Privacy Policy

This Privacy Policy explains how GuardHQ LTD ("GuardHQ", "we", "us", or "our") collects, uses, stores, and protects personal information when you use our website, mobile applications, and related services (together, the "Services").

GuardHQ is a security workforce platform that helps companies manage sites, shifts and rota, shift reports, chats, holidays, salary slips, training, and related operational workflows. We are committed to handling personal data responsibly and in line with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

GuardHQ LTD is operated from Liverpool, England, United Kingdom (Company No. 14974874). If you have questions about this policy or how we handle your data, you can contact us using the details in the Contact section of our website.

The information we collect depends on how you use GuardHQ and your role within a customer organization. This may include:

• Account and profile information — such as name, email address, phone number, job role, and company affiliation.
• Workforce and operational data — including site assignments, shift and rota details, shift reports, patrol notes, checklists, incident records, chat messages, holiday requests, salary slip records, and training or course progress.
• Device and usage information — such as app version, device type, operating system, log data, and general usage activity needed to operate and secure the Services.
• Communications — messages you send to us through contact forms, support requests, or sales enquiries.

Where our customers upload or manage employee, guard, or client information through GuardHQ, those customers act as the data controller for that information. GuardHQ LTD processes it on their behalf as a data processor, in accordance with their instructions and our agreements with them.

We use personal information to:

• Provide, maintain, and improve the GuardHQ platform;
• Enable scheduling, reporting, messaging, and workforce management workflows;
• Authenticate users and manage access permissions;
• Respond to enquiries, support requests, and demo interest;
• Monitor performance, troubleshoot issues, and protect against fraud or misuse;
• Comply with legal obligations and enforce our terms.

We do not sell personal data. We do not use customer workforce data to train unrelated products or to market GuardHQ to third parties.

Where UK GDPR applies, we rely on one or more of the following legal bases:

• Contract — to provide the Services our customers and users have requested;
• Legitimate interests — to operate, secure, and improve GuardHQ, provided those interests are not overridden by your rights;
• Consent — where required, such as for certain optional communications;
• Legal obligation — where we must retain or disclose information to comply with law.

We may share personal information only where necessary:

• With authorized users within your company account, according to role and permissions set by your administrator;
• With service providers who help us host, secure, deliver, or support the Services, under appropriate contractual safeguards;
• Where required by law, regulation, court order, or to protect the rights, safety, and security of GuardHQ LTD, our users, or others;
• In connection with a business transfer, such as a merger or acquisition, subject to continued protection of personal data.

We retain personal information only for as long as needed to provide the Services, meet contractual obligations, resolve disputes, and comply with legal requirements. Retention periods may vary depending on the type of data and the customer's account settings. When data is no longer required, we delete or anonymize it in line with our retention practices.

We implement appropriate technical and organizational measures designed to protect personal information against unauthorized access, loss, misuse, or alteration. No method of transmission or storage is completely secure, but we work to maintain safeguards appropriate to the nature of the data we process.

GuardHQ LTD is based in the United Kingdom. If personal information is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as approved contractual clauses or equivalent legal mechanisms, unless a valid exception applies.

Depending on your location and relationship with GuardHQ, you may have rights to:

• Access the personal data we hold about you;
• Request correction of inaccurate or incomplete data;
• Request deletion of data in certain circumstances;
• Object to or restrict certain processing;
• Request data portability where applicable;
• Withdraw consent where processing is based on consent;
• Lodge a complaint with the UK Information Commissioner's Office (ICO) or your local supervisory authority.

If you are an employee, guard, or other user managed by a GuardHQ customer, please contact your organization's administrator first, as they control most workforce data in the platform. You may also contact us and we will assist as required by law.

GuardHQ is intended for business and workforce use and is not directed at children. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated version on this page and revise the "Last updated" date below. We encourage you to review this page periodically.