Privacy Policy
This Privacy Policy was last updated on October 17, 2022.
1. About this Policy
For all of us at Securus Software Limited, the protection of personal data is of paramount importance and we go to great lengths to ensure that we collect and use personal data lawfully and only for specific purposes.
This Policy applies to any personal data which we process about job applicants and past employees, personnel of customers, suppliers, partners and other organisations who we work with as part of our business operations, visitors to our website and users of our products and services (each of which we refer to in this Policy as “data subject” or “you”).
In this Policy we explain the things which we think are important for you to know about the personal data we collect from you such as who we are, how we use your data, how we protect your data and who we may share your data with. We also explain the rights you have in relation to your personal data which we hold. Finally, there’s a bit about cookies – what they are and how to get rid of them if you don’t want them. If you have any questions relating to how we handle your personal data, please write or email us at the contact address set out below.
This Policy does not cover the links within our website linking to other websites. We encourage you to read the privacy statements of the other websites you visit.
Securus Software Limited is committed to keeping information provided by you confidential and we shall always be transparent with you about how we are using your details to comply with the GDPR (General Data Protection Regulation).
2. About us
Securus Software Limited (“Securus”) is a limited company established in England with company registration number 04613837.Our registered address is at LAN2LAN House, Brook Way, Leatherhead, Surrey, KT22 7NA and our primary business address is at LAN2LAN House, Brook Way, Leatherhead, Surrey, KT22 7NA. We are registered with the Information Commissioners Office under registration number Z1647176.
We act as both a data controller and a data processor under the GDPR.
We are a data controller in relation to your personal data because we decide what your personal data can be used for and how the personal data is processed. We collect your personal data in the legitimate interests of carrying out business with the organisation you work for or represent.
We are a data processor in the context of providing Customers, such as schools and colleges, with our Securus software solutions, and the Customer is the data controller.
Where we process personal data on behalf of another company or organisation, we will be doing so as a data processor and our processing will be governed by a contract which we will have with the data controller who will have their own separate privacy notice which will apply.
3. About your personal data
The personal data we collect, the purpose(s) we use it for and the lawful basis we hold it will vary depending on the category of the person it relates to. To help explain this, we have set out these separate categories as follows:
4. Customer Personnel
4.1 What personal data we collect
We may collect your personal data when you correspond with us on behalf of the company or organisation that you work for.
The personal data we collect will typically include your name, the name and address of the company or organisation you work for, your business telephone number, your mobile telephone number if you provide it and your company or organisation email address.
4.2 How we use your personal data
We will use your personal data only to correspond with you in the course of business conducted between us and the organisation you work for or represent. This may include notifying you about existing products and services which we provide to your organisation, informing you about new products and services which we think your organisation may be interested in, for billing and payment and also to provide your organisation with timely customer support.
4.3 The lawful basis for our collection and use of the personal data
Our processing of this personal data is necessary for the purposes of our legitimate interests in carrying out business with the organisation which you work for or represent and to correspond with you.
5. Supplier Personnel
5.1 What personal data we collect
We may collect your personal data when you correspond with us on behalf of the company or organisation that you work for.
The personal data we collect will typically include your name, the name and address of the company or organisation you work for, your business telephone number, your mobile telephone number if you provide it and your company or organisation email address.
5.2 How we use your personal data
We will use your personal data only to correspond with you in the course of business conducted between us and the organisation you work for or represent. This may include contacting you in connection with existing products and services which your organisation provides to us, for billing and payment, for support and in response to your enquiries.
5.3 The lawful basis for our collection and use of the personal data
Our processing of this personal data is necessary for the purposes of our legitimate interests in carrying out business with the organisation which you work for or represent and to correspond with you.
6. Prospective Customers
6.1 What personal data we collect
We may collect your personal data in connection with marketing events, sales opportunities or in response to requests for information which you have made to us.
The personal data we collect will typically include your name, the name and address of the company or organisation you work for, your business telephone number, your mobile telephone number if you provide it and your company or organisation email address.
6.2 How we use your personal data
We will use your personal data only to correspond with you in connection with our provision of products and/or services to the organisation you work for or represent.
6.3 The lawful basis for our collection and use of the personal data
Our processing of this personal data is necessary for the purposes of our legitimate interests in offering products and/or services to the organisation which you work for or represent and to correspond with you.
7. Visitors to our website
7.1 What personal data we collect
When you visit our website, we may collect your personal information where you submit a form containing your personal data or where the website helps you send an email to us.
The personal data we collect will typically includes your name (“First Name”, “Last Name”), job title (“Position”), the company or organisation you work for (“Establishment Name”), email address (“Email”) and the information contained in any correspondence with you.
7.2 How we use your personal data
We will use your personal data only for the purpose of communicating with you in response to your enquiries.
7.3 The lawful basis for our collection and use of the personal data
Our processing of this personal data is necessary for the purposes of our legitimate interests in providing our products and/or services to you.
8. Users of our Software
8.1 What personal data we collect
Providing the Securus software and services includes collecting the Customer issued computer user names, Customer names, Internet Protocol (IP) address, browser type, machine model and webpages viewed and their associated data.
8.2 How we use your personal data
Information is monitored and sorted based on policy criteria provided by the Customer, for the purpose of identifying for the Customer any at-risk computer behaviour. This is used to create risk notifications to the nominated Customer users of the software.
