DRAFT for legal sign-off. This document was generated from a standard UK SME template
customised for Gemini AMPM. It must be reviewed by qualified legal counsel before being treated as authoritative.
Specific items needing legal confirmation are flagged inline.
Who we are
Gemini AMPM Ltd (“we”, “us”, “our”) is a fire safety, security, ventilation and life-safety services contractor incorporated in England and Wales under company number 03437130. Our registered office is Unit 2, Regents Business Centre, Jubilee Road, Burgess Hill, West Sussex RH15 9TL.
We are the data controller for personal information collected through this website and through our business activities. For data-protection enquiries contact [email protected].
What information we collect
We collect personal information in the following situations:
- Website enquiries. When you submit one of the contact forms on this site (homepage quick form, contact page form, fire risk assessment review request) we collect the name, email address, phone number, company name, building information and any message you provide.
- Email and phone enquiries. When you contact us directly we receive whatever personal information you choose to share.
- Client and supplier records. When we work with a client or supplier we collect the contact details, role and business information necessary to deliver the contract.
- Site visits and surveys. When attending site we may record building information, asset registers and contact details for relevant personnel as part of fire risk assessments, surveys and installation works.
- Technical website data. Standard server-side logs, IP address, browser type and pages visited. We do not currently run third-party analytics; if we do in future, this policy will be updated.
Why we collect it and the legal basis
We process personal data under the following lawful bases of the UK GDPR:
- Legitimate interests. Responding to your enquiries, delivering and improving our services, maintaining client and supplier records, and managing our business.
- Contract. Where we have a contract with you or your organisation, processing necessary to perform it.
- Legal obligation. Compliance with applicable law including fire-safety record-keeping, health and safety records, and tax obligations.
- Consent. Where required, for example marketing communications — you can withdraw consent at any time.
How long we keep it
We retain personal information only as long as needed for the purpose it was collected, or as required by law:
- Website enquiries that don’t become contracts: 24 months.
- Client records and contract documentation: 7 years after the end of the engagement (consistent with HMRC requirements).
- Fire safety records and golden-thread documentation: for the operational life of the building, in line with Building Safety Act requirements.
- Employee records: per the periods set out in our internal HR policy and employment law.
Who we share it with
We share personal information only where necessary:
- With clients and their building managers where relevant to deliver the contracted service.
- With sub-contractors and supply-chain partners where they are delivering work under our supervision (subject to written confidentiality and data-protection terms).
- With our professional advisers (accountants, lawyers, insurers) under their own confidentiality obligations.
- With regulators, insurers and authorities where required by law or to defend our legal rights.
- With cloud-software providers used to run our business (for example, Microsoft 365 for email, Xero for accounts, Uptick for compliance management, formsubmit.co for website-form processing). [LEGAL: confirm complete list of sub-processors.]
We do not sell personal information to third parties.
Your rights
Under the UK GDPR you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Request erasure where there is no compelling reason for us to continue processing
- Object to processing based on legitimate interests
- Request restriction of processing in specific circumstances
- Request transfer of your data to another provider (data portability)
- Withdraw consent where processing is based on consent
- Lodge a complaint with the Information Commissioner’s Office (ico.org.uk)
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
Security
We maintain technical and organisational measures to protect personal information including Cyber Essentials certification, encrypted email and storage, multi-factor authentication on administrative systems, and a documented information-security policy. Despite these measures, no online transmission or storage is 100% secure; we cannot guarantee absolute security.
Cookies
See our separate cookies policy for details of cookies and similar technologies used on this website.
Changes to this policy
We may update this policy from time to time. The version date is shown in the document footer below. Material changes will be highlighted at the top of the page.