Verity GRC Privacy Policy

Sphyrna Security values our relationship with you and recognizes the importance of respecting and protecting your personal information and privacy.

This policy (together with any other resources referred to in it) set out the basis on which any personal information you provide to us (or data we collect about you from other sources) will be processed (meaning collected, stored, and otherwise used) by us. Please read this policy carefully as it sets out what you can expect from us and gives you our contact details if you wish to ask any questions or raise concerns about how we are processing your personal information. For the purposes of the EU General Data Protection Regulation (GDPR), the data controller is Sphyrna Security.

Your rights
Data protection legislation gives you several rights to protect you against an organization mishandling your personal information. It is important that you understand your rights, and, in this document, we have set out what those rights are and how you can exercise your rights in respect of Sphyrna Security processing of your personal information.

How we collect your personal information
Information you provide to us – you may provide us with information when you are:

  • Accessing our websites. This includes information that you provide when you register to use any of our websites, products, or services, place an order, make an application for employment or sub-contractor, or report a problem with our site or request content or other information from us.
  • Corresponding with us by post, telephone, email or otherwise.

The information you give us may include your name, job title, email address, mailing address, telephone number, financial details, passport details, subject specialism and qualification and social security number.

Information we collect about you – we may also process certain personal information about you which you have not provided to us yourself.

In limited circumstances, we may collect data that you have made available in the public domain, such as your contact details and employment background. When we do this, we carefully consider whether do so is in your interest and any impact on your rights, and we will inform you as soon as practically possible about our use of your data and your right to object to this and to unsubscribe from any communications from us.

Cookies – When you visit our websites, we automatically collect technical information from your computer or other device.
We use cookies (small text files that are placed on your computer) to give you the best possible experience when visiting our websites. You can disable cookies through your web browser’s settings and still access our websites – although certain functionality may not be available to you in those circumstances.

The information we may collect about you in this way may include the Internet Protocol (IP) address used, your browser type and version, the type of device used, and time zone setting, etc. We may also collect information about each visit you make to our website, including which website you were on immediately before you navigated to our sites, and how you have progressed through and from our sites – as well as content you have searched for or viewed on our sites.

How we use your information (and the lawful bases for that processing)
We use information held about you in the following ways:

  • To deliver our products and services to you – we may use your personal information to:
  • carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products, and services that you request from us (as is necessary for the performance of those contracts);
  • notify you about changes to our service (as is necessary for the performance of a contract to which you are a party and/or as is necessary for our legitimate interests);
  • allow you to access restricted areas of our websites, when you choose to do so (which may rely on your consent for the processing of your personal information which is necessary for giving you access to those restricted areas);

To improve the effectiveness of our products, services, and marketing communications – we may use your personal information (in each case as is necessary for our legitimate interests or exceptionally where you have given your consent) to:

  • administer our websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • improve our websites to ensure that content is presented in the most effective manner for you and for your computer or device;
  • keep our websites safe and secure;
  • measure or understand the effectiveness of advertising we deliver to you and others, and to deliver relevant advertising to you;
  • provide you with information about other goods and services we offer that are like those that you have already purchased or enquired about, if you have not told us that you do not wish to receive this information (as is necessary for our legitimate interests);
  • make suggestions and recommendations to you about goods or services that we believe may interest you, based on your previous transactions, behavior, subject interests, and other information that we may hold about you and your institution or organization.

References to our “legitimate interests” in this policy include our commercial interests in operating our business (and the business of Sphyrna Security more generally) in an efficient and sustainable manner, in accordance with all applicable legal and regulatory requirements.

Sphyrna Security does not sell any of your personal data to third party organizations for their benefit.

Your marketing preferences
If you would like to update your details, including details of how you prefer to be contacted for marketing purposes, you can do this by:

  • Within the UK and EU sending post mail to the following address, Sphyrna Security, Kemp House, 152-160 City Road, London, EC1V2NX, United Kingdom.
  • For rest of the world by sending post mail to Sphyrna Security, 300 Terry Fox Drive, Suite 600, Kanata, Ontario, Canada, K2K 0E3
  • Telephoning Sphyrna Security on +1 613 704 3514 between 09:00 hrs. and 18:00 hrs. Monday to Friday.

If you wish to unsubscribe from marketing emails from Sphyrna Security, you can do so here.

Sharing information with third parties
For the purposes referred to in this policy and relying on the bases for processing as set out above, we may share your personal information with business partners for,

  • a provider of web analytics services; or
  • for the purposes of fulfilling an order that you have placed with us, delivering a product, or otherwise carrying out a contract that we have with you.

If you register for a sponsored event, then we may share your data with event sponsors, where we have informed you that we will do this at the point at which you register for the event.

Transfer outside the European Economic Area (EEA)
Sphyrna Security is Headquartered in Ottawa, Canada with representation located in London, United Kingdom. Your personal information will be accessible to employees and business partner service providers based outside the EEA. We have an agreement in place across the organization to safeguard your personal information and to ensure the same high standards of data protection exist across our business. Where we use third parties to process information on our behalf, we will ensure that there are the necessary agreements in place to provide the same standards that we have at Sphyrna Security and incorporating the European Commission approved model clauses where necessary to provide a lawful basis for the transfer of personal information outside the EEA.

How long do we keep your information?
For marketing and business development, including persons registering at our websites your personal data will be maintained for 18 months. After which if no further contact is made your information will be deleted from our systems.

For our customers, associates, agents, employees, and contactor’s we retain your personal information for as long as necessary to finalize any transaction with you.  We will normally retain your information for seven (7) years after your last recorded interaction with Sphyrna Security although there may be exceptions to this, for example where we have a legal obligation to retain information for a longer period, or where we store limited personal information securely in an archive (for reference purposes).

Under EU GDPR you have the following rights:

  • to obtain access to, and copies of, the personal information that we hold about you;
  • to require that we cease processing your personal information if the processing is causing you damage or distress; and
  • to require us not to send you marketing communications.
  • to obtain access to, and copies of, the personal information that we hold about you;
  • to require us to correct the personal information we hold about you if it is incorrect;
  • to require us to erase your personal information;
  • to require us to restrict our data processing activities;
  • where our processing is based on your consent, the right to withdraw that consent (without affecting the lawfulness of our processing based on consent before its withdrawal);
  • where the processing is carried out by automated means, to receive from us the personal information we hold about you which you have provided to us, in a reasonable format specified by you (including for the purpose of you transmitting that personal information to another data controller); and
  • to object, on grounds relating to your situation, to any of our processing activities where you feel this has a disproportionate impact on your rights.

Please note that these rights are not absolute, and we may be entitled to refuse requests where exceptions apply. If you wish to exercise any of these rights, please contact us using the contact details set out below.

Contact us.
If you have any comments, questions, or concerns about anything you have read on this page or you are concerned how your personal information has been handled by Sphyrna Security, you can contact our Information Privacy Officer at

Referral to The Information Commissioner
If you are an EU Citizen and are not satisfied with how we are processing your personal data, you can refer us to The Information Commissioners Office. You can find out more about your rights under data protection legislation from their website available at

Changes in our Privacy Policy
If we make changes to this policy, we will detail them on this page.  If it is appropriate, we may provide you with details by email; we suggest that you regularly visit this page to see any changes or updates to this policy.

This policy was last updated in February 2021.