Privacy Policy Statement
Last Updated: [Date]
Introduction
At Gavin Malone Electrical Limites (trading as "GME Security, GME Fire & Security"), we take the privacy and security of your personal information very seriously. Given the nature of our business:-fire protection and security systems; we understand that the trust you place in us extends to protecting not just your physical premises, but your data as well.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website GMESecurity.ie, use our services, or engage with us as a customer, supplier, or business partner.
We are committed to processing personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
1. Who We Are (The Data Controller)
For the purposes of data protection laws, the "Data Controller" responsible for your personal data is:
Gavin Malone Electrical Limited
Block B
Maynooth Business Campus
Maynooth Co. Kildare
W23 W5X7
Company Registration Number: CRN: 455089
If you have any questions about this policy or how we handle your data, please contact our Data Protection Lead at:
Email: privacy@gmesecurity.ie
Phone: +353-1-9630126
2. The Data We Collect
We collect different types of information depending on your relationship with us. Due to the specific nature of fire and security services, some of this data is sensitive regarding your property arrangements.
We may collect and process the following categories of personal data:
Identity and Contact Data:
Names, job titles, email addresses, telephone numbers, and billing addresses of clients, keyholders, and business contacts.
Property and Site Data:
Addresses of protected premises, site maps, floor plans, security system configurations, alarm codes (stored securely and encrypted), fire risk assessments, and details of existing hardware/software installations.
Emergency Data:
Contact details for nominated keyholders and emergency contacts to be used by us or Monitoring Stations during an alarm activation or fire event.
Financial and Transaction Data:
Bank account details (for processing payments), details of payments to and from you, and details of services or products you have purchased from us.
Technical and Usage Data (Website):
IP address, browser type, time zone setting, operating system, and information about how you use our website (collected via cookies).
Service Data:
Records of installation dates, maintenance logs, service calls, and correspondence related to your systems.
CCTV/Video Data (If applicable):
If we manage CCTV systems on your behalf or use CCTV at our own premises: We may process video footage for security purposes.
3. How We Collect Your Data
We collect data through several methods:
-
Direct Interactions: When you fill in forms on our website, contact us by phone or email, request a quote, sign a service contract, or hand over business cards at events.
-
Site Surveys: When our engineers visit your premises to assess requirements for fire or security systems.
-
Automated Technologies: As you interact with our website, we may automatically collect technical data about your computer and browsing actions via cookies.
-
Connected Systems: If your fire or security systems are monitored or connected to the cloud, we receive data regarding system status, faults, and activations.
-
Third Parties: We may receive data from main contractors, facility management companies, or credit reference agencies.
4. Why We Use Your Data and Our Legal Basis
Under data protection law, we must have a valid "legal basis" for processing your data. We rely on the following bases:
| Purpose/Activity | Type of Data | Legal Basis for Processing |
| To register you as a new customer and provide quotes/surveys. | Identity, Contact, Property | Performance of a Contract (or taking steps prior to entering one). |
| To install, maintain, and service your fire and security systems. | Identity, Contact, Property, Service Data, Financial | Performance of a Contract. |
| To facilitate alarm or fire monitoring services. | Identity, Contact, Property, Emergency Data | Performance of a Contract. |
| To manage our relationship with you (e.g., billing, notifying you of service updates or contract renewals). | Identity, Contact, Financial, Service Data | Performance of a Contract; Necessary for our Legitimate Interests (to keep records updated and study customer needs). |
| To comply with legal obligations (e.g., tax authorities, Health & Safety, Fire Safety regulations). | Contact, Financial, Service Data | Compliance with a Legal Obligation. |
| To administer and protect our business and this website (including troubleshooting, data analysis, and system testing). | Technical, Usage Data | Necessary for our Legitimate Interests (for running our business, provision of administration and IT services, and network security). |
| To send you marketing communications about similar products/services. | Identity, Contact | Necessary for our Legitimate Interests (to grow our business). You can opt-out at any time. |
5. Sharing Your Personal Data
We do not sell your data. However, in the course of providing professional fire and security services, we may need to share your data with trusted third parties:
-
Alarm Receiving Centres (ARCs) / Monitoring Stations: If you contract us for monitored alarms or CCTV, we must share site details, keyholder info, and system protocols with the NSI/SSAIB approved monitoring station to facilitate emergency response.
-
Subcontractors and Specialist Engineers: We may use vetted subcontractors for specific installation or specialist maintenance tasks.
-
Emergency Services: In the event of a confirmed fire or security incident at your premises, data may be shared with Police, Fire, or Medical services.
-
IT and Cloud Service Providers: Companies who provide us with business software, CRM systems, cloud storage, and email hosting.
-
Professional Advisers: Lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
-
Regulatory Bodies: Bodies such as the NSI (National Security Inspectorate), SSAIB, or BAFE, who may audit our records to ensure compliance with industry standards.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
6. International Data Transfers
We operate primarily within the European Economic Area (EEA)
However, some of our external third-party service providers (e.g., cloud software providers) may be based outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
-
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the relevant authorities; or
-
Where we use certain service providers, we may use specific contracts approved for use in the EU which give personal data the same protection it has in the EU (Standard Contractual Clauses).
7. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed.
Given the sensitive nature of security system data (such as alarm codes and floor plans), we utilise enhanced security protocols, including encryption and strictly limited access controls restricted to necessary personnel only.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
-
By law, we have to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for 6 years after they cease being customers for tax purposes.
-
Site-specific technical data related to installed systems may be kept for the lifetime of the system to ensure continued maintenance and safety capability.
9. Your Legal Rights
Under data protection laws, you have rights in relation to your personal data, including the right to:
-
Request access to your personal data (a "data subject access request").
-
Request correction of the personal data that we hold about you.
-
Request erasure of your personal data (where there is no good reason for us to continue processing it).
-
Object to processing of your personal data where we are relying on a legitimate interest (or for direct marketing purposes).
-
Request restriction of processing of your personal data.
-
Request the transfer of your personal data to you or a third party.
-
Withdraw consent at any time where we are relying on consent to process your data.
If you wish to exercise any of these rights, please contact us using the details provided in Section 1.
10. Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy: [Insert Link to Cookie Policy].
11. Third-Party Links
This website may include links to third-party websites and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
12. Changes to This Policy
We keep our privacy policy under regular review. This version was last updated on the date at the top of this page.
13. Complaints
You have the right to make a complaint at any time to the relevant data protection supervisory authority. In Ireland, this is the Data Protection Commission (DPC) (www.dataprotection.ie).
We would, however, appreciate the chance to deal with your concerns before you approach the authority, so please contact us in the first instance.