Phion Security Logo
PhionSecurity

Privacy Policy

Last updated: 2026-01-20

Welcome to the privacy policy of Phion Security Limited ("we", "us", or "our"). We are committed to protecting your personal data and respecting your privacy.

This policy explains how we collect, use, store, and share your personal data when you visit our website (phionsecurity.com) or engage our security and IT consultancy services.

1. Who We Are

Phion Security Limited is the data controller responsible for your personal data.

Company Number:
SC706916
Registered Address:
10 McIntosh Parade, Kirkcaldy, Scotland, KY2 6RA

2. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data: First name, last name, username, or similar identifier.
  • Contact Data: Billing address, email address, and telephone numbers.
  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform.
  • Transaction Data: Details about payments to and from you and other details of services you have purchased from us.
  • CCTV & Security Data: If we manage security systems on your behalf or if you visit our premises, we may process video footage or access logs.

3. How We Collect Your Data

We use different methods to collect data from and about you including:

  • Direct interactions: You may give us your data by filling in forms or by corresponding with us by post, phone, email, or otherwise.
  • Automated technologies: As you interact with our website, we may automatically collect Technical Data about your equipment and browsing actions (via cookies).
  • Third parties: We may receive personal data about you from analytics providers (such as Google Analytics) or background check providers where legally permissible.

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Contract

To perform the contract we are about to enter into or have entered into with you.

Legitimate Interests

Where necessary for our interests (or those of a third party) and your rights do not override them.

Legal Obligation

Where we need to comply with a legal or regulatory obligation (e.g., tax reporting).

5. Disclosures of Your Data

We may have to share your personal data with the parties set out below:

  • Service providers acting as processors who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors, and insurers.
  • HM Revenue & Customs, regulators, and other authorities.
  • Specific security sub-contractors (only where strictly necessary for installation or monitoring services).

6. International Transfers

Many of our external third parties (such as cloud service providers or analytics services) are based outside the UK, so their processing of your personal data will involve a transfer of data outside the UK.

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. By law, we have to keep basic information about our customers for six years after they cease being customers for tax purposes.

9. Your Legal Rights

Under the UK GDPR, you have rights in relation to your personal data, including the right to request access, correction, erasure, restriction, transfer, or to object to processing.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

10. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us.

Address10 McIntosh Parade, Kirkcaldy, Scotland, KY2 6RA
Emailemail@phionsecurity.com