8.3 The lawful basis for our collection and use of the personal data
This information is vital to identify which user, website or similar data specifically poses a risk, or is at risk.
9. Our safekeeping of your data
The Securus cloud portal server and data storage components are hosted in the Digital Ocean LON1 datacentre based in the United Kingdom, which is certified to ISO 9001, the international Standard for Quality Management and ISO/IEC 27001, the internationally recognised standard for Information Security.
We use Transport Layer Security (TLS) version 1.2 or higher along with AES encryption to provide communications security and ensure all traffic between the clients and the servers is transferred securely.
We have implemented all appropriate technical, organisational and security procedures to protect your personal data from unauthorised access or from accidental loss or corruption, including encryption of data in transit, firewalls and additional measures to protect the confidentiality, availability, and integrity of your data, and in alignment with requirements of applicable regulation. These measures include restricting physical access to locations where personal data is held and using access controls and firewalls to prevent unauthorised access to our systems.
We recommend that you also take steps to safeguard your personal data against the risk of unauthorised access or accidental loss or corruption. Where we provide you with password-restricted access to our website, software and/or services, it is your responsibility to use a strong password and to keep it private. We employ robust access controls to ensure that all data is secured against unauthorised access. The credentials attached to your access will only allow you to view data relevant to you.
Should we become aware of any security incident we have procedures in place to review and assess whether this will result in a personal data breach and if this is the case we will notify you and the appropriate regulator of any breach in accordance with our statutory obligations.
10. Who we may disclose your personal data to
Except as set out above and save for the following exceptions, we will not disclose your personal information to any third party.
- We may disclose your personal data to our group companies.
- We will disclose your personal data to law enforcement agencies or regulatory bodies if we are required to do so by law.
- We will disclose your personal data to our third party service providers to allow them to provide Securus Software features on our behalf, with agreement from all parties concerned.
- We may disclose your personal details to a third party in connection with the sale or merger of our business.
- We may employ other companies to provide services for us, including for example, processing of payments and freight which services are necessary in order for us to be able to provide our services to you. These companies have access to the personal information needed to perform their functions and not for any other purposes and are bound by confidentiality agreements not to disclose any information for any other purpose.
If at any time we wish to disclose your personal data in circumstances other than those above, we will always obtain your express consent before doing so.
We store your personal details in the United Kingdom and we will not be transferring your data outside the European Union.
10.1 How long we keep your personal data
Unless we provide for a specific duration in the categories set out above, we will keep your personal data for as long as is necessary for the purposes set out in this Policy after which time we will either delete your personal data or remove all personal identifiers from the data so that it has become anonymous.
10.2 International data transfers
We do not transfer your personal data to any country outside the EU.
10.3 Cookies
What is a cookie? A cookie is a text string of information that a website transfers to the cookie file of the browser on your device so that the website can remember who you are. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number.
We may use cookies to record information about how you access our website for statistics solely for us and. To the extent that these cookies contain personally identifying data, this will be limited to IP addresses only. You can choose not to accept cookies by setting the preferences on your internet browser. If you do not accept cookies from us, this may impair or prevent some or all of the services which we provide to you.
To find out more about cookies, what they are used for and how to remove them, please visit the Interactive Advertising Bureau Europe’s website at http://www.allaboutcookies.org/cookies/
11. Communications
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information via email (email newsletters) or other methods. The information we collect and store relating to you is primarily used to enable us to provide our services to you. We may use the information for the following purposes:
- To provide you with information relating to our products or services.
- To provide information on other products and services which we feel may be of legitimate interest to you.
- To meet our contractual commitments to you.
- To notify you about any changes to our website, such as improvements or service/product changes, that may affect the service we provide.
You will have the option to “opt out” or “unsubscribe” of receiving newsletters, marketing or promotional materials and other communications at any time and each time you receive electronic marketing information from us, you have the option to decline to receive further information from us. Communications frequently include essential information regarding your service and updates that are needed in order to use the product to its fullest capacity.
In the event that you wish your personal information to be removed from our databases then please write to us at our registered office shown on the “Contact” page of our website or email admin@securus-software.com.
12. Changes to This Privacy Policy
This Privacy Policy is effective as of 17/05/2018 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. The “last updated” date at the top of this policy indicates when it was last revised. We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically.
Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.
13. Contact Us
13.1 Your rights in relation to your personal data
As a data subject, the law provides you with certain rights in relation to your personal data which we hold. You have the right to request the following: (1) Access to your personal data and information about why we hold it and who we can disclose it to; (2) Correction of your personal data if it is inaccurate, incomplete or out of date; (3) Deletion of your personal data (for example where you withdraw consent to our processing of your personal data or if you object to our processing and we have no overriding legitimate interest to continue to process your data); (4) Stopping the processing of your personal data for certain purposes such as direct marketing; (5) To receive your personal data in a commonly used machine-readable format or have this data sent to your designated recipient; and (6) To object to automatic decision making and profiling based on your personal data. Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.
To request a copy of your personal data or to make any other request outlined above, please contact our Data Protection Officer by emailing admin@securus-software.com or by post at the contact details given above. To safeguard the personal data we hold, we need to confirm your identity before we can take action following a request made under this section.
If you have any questions about this Privacy Policy, please contact us.