• Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
• Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
• Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).
• Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie Name	Purpose Our website uses technology to collect information about its use, to distinguish between users, to help us provide you with a good experience and to allow us to improve the site and the service we offer. This means that when you visit our website, cookies or similar technologies will be placed on your computer or other device.
Tracker Code	Because we use website hit tracking technology on our website, this allows us to see how our website is ranking and how it gets found online. The data that our tracker stores includes your location, IP address, device type and ISP (Internet Service Provider)

Third Party cookies

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

Our website uses third party cookies from the providers found in the table below, if you require further information about what those cookies are or how they are used, you should contact those providers directly.

Third Party Name Facebook Pinterest Google Plus Twitter Google

Additional You can choose to share content from our site with others via the social networks listed on the left, and so you may be sent cookies from these websites. We utilise the online advertising services of the third party companies listed on the left, and each of their sites use may set cookies to help identify which adverts are clicked on/interacted with.

How do I block cookies?

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Definitions

“Personal data” is any information that relates to a living individual who can be identified from that information. Processing is any use that is made of data, including collecting, storing, amending, disclosing or destroying it “Special categories of personal data” means information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation and genetic and biometric data. “Criminal records data” means information about an individual’s criminal convictions and offences, and information relating to criminal allegations and proceedings.

Data Protection Principles

The company follows the following data protection principles:

• The organisation processes personal data lawfully, fairly and in a transparent manner.
• Collects personal data only for specified, explicit and legitimate purposes.
• Processes personal data only where it is adequate, relevant and limited to what is necessary for the purposes of the processing.
• Keeps accurate personal data and takes all reasonable steps to ensure that inaccurate personal data is rectified or deleted without delay.
• Keeps personal data only for the period necessary for processing.
• Adopts appropriate measures to make sure that personal data is secure, and protected against unauthorised or unlawful processing, and accidental loss, destruction or damage.
• Tells individuals the reasons for processing their personal data, how it uses such data and the legal basis for processing in its privacy notices. It will not process personal data of individuals for other reasons. Where the organisation relies on its legitimate interests as the basis for processing data, it will carry out an assessment to ensure that those interests are not overridden by the rights and freedoms of individuals.

Where the organisation processes special categories of personal data or criminal records data to perform obligations or to exercise rights in employment law, this is done in accordance with a policy on special categories of data and criminal records data.

The company will update personal data promptly if an individual advises that his/her information has changed or is inaccurate.

The company keeps a record of its processing activities in respect of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR).

Subject Access Request

Individuals have the right to request a subject access request. If an individual makes a subject access request, the organisation will tell him/her:

• Whether or not his/her data is processed and if so, why the categories of personal data concerned and the source of the data if it is not collected from the individual;
• To whom his/her data is or may be disclosed, including to recipients located outside the European Economic Area (EEA) and the safeguards that apply to such transfers;
• For how long his/her personal data is stored (or how that period is decided);
• His/her rights to rectification or erasure of data, or to restrict or object to processing;
• His/her right to complain to the Information Commissioner if he/she thinks the organisation has failed to comply with his/her data protection rights; and
• Whether or not the organisation carries out automated decision-making and the logic involved in any such decision-making.

The company will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically unless he/she agrees otherwise. If the individual wants additional copies, the company will charge a fee, which will be based on the administrative cost to the company of providing the additional copies.

The company will normally respond to a request within a period of one month from the date it is received. In some cases, such as where the company processes large amounts of the individual’s data, it may respond within three months of the date the request is received. The company will write to the individual within one month of receiving the original request to tell him/her if this is the case.

Other Rights

Individuals have other rights in relation to their personal data. They can require the organisation to:

• Rectify inaccurate data;
• Stop processing or erase data that is no longer necessary for the purposes of the processing;
• Stop processing or erase data if the individual’s interests override the organisation’s legitimate grounds for processing data (where the organisation relies on its legitimate interests as a reason for processing data);
• Stop processing or erase data if the processing is unlawful; and
• Stop processing data for a period if data is inaccurate or if there is a dispute about whether or not the individual’s interests override the organisation’s legitimate grounds for processing data.

Data Breaches

If the company discovers that there has been a breach of personal data that poses a risk to the rights and freedoms of individuals, it will report it to the Information Commissioner within 72 hours of discovery. The organisation will record all data breaches regardless of its effect.

If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures it has taken.

Individual Responsibilities

Individuals are responsible for helping the company keep their personal data up to date. Individuals should let the company know if data provided to the organisation changes, for example if an individual change their contact number and or email address.

Raycore security employees may have access to the personal data of external Stakeholders in the course of their employment, contract, volunteer period, internship or apprenticeship. Where this is the case, the organisation relies on individuals to help meet its data protection obligations to staff and to all stakeholders.

Training

The organisation will provide awareness training to all individuals about their data protection responsibilities as part of the induction process and at regular intervals thereafter. Information relating to GDPR including fact sheets and guidance will be regularly updated.

Individuals whose roles require regular access to personal data, or who are responsible for implementing this policy or responding to subject access requests under this policy, will receive additional training to help them understand their duties and how to comply with them.