct personal information provided through our systems on sites by going to the page on which you provided the information. In all cases, you can make a request to review and correct your personal information that is collected via our systems for these sites or that you provided when you contacted us or ask The Bridge Group to stop using it by contacting us using the contact information listed. We may take steps to verify your identity before providing you access to your personal information. You can help us to maintain the accuracy of your information by notifying us of any change to your mailing address, phone number or e-mail address.
How does The Bridge Group ensure the security of customer data?
The Bridge Group and its subsidiaries have always been committed to securing our customers’ data. Accordingly, the requirement in Article 32 GDPR to take steps to ensure the security of the data we process is nothing new, and we are continuously evolving to keep pace with changing technologies and cyber security threats. The Bridge Group keeps our customers’ data secure by enforcing policies and procedures outlined in regulatory requirements and by implementing industry best practises and critical control frameworks. Obligations include topics such as access management, asset and change management, data protection, vulnerability management, incident and event management response, responsible disclosure, and business continuity and physical security. Applications and products are developed and implemented in accordance with these control obligations and The Bridge Group secure software development cycle.
When do we collect personal data about you?
- When you are using our products
- When you interact with us in person, through correspondence, by phone, by social media, or through
our websites - When we collect personal information from other legitimate sources, such as third-party data
aggregators, public sources or social networksWe only use this data if you have given your consent to share your personal data with others.
We may collect personal data if it is considered to be of legitimate interest and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and The Bridge Group.
Why do we collect and use personal data?
We collect and use personal data mainly to perform direct sales, direct marketing and customer service. We also collect data about suppliers, partners and persons seeking a job or working in our company.
We may use your information for the following purposes:
- To send you marketing communications which you have requested. These may include information about our products and services, events, activities, and promotions of our associated subsidiaries’ products and services. This communication is subscription based and requires your consent
- To send you information about the products and services that you have purchased from us
- To perform direct sales activities in cases where legitimate and mutual interest is established
- To provide you content and venue details on a webinar or event you signed up for
- To reply to an ‘Enquire Now’ or other web forms you have completed on www.thebridgegroup.uk.com
- To follow up on incoming requests (customer support, emails, chats, or phone calls)
- To perform contractual obligations such as order confirmation, license details, invoice, reminders, and similar
- To be shared with The Bridge Group directly or with a Group subsidiary
- To notify you about any disruptions to our services
- To contact you to conduct surveys about your opinion on our products and services
- To process a job application
- Our legal basis for collecting personal data
- To collect personal data based on consents
- The collection of personal data based on consent from the data subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consents will always be stored and documented in our systems
- To collecting personal data based on contracts
- We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers
- To collect personal data based on legitimate interest
We may use personal data if it is considered to be of legitimate interest, and if the privacy interests of the data subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between The Bridge Group and the individual person has been identified. This legal basis is primarily related to our sales and marketing purposes. We will always inform individuals about their privacy rights and the purpose for collecting personal data.
What type of personal data is collected?
We collect name, phone number, title and email address, in addition to your company’s name and contact information. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as meetings, phone calls, documents, and emails. For our websites we may collect IP-address and actions taken on the site. If you upload photos or videos, add posts or comments, etc. on our social media websites the information can be read by anyone with access to these social media websites and used for purposes over which The Bridge Group or you have no control. Therefore, The Bridge Group or subsidiaries mentioned are not responsible for any information you submit to the social media websites.
If you apply for a job at The Bridge Group or its subsidiaries, we collect the data you provide during the application process.
The Bridge Group and its subsidiaries do not collect or process any special categories of personal data, such as public unique identifiers or sensitive personal data.
How long do we keep your personal data?
We store personal data for as long as we find it necessary to fulfil the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes. This means that we may retain your personal data for a reasonable period after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymised.
Your rights to your personal data
You have the following rights with respect to your personal data:
- The right to request a copy of your personal data that The Bridge Group or its subsidiaries holds about you
- The right to request that The Bridge Group corrects your personal data if inaccurate or out of date
- The right to request that your personal data is deleted when it is no longer necessary for The Bridge Group or its subsidiaries to retain such data
The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing - The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing communications
If you want to withdraw your consent to e-marketing, please make use of the link to manage your subscriptions included in our communication. Please note that you may still receive system messages and administrative communications from The Bridge Group, such as order confirmations, system messages and notifications about your account activities.
The right to request that The Bridge Group provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
Any query about your Privacy Rights should be sent to info@thebridgegroup.uk.com
The use of cookies and beacons
We do not share, sell, rent, or trade your information with any third parties without your consent, except from what is described below:
Third-party Service Providers working on our behalf:
We may pass your information on to our distributors, agents, sub-contractors and other associated organisations with the purpose of them providing services to you on our behalf.
Third-party Product Providers we work in association with:
We work closely with various third-party product providers to bring you a range of products and services. When you enquire about or purchase one or more of these products, the relevant third-party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered with them. These third-party product providers will share your information with us, which we will use in accordance with this Privacy Statement.
If required by law:
We will disclose your personal information if required by law or if we, as a company, reasonably believe that disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.
Use of sub-contractors (processors and sub-processors):
We may use sub-contractors to process personal data on our behalf, we are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation by signing a Data Processing Agreement.
If the sub-contractor processes personal data outside the EU/EEA area, such processing must be in accordance with the EU Privacy Shield Framework, EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.
Changes to this Privacy Statement
The Bridge Group reserves the right to amend this Privacy Statement at any time. The applicable version will always be found on our websites. We encourage you to check this Privacy Statement occasionally to ensure that you are happy with any changes. If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.
Your right to complain with a supervisory authority
If you are unhappy with the way in which your personal data has been processed, you may, in the first instance, contact info@thebridgegroup.uk.com.
If you remain dissatisfied, then you have the right to apply directly to your national supervisory authority for a decision. The supervisory authorities can be contacted at United Kingdom Information Commissioner’s Office (ICO), ico.org.uk