24/7 Emergency Response
0330 043 3484

Data protection · GDPR · Cyber security

Information held responsibly. Protected by design.

Technical Lift Services Ltd. is committed to protecting the confidentiality, integrity and availability of all personal, commercial and operational data we handle. This policy defines the standards, controls and responsibilities we apply to meet our obligations under the UK GDPR, the Data Protection Act 2018 and wider cyber security best practice.
2016
Established
300+
Sites covered
800+
Lifts maintained
<1hr
Emergency response
Cyber Essentials Plus certifiedUK GDPR & DPA 2018Last reviewed: May 2026

Section 1

Scope

This policy applies to:

  • All employees, directors, subcontractors, and temporary staff
  • All company systems, devices, software, and communications
  • All customer, employee, supplier, and operational information
  • All physical and digital records managed by the organisation

Section 2

GDPR & Data Protection Commitment

Technical Lift Services Ltd. undertakes to:

  • Process personal data lawfully, fairly, and transparently
  • Collect only information necessary for legitimate business purposes
  • Ensure personal data is accurate and kept up to date
  • Retain data only for as long as operational or legal requirements dictate
  • Protect data against unauthorised access, loss, destruction, or disclosure
  • Respect the rights of individuals regarding access, correction, and deletion of data where applicable

Responsibility for data protection compliance is managed at director level.

Section 3

Information Security Controls

The organisation has implemented technical and organisational measures designed to protect company and customer information:

Access control

  • Role-based access permissions
  • Password-protected systems and devices
  • Multi-factor authentication where applicable
  • Restricted administrative privileges

Device & system security

  • Managed anti-virus and malware protection
  • Firewall and network security controls
  • Regular security patching and software updates
  • Secure cloud-hosted platforms and backups
  • Controlled remote access procedures

Email & communication security

  • Spam and phishing protection
  • Controlled sharing of sensitive information
  • Staff awareness regarding phishing and cyber threats
  • Use of professional business communication platforms only

Physical security

  • Controlled access to company premises and operational equipment
  • Secure handling and storage of documents and devices
  • Responsible disposal of confidential waste and obsolete equipment

Section 4

Cyber Essentials Plus Certification

Technical Lift Services Ltd. holds Cyber Essentials Plus certification, independently verified against the National Cyber Security Centre (NCSC) backed scheme. This certification demonstrates compliance with recognised cyber security controls including:

  • Secure configuration
  • User access control
  • Malware protection
  • Security update management
  • Firewall implementation
  • Vulnerability testing and technical verification

The company maintains ongoing compliance through continual review and management of cyber security risks.

Section 5

Data Handling & Confidentiality

Employees and subcontractors must:

  • Handle customer and company information responsibly
  • Only access information necessary for their role
  • Not disclose confidential information without authorisation
  • Report any suspected data breaches, cyber incidents, or security concerns immediately
  • Follow company procedures relating to information security and GDPR compliance

Confidentiality obligations apply during and after employment or engagement with the company.

Section 6

Risk Management & Monitoring

Technical Lift Services Ltd. actively assesses and manages risks associated with:

  • Cyber threats and phishing attacks
  • Unauthorised access to systems or information
  • Loss or corruption of operational data
  • Misuse of company devices or systems
  • Third-party supplier and subcontractor access

The company undertakes

  • Periodic review of access permissions
  • Monitoring of cyber security risks
  • Review and implementation of security updates
  • Continuous improvement of operational security controls

Section 7

Data Breach Management

Any actual or suspected data breach must be reported immediately to company management. The organisation will:

  • Investigate the incident promptly
  • Take appropriate corrective action
  • Assess legal reporting obligations
  • Notify affected parties and regulatory authorities where required

Section 8

Training & Awareness

Technical Lift Services Ltd. promotes a culture of security awareness throughout the organisation. Staff are expected to:

  • Follow company security procedures
  • Exercise vigilance regarding suspicious emails and communications
  • Maintain secure password practices
  • Handle customer information professionally and responsibly

Section 9

Policy Review

This policy will be reviewed periodically and updated where necessary to reflect:

  • Legislative changes
  • Operational requirements
  • Emerging cyber security threats
  • Industry best practice

Policy holder

Technical Lift Services Ltd.

Committed to maintaining secure, responsible and compliant management of information across all areas of operation. Data protection enquiries, subject access requests or breach notifications should be directed to the company at the address below.

47 Balena Close, Creekmoor, Poole, BH17 7DY
Company No. 10289924

Ready to discuss your lift requirements?

Get in touch with our team for a free consultation and quote.

0330 043 3484info@tlse.co.ukRequest a Call-Out
Call Now