STERLING GRID SECURITY LTD – DATA PROTECTION STATEMENT

Sterling Grid Security Ltd, alongside its specialized trading brand verticals (Plan Pros, Kitchen-Pros, Pergola Pros, and Sterling Grid Products), is fully committed to compliance with all current UK data protection legislation. This includes the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data Use and Access Act (DUAA) 2025.

We treat data protection not just as a legal box-ticking exercise, but as a critical operational security standard that we refer to internally as our "Secure Halo" data protocol.

We ensure that all personal, structural, spatial, and financial data processed across our unified Shopify infrastructure is handled according to strict statutory principles:

• Lawfulness, Fairness, and Transparency: We only collect technical project specifications, site imagery, and personal details necessary to fulfill customer projects, explicitly declaring our methods.
• Purpose Limitation: Data gathered for architectural validation or site logistics is never sold, leased, or repurposed for external third-party marketing.
• Data Minimisation: We only ask for the specific measurements, photographs, and access declarations required to guarantee project structural engineering compatibility and safe delivery.
• Accuracy: We provide interactive tools (such as millimeter verