Privacy Notice
SecureGard ("we", "our", "us") is committed to protecting your personal data. This privacy notice explains how we collect, use, store and share personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
SecureGard is a UK-based provider of employee monitoring and workforce productivity software. For the purposes of UK GDPR:
- When we provide the SecureGard service to a customer organisation, that organisation is the data controller for their employees' data, and SecureGard is a data processor.
- For visitors to this website (securegard.co.uk), SecureGard is the data controller.
2. What data we collect
2.1 From website visitors
| Category | Examples | Purpose |
|---|---|---|
| Technical data | IP address, browser type, operating system, referring URL | Site security and load balancing |
| Cookie preferences | Your consent choices for cookies | Remember whether you accepted optional cookies |
| Contact details (if you write to us) | Name, email, message body | Reply to your enquiry |
2.2 From customers using the SecureGard service
| Category | Examples | Purpose |
|---|---|---|
| Account data | Company name, subdomain, admin email, hashed password | Authentication and account management |
| Employee activity data | Active application name, window title, browser domain, time spent per app/website | Generate the productivity reports the customer subscribed to |
| Periodic screenshots (optional) | Reduced-resolution JPEGs of the employee's primary display | Provide visual evidence of work activity, when enabled |
| Device telemetry | Operating system, agent version, host name | Diagnose installation issues and provide support |
3. Legal bases for processing
- Legitimate interests — providing the SecureGard product to customers and securing the website. We have conducted a Legitimate Interests Assessment (LIA) and balanced our interests against the rights and freedoms of individuals.
- Performance of a contract — when a customer organisation signs up for SecureGard, we process their account data to provide the contracted service.
- Consent — for non-essential cookies on this website. You can withdraw consent at any time using the "Cookie settings" link in the footer.
- Legal obligation — to comply with our tax, accounting and regulatory obligations.
4. Where your data is stored
All customer data is hosted on infrastructure located in the United Kingdom. We do not transfer personal data outside the UK or the European Economic Area (EEA) without ensuring appropriate safeguards are in place (such as the UK International Data Transfer Agreement).
Each customer is hosted on a dedicated subdomain and an isolated database. We do not share customer data between tenants.
5. Data retention
- Account records: kept while your account is active and for 12 months after closure (for tax and dispute records).
- Activity logs and screenshots: retained according to the data-retention setting on your plan (default: 30 days for Pro, 7 days for Free, custom for Enterprise).
- Website analytics: aggregated and retained for up to 14 months.
- Support correspondence: retained for 24 months after the ticket is closed.
6. Your rights under UK GDPR
You have the right to:
- Be informed about how we process your data (this notice).
- Request access to your personal data (subject access request).
- Request rectification of inaccurate data.
- Request erasure of your data ("right to be forgotten").
- Restrict or object to processing.
- Request data portability.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
To exercise any of these rights, email privacy@securegard.co.uk. We will respond within one calendar month.
7. Sharing your data
We do not sell your personal data. We share it only with:
- Sub-processors we use to deliver the service — currently limited to UK-based hosting and email infrastructure providers. A current list is available on request.
- Authorities, where required by law (e.g. court order or HMRC investigation).
8. Security
We protect your data using:
- TLS 1.2+ encryption in transit, with HTTP Strict Transport Security (HSTS).
- Bcrypt-hashed passwords (cost factor 12 or higher).
- Per-tenant database isolation.
- Regular off-site backups.
- Principle of least privilege for staff access to production systems.
9. Cookies
This website uses cookies. See our Cookie Policy for full details and use the "Cookie settings" link in the footer to change your preferences at any time.
10. Children
SecureGard is a business product. We do not knowingly collect personal data from anyone under the age of 16.
11. Changes to this notice
We may update this notice from time to time. The "Last updated" date at the top of this page shows when changes were made. Material changes will also be communicated by email to account administrators.
12. Contact
For any privacy-related question, email privacy@securegard.co.uk or write to us at:
SecureGard
Data Protection Office
United Kingdom