Olympus Security (UK) Ltd is an award-winning event and venue security specialist dedicated to achieving excellence in crowd management. Based on core commitments to safety and customer service for more than 15 years, our team of skilled security professionals have serviced hundreds of events at over 30 venues, managing the safety of thousands of people at venues, sports, concerts, festivals and public events each year.
We respect your right to privacy. We put in place security measures for your personal data and manage your personal data in accordance with applicable data privacy regulations.
Please note that Olympus Security (UK) Ltd (referred to in this policy varyingly as ‘the Company’, ‘we’, ‘our’ and ‘us’) is the Data Controller of your personal data. The principles set out in this Privacy Notice apply to all instances in which we receive your personal data as a Data Controller for the purposes described in this notice, to participate in the various activities available on this website or as mentioned below. Olympus Security (UK) Limited are responsible for this website: www.olympus-securityuk.co.uk
We are a company registered in the United Kingdom under registration number 07241139 and our registered address is Manor Court Chambers, 126 Manor Court Road, Nuneaton, Warwickshire, CV11 5HL United Kingdom. We are registered with the Information Commissioner’s Office under registration number Z2843180.
If you have any requests concerning your personal data or any queries with regard to these practices please contact Pat Strutt, Managing Director via:
Tel: +44 (0)1242 255 383
1. Personal data we collect through this website
We only collect personal data that either you want to provide to us, or that is needed to provide (and improve) our service to you. We collect personal data directly from individuals who contact us, such as name, age, gender, address and e-mail address; we also collect some connection and system information through website analytics software, known as cookies.
The legal basis for the processing of your personal data in most instances will be legitimate interests in engaging in commerce, providing you with information about our services, responding to questions and comments, or based on your consent, although other applicable legal bases may sometimes apply. Where consent is the basis, this may be withdrawn at any time by following the contact methods listed above.
2. How we use your personal data
Your personal data will only be used for the purposes for which you provided it to us, as indicated to you at the time you provided your personal data.
It will also be used to administer, support and obtain feedback on the level of our services, to help prevent breaches of security, uphold the law or deliver on our contract terms.
It may also be disclosed, including a disclosure to entities based outside the European Economic Area (“EEA”), to third parties (as part of the information generally contained in business) in the event of a sale of the business, or a reorganisation of the business, or as otherwise required or permitted by law or applicable regulator.
3. Lawful basis for processing
For the most part our processing of your personal information is necessary on one or more of the following lawful grounds:
- for the performance of a contract or service agreement to which you will be a party, or in order to take steps to enter into such a contract with you;
- for the purposes of legitimate interests pursued by the company or our clients, suppliers or authorised third parties (e.g. SIA, DBS etc.);
- for the performance of a public interest task, or in exercising our official authority as a data controller;
- to protect the vital interests of yourself or others during the course of carrying out our services;
- in order to comply with a legal obligation to which we are subject as an organisation (e.g. HMRC, law enforcement authorities etc).
Additionally, processing of your special category information is necessary, depending on the situation and the processing activities, on one or more of the following lawful grounds:
- carrying out the obligations and exercising specific rights placed on us as the data controller in the field of employment and social security law or for regulated industry purposes;
- for preventative or occupational medical reasons, or assessing fitness for work;
- to protect the vital interests of yourself or others;
- in the interests of public health and safety, or for reasons that are of substantial public interest;
- to establish, exercise or defend legal claims or court proceedings; or
- where applicable and appropriate, based on your explicit informed consent.
4. Sharing your personal data
We will never share your personal data with any third-party (i.e. a party other than an entity within the Olympus Security group of direct suppliers and customers) that intends to use it for their own purposes, other than as required by law or specifically instructed by us.
We will share your personal data with third-parties such as those who assist us in providing our services and who perform technical operations, but only in the strictly limited circumstances set out below:
- Our “Third-Party Data Processors” (professional service providers such as our business partners, contractors, service providers and affiliates, and digital or web design agencies, physical or cloud hosting providers, data storage providers, and other technical partners) who support our business (e.g. our accountant) or who administer this website or process the data submitted to it, may have access to your data in a limited form;
- Companies that help us fulfil our services to our customers;
- Our accountancy provider.
Some of these business partners may be located outside the country where you accessed this website.
If circumstances require it, we will also need to share your personal information with:
- law enforcement agencies, other governmental agencies or third parties if we are required by law to do so. You will be informed as appropriate or applicable in such instances, if they are unusual or subsequent to / outside of the usual data processing that would occur through the course of our relationship with you.
5. Transferring your information overseas
The information that we collect from you will on occasion be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), for example if one of our clients, suppliers, business partners or trusted third parties are based overseas; this could include companies in the United States.
When we, or our permitted third parties, transfer your information outside the European Economic Area, we or they will impose obligations on the transferrers and the recipients of that data to protect your information to the standard required in the UK and the EEA, or otherwise require the recipient to subscribe to international frameworks intended to enable secure data sharing. In the case of transfers by us, we will put in place appropriate safeguards to ensure that your information remains adequately protected.
If data is transferred from within the EEA to a jurisdiction outside the EEA, it is done so under a Data Transfer Agreement, which contains standard data protection contract clauses. The European Commission has adopted standard data protection contract clauses (known as the Model Clauses), which provide safeguards for personal information that is transferred outside of Europe. We use Model Clauses when transferring personal data outside of Europe.
The server that makes this website available may be located outside the country from which you have accessed this website. The provider of this website is bound by a contract that ensures your data is managed in accordance with EU Data Protection laws and that it acts only on our instructions and implements all technical measures necessary on an ongoing basis to keep your personal data secure.
For transfers to the United States we will conduct due diligence to ensure that these businesses subscribe to the EU-U.S. Privacy Shield regulations. If you would like more details about the safeguards that we rely on, please contact the Managing Director via the contact details at the top of this Policy.
6. Company Security Measures
The Company takes security measures in line with data protection regulations; we have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to all data.
Only authorised Olympus Security employees, and authorised employees of our Third-Party service providers’ processing data on our behalf, have access to the personal data we process. All our employees who have access to personal data are required to adhere to the Olympus Security Data Protection Policy. Third-party service providers and sub-contractors are requested by Olympus Security to ensure that they and their employees who have access to your personal data follow as rigorous a process to ensuring data security and privacy. This is written into any service agreements we may have with other parties wherever we have the authority to do so.
Written contracts are also in place with such third-party service providers acting as data processors for us that have access to your personal data, to ensure that adequate levels of security and restricted access is in place by default, and that personal data is processed only as instructed by us.
7. Your Rights
Depending on the data being processed, and the lawful basis und which we are processing it, you have the right:
- to request access to or a copy of any information which we hold about you;
- to rectification of your information, if you consider that it is inaccurate;
- to ask us to delete your information, if you consider that we do not have the right to hold it;
- to withdraw consent to our processing of your information (to the extent such processing is based on previously obtained consent);
- to restrict processing of your information;
- to data portability (moving some of your information elsewhere) in certain circumstances;
- to object to your information being processed in certain circumstances.
There are exceptions to these rights, e.g. access to personal data may be denied in some circumstances if making the information available would reveal personal information about another person, cause genuine harm or distress to someone, or where we are legally prevented from deleting or disclosing information for other retention purposes.
Any request for access to, or a copy of, your information must be in writing to the contact details outlined at the beginning of this policy; we will endeavour to respond within a reasonable period and in any event within one month in compliance with data protection legislation, per our Data Subject Access Policy. We will comply with our legal obligations as regards your rights as a data subject and will aim to ensure that the information we hold about you is accurate at all times.
8. ‘Cookies’ and other similar technologies
We will not disclose cookies data to any third parties, and it will not be used for unsolicited communications. Cookies located on your computer do not contain your name, but they do log an IP address, which is classed as personal data under current UK and EU data protection law.
Please ensure that your computer setting reflects whether you are happy to accept cookies or not. You can set your browser to warn you before accepting cookies or to send a ‘Do Not Track’, or you can simply set it to refuse them, although you may not have access to all the features of the website if you do so. Check your browser’s “Help” button for how you can do this. Some Flash Cookies may not be affected by such settings.
You do not need to have cookies on to use or navigate through many parts of our website. Remember that if you use different computers in different locations you will need to ensure that each browser is adjusted to suit your cookie preferences.
9. Olympus Security’s policy on collecting data from children
We do not collect personal data from children under the age of 16. There may be occasions when our CCTV and ANPR (automatic number plate recognition) systems capture images of children who visit the sites we manage security for, but these are not stored beyond the retention periods for the systems, and the data in these systems has strictly restricted access. Should you have any queries regarding potential personal data processing by the Company of children, please contact the Managing Director via the contact details at the top of this Policy.
10. Retention of personal data
We will retain your information only for as long as is necessary for the purposes set out in this policy, and will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, and enforce our agreements.
We also retain log files for internal analysis and insurance purposes. These log files are generally retained for a short period of time, except where they are used for website security, to improve website functionality, or we are legally obligated to retain them for longer time periods.
Please contact the Managing Director via the contact details at the top of this Policy for more information about our data retention practices.
11. Links to other websites
If you have any concerns about our use of your information, you also have the right to make a complaint to the data protection regulator in your country.
For UK residents this is the Information Commissioner’s Office (ICO), which regulates and supervises the use of personal data in the UK.
The Information Commissioner’s Information Commissioner’s Office, also known as the ICO, is the UK’s Supervisory Authority for data protection legislation:
|https://ico.org.uk/ – there is a web chat option online during office hours
|0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number
|01625 524 510
|Head Office Postal Address:
|Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
If we believe that the changes are material, we’ll let you know by doing one (or more) of the following:
- posting the changes on this site, or
- sending you an email or message about the changes.
Changes will be effective upon the posting or publishing of the revised Policy on our website.