Privacy Policy
Privacy Policy for Guardian Shield Security
Last Updated: October 13, 2025
Effective Date: October 13, 2025
Introduction
Guardian Shield Security (“we,” “our,” “us,” or “Company”) is committed to protecting the privacy and security of personal information collected through our website, services, and business operations. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in accordance with Jamaican law, including the Data Protection Act, 2020, and regulations thereunder.
This Privacy Policy applies to all personal information collected by Guardian Shield Security through our website (guardianshieldsecurity.com), in the course of providing security services, during business relationships with clients, and through employment and contractor relationships.
By using our website or engaging our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our website or services.
Definitions
Personal Information means any information relating to an identified or identifiable natural person. This includes but is not limited to names, identification numbers, location data, online identifiers, or factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity.
Processing means any operation performed on personal information, whether automated or manual, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.
Data Controller means Guardian Shield Security, which determines the purposes and means of processing personal information.
Data Subject means the identified or identifiable natural person to whom personal information relates.
Sensitive Personal Information means personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, data concerning sex life or sexual orientation, and criminal convictions or alleged commission of offenses.
Information We Collect
Information Collected Through Our Website
Contact Information: When you submit inquiries through our website contact forms, request quotes, or schedule security assessments, we collect your name, business name, phone number, email address, business type, and details about your security needs.
Technical Information: When you visit our website, we automatically collect certain technical information, including your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
Usage Information: We collect information about how you use our website, including pages visited, time spent on pages, links clicked, and navigation paths between pages.
Cookies and Similar Technologies: Our website uses cookies and similar tracking technologies to distinguish you from other users, remember your preferences, and analyze website traffic. You can set your browser to refuse cookies, though some website features may not function properly without them.
Information Collected in Providing Security Services
Client Business Information: We collect information about client businesses, including business name, physical address, business type and industry, facility layout and access points, operating hours, key personnel contact information, and specific security requirements and concerns.
Incident and Activity Reports: In providing security services, our guards create detailed logs and reports containing information about security incidents, visitor logs, employee access records, alarm activations, patrol observations, and facility conditions. These reports may contain personal information about employees, visitors, contractors, and other individuals on client premises.
Surveillance and Monitoring Data: When we install or monitor security cameras, alarm systems, or access control systems, we collect visual recordings, access logs, alarm activation records, and other security-related data that may contain personal information.
Emergency Contact Information: We collect emergency contact details for client personnel who may need to be reached during security incidents or emergencies.
Information Collected Through Employment and Contractor Relationships
Job Applicant Information: When individuals apply for security guard positions or other employment, we collect names, contact information, employment history, educational background, professional certifications and licenses, references, and other information relevant to employment decisions.
Employee and Contractor Information: For security guards and other personnel, we collect identification documents, PSRA certification and licensing information, background check results, fingerprint reports, training records and certifications, work schedules and assignments, performance evaluations, payroll and tax information, health insurance enrollment information, and emergency contact details.
Disciplinary and Incident Records: We maintain records of any disciplinary actions, incidents involving our personnel, or complaints received about our guards or services.
Information Received from Third Parties
Background Check Providers: We receive background check results, criminal record information, and employment verification from third-party screening services for employment vetting purposes.
Government Agencies: We receive licensing verification, certification confirmations, and compliance information from the Private Security Regulation Authority (PSRA) and other Jamaican government agencies.
Client-Provided Information: Clients provide us with information about their facilities, personnel, and operations necessary for security service delivery.
Vendors and Service Providers: We may receive information from technology vendors, insurance providers, training organizations, and other service providers supporting our business operations.
How We Use Personal Information
Purposes of Processing
We process personal information for the following legitimate business purposes:
Service Delivery: To provide security guard services, alarm monitoring, camera surveillance, access control, security consulting, and other contracted security services. To schedule and dispatch guards, monitor security systems, respond to incidents, and fulfill our contractual obligations to clients.
Client Relationship Management: To communicate with clients about services, respond to inquiries and requests, provide quotes and proposals, process service agreements, manage billing and payments, and maintain ongoing client relationships.
Security and Safety: To protect client property and personnel, prevent and detect security threats and criminal activity, respond to emergencies, document incidents for legal and insurance purposes, and maintain safe and secure environments.
Employment and Workforce Management: To recruit, evaluate, and hire security personnel, verify qualifications and conduct background checks, provide training and professional development, schedule work assignments, process payroll and benefits, evaluate performance, and maintain employment records.
Legal Compliance: To comply with Jamaican laws and regulations, including the Data Protection Act, PSRA requirements, employment laws, tax obligations, and other legal requirements. To respond to lawful requests from law enforcement, courts, and regulatory authorities.
Business Operations: To maintain and improve our services, analyze service quality and customer satisfaction, develop new security solutions, manage vendors and contractors, maintain insurance coverage, protect against fraud and unauthorized activity, and operate our business efficiently and effectively.
Website Functionality: To provide website features, remember your preferences, analyze website usage, improve website design and content, troubleshoot technical issues, and communicate with website visitors.
Legal Bases for Processing
Under Jamaican data protection law, we process personal information based on the following legal grounds:
Contractual Necessity: Processing necessary to enter into or perform contracts for security services with clients or employment contracts with guards and staff.
Legal Obligations: Processing necessary to comply with legal requirements, including PSRA licensing, employment law compliance, tax obligations, and cooperation with law enforcement investigations.
Legitimate Interests: Processing necessary for our legitimate business interests, including providing effective security services, protecting against security threats, managing employment relationships, maintaining business operations, and exercising legal rights, provided such interests are not overridden by the data subject’s fundamental rights and freedoms.
Consent: For certain processing activities, we obtain explicit consent from data subjects, particularly for sensitive personal information or when required by law.
Vital Interests: Processing necessary to protect the vital interests of data subjects or other natural persons in emergency situations.
How We Share Personal Information
Disclosure to Third Parties
We may disclose personal information to the following categories of recipients:
Clients: We provide clients with security incident reports, activity logs, and other information necessary for them to understand security services delivered at their facilities. Such reports may contain personal information about employees, visitors, or other individuals.
Law Enforcement and Government Authorities: We disclose personal information to the Jamaica Constabulary Force, PSRA, courts, and other government authorities when legally required, in response to valid legal process, to report criminal activity, to comply with regulatory requirements, or to protect rights, property, and safety.
Service Providers and Vendors: We share personal information with third-party service providers who perform functions on our behalf, including background check providers, training organizations, payroll processors, insurance carriers, IT service providers, website hosting companies, and professional advisors (attorneys, accountants, consultants). These providers are contractually obligated to maintain confidentiality and use personal information only for specified purposes.
Business Partners: We may share information with alarm monitoring centers, technology system providers, and other security industry partners necessary for service delivery, always under appropriate confidentiality agreements.
Insurance Companies: We provide incident reports and related information to insurance carriers for liability coverage, claims processing, and risk management purposes.
Professional Advisors: We share information with lawyers, accountants, auditors, and other professional advisors when necessary for legal, financial, or business consulting services.
Business Transfers: If Guardian Shield Security is involved in a merger, acquisition, sale of assets, or other business transaction, personal information may be transferred to the acquiring or successor entity, subject to continued protection under this Privacy Policy or an equivalent policy.
Circumstances of Disclosure
We disclose personal information only when:
Required by Jamaican law or legal process, including court orders, subpoenas, or regulatory requirements.
Necessary to provide contracted security services to clients.
Required to comply with PSRA regulations or other lawful authority.
Necessary to protect rights, property, or safety of Guardian Shield Security, our clients, our employees, or the public.
Authorized by the data subject through explicit consent.
Necessary for legitimate business purposes with appropriate safeguards and contractual protections in place.
No Sale of Personal Information
Guardian Shield Security does not sell, rent, or trade personal information to third parties for their marketing purposes.
Data Security
Security Measures
We implement appropriate technical and organizational measures to protect personal information against unauthorized access, unlawful processing, accidental loss, destruction, or damage. Security measures include:
Physical Security: Secure storage of physical records in locked facilities with restricted access. Proper disposal of documents containing personal information through shredding or secure destruction services.
Technical Security: Secure servers with encryption, firewalls, and intrusion detection systems. Access controls requiring authentication and authorization for system access. Regular security updates and patches for software and systems. Secure backup procedures for data recovery. Antivirus and anti-malware protection. Secure transmission of data through encrypted connections.
Organizational Security: Confidentiality obligations for all employees and contractors accessing personal information. Role-based access controls limiting information access to personnel with legitimate need. Regular security training for staff on data protection and privacy practices. Incident response procedures for addressing security breaches. Vendor management ensuring third-party compliance with security standards.
Surveillance Data Security: Video surveillance footage and access control logs are stored securely with limited access. Footage is retained only for necessary periods and disposed of securely. Remote access to surveillance systems requires authentication and encryption.
Security Limitations
While we implement strong security measures, no system is completely secure. We cannot guarantee the absolute security of personal information. You provide information at your own risk. If you suspect unauthorized access to your personal information, contact us immediately using the information provided in this Privacy Policy.
Data Retention
Retention Periods
We retain personal information only as long as necessary for the purposes for which it was collected or as required by Jamaican law. Retention periods vary based on information type and purpose:
Client Information: Client contact information and service agreements are retained for the duration of the business relationship plus seven years following service termination for legal, tax, and contractual obligation purposes.
Incident Reports and Security Logs: Security incident reports, activity logs, and surveillance footage are typically retained for two to seven years depending on incident severity and legal requirements. Serious incidents involving criminal activity or litigation may be retained longer.
Employee Records: Employee and contractor records including applications, personnel files, training records, and performance evaluations are retained for seven years following employment termination as required by employment law and regulatory compliance.
Background Checks: Background check results are retained as long as the individual remains employed or under contract, plus seven years following separation.
Financial Records: Invoices, payment records, and other financial documents are retained for seven years as required by Jamaican tax law.
Website Data: Website analytics and usage data are typically retained for two years unless longer retention is necessary for technical or security purposes.
Surveillance Footage: Video surveillance footage from security cameras is typically retained for 30-90 days unless specific footage is preserved for incident investigation, insurance claims, or legal proceedings.
Secure Disposal
When personal information is no longer needed, we securely dispose of it through methods including shredding physical documents, secure deletion or destruction of electronic media, and overwriting of digital storage systems. We ensure disposal methods prevent reconstruction or recovery of personal information.
Your Rights
Data Subject Rights Under Jamaican Law
Under the Data Protection Act 2020, data subjects have the following rights regarding their personal information:
Right of Access: You have the right to request confirmation of whether we process your personal information and to obtain a copy of your personal information, along with supplementary information about the processing.
Right to Rectification: You have the right to request correction of inaccurate personal information and completion of incomplete personal information.
Right to Erasure: You have the right to request deletion of your personal information in certain circumstances including when the information is no longer necessary for the purposes for which it was collected, when you withdraw consent (where consent was the legal basis), when you object to processing and there are no overriding legitimate grounds, or when the information has been unlawfully processed.
Right to Restriction of Processing: You have the right to request restriction of processing in certain circumstances including when you contest the accuracy of personal information (for a period allowing verification), when processing is unlawful but you oppose erasure, when we no longer need the information but you require it for legal claims, or when you have objected to processing pending verification of overriding legitimate grounds.
Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, machine-readable format and to transmit that information to another controller where technically feasible, when processing is based on consent or contract performance and is carried out by automated means.
Right to Object: You have the right to object to the processing of your personal information based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or similarly significantly affect you, except where necessary for contract performance, authorized by law, or based on explicit consent.
Right to Lodge a Complaint: You have the right to lodge a complaint with the Information Commissioner of Jamaica if you believe your data protection rights have been violated.
Exercising Your Rights
To exercise any of these rights, please contact us using the information provided in the “Contact Information” section of this Privacy Policy. We will respond to your request within one month, though complex requests may require up to three months, with notification of the extension and reasons.
When making a request, please provide sufficient information for us to verify your identity and locate your personal information. We may require proof of identity before processing your request. There is no fee for exercising your rights unless requests are manifestly unfounded or excessive, in which case we may charge a reasonable administrative fee or refuse to process the request.
Limitations on Rights
Your rights may be limited in certain circumstances. For example, we may deny access to personal information where disclosure would adversely affect the rights and freedoms of others, interfere with ongoing investigations, or where we have compelling legitimate grounds to continue processing. We will explain the basis for any limitation on your rights when responding to your request.
Special Categories of Personal Information
Sensitive Personal Information
Guardian Shield Security processes certain categories of sensitive personal information, including:
Biometric Data: Fingerprint reports required for PSRA licensing and background checks.
Health Information: Health insurance enrollment information and medical fitness certificates for security personnel.
Criminal Convictions: Background check results, including criminal record information for employment screening purposes.
We process sensitive personal information only when necessary for:
Legal compliance, including PSRA requirements for employment screening and licensing.
Employment purposes, including hiring, managingthe workforce, and ensuring fitness for security duties, with appropriate safeguards.
Legal claims, including establishment, exercise, or defense of legal claims.
Vital interests when necessary to protect life or physical safety in emergency situations.
We implement enhanced security measures and stricter access controls for sensitive personal information. Sensitive information is processed only by authorized personnel with a legitimate need for such access.
Children’s Privacy
Guardian Shield Security does not knowingly collect personal information from individuals under 18 years of age. Our website and services are directed at businesses and adults. We do not target children for marketing or data collection.
Security guards employed by Guardian Shield Security must be at least 18 years of age to meet PSRA licensing requirements. We do not process employment applications from minors.
In providing security services at educational institutions or events involving children, any incidental collection of information about minors in security logs or surveillance footage is limited to security purposes only and is subject to the same protections as adult information.
If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete that information promptly unless retention is required by law for security incident documentation purposes.
International Data Transfers
Guardian Shield Security operates exclusively in Jamaica and stores personal information on servers located in Jamaica or with cloud service providers maintaining data centers in jurisdictions with adequate data protection standards.
If we transfer personal information outside of Jamaica, we will ensure appropriate safeguards are in place, including adequacy decisions recognizing equivalent data protection standards, standard contractual clauses approved by Jamaican authorities, or other lawful transfer mechanisms.
We do not routinely transfer personal information internationally. Any international transfers would be limited to specific business needs such as cloud service providers, technology vendors, or professional service providers, with appropriate contractual protections ensuring continued data protection.
Changes to This Privacy Policy
Guardian Shield Security reserves the right to modify this Privacy Policy at any time. Changes become effective immediately upon posting to our website. The “Last Updated” date at the top of this Policy indicates when it was most recently revised.
Material changes that significantly affect your rights or how we process personal information will be communicated through a prominent notice on our website or direct communication to clients and individuals whose information we process.
Your continued use of our website or services following the posting of changes constitutes acceptance of the modified Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about our information practices.
Third-Party Websites
Our website may contain links to third-party websites, including social media platforms, technology providers, or business partners. This Privacy Policy applies only to Guardian Shield Security and does not govern the privacy practices of third-party websites.
We are not responsible for the privacy policies or practices of third-party websites. We encourage you to review the privacy policies of any third-party websites you visit. Clicking on third-party links or enabling third-party connections is at your own risk.
California Privacy Rights (If Applicable)
While Guardian Shield Security operates exclusively in Jamaica, California residents whose personal information we may process have specific rights under California law, including the California Consumer Privacy Act (CCPA).
California residents have the right to request disclosure of categories and specific pieces of personal information collected, categories of sources, business purposes for collection, categories of third parties with whom information is shared, and the right to request deletion of personal information, subject to certain exceptions.
To exercise CCPA rights, California residents may contact us using the information provided below. We do not discriminate against individuals who exercise their CCPA rights.
Contact Information
Privacy Inquiries and Rights Requests
For questions about this Privacy Policy, to exercise your data protection rights, or to raise privacy concerns, please contact:
Guardian Shield Security
Privacy Officer
Email: safety@guardianshieldsecurity.com
We will respond to all legitimate requests within the timeframes required by Jamaican law, typically within one month of receiving your request.
Consent
By using our website, engaging our services, or providing personal information to Guardian Shield Security, you consent to the collection, use, disclosure, and processing of your personal information as described in this Privacy Policy, subject to your rights under Jamaican data protection law.
For processing requiring explicit consent, we will obtain your clear, affirmative consent before processing your personal information for those purposes. You have the right to withdraw consent at any time, though withdrawal does not affect the lawfulness of processing based on consent before withdrawal.
Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of Jamaica. Any disputes arising from this Privacy Policy or our privacy practices shall be subject to the exclusive jurisdiction of the Jamaican courts.
Acknowledgment: This Privacy Policy has been prepared to comply with the Data Protection Act, 2020, and other applicable Jamaican laws. By continuing to use our services or website, you acknowledge that you have read, understood, and agree to this Privacy Policy.
Guardian Shield Security is committed to protecting your privacy and handling your personal information responsibly in accordance with Jamaican law. We implement appropriate security measures and respect your data protection rights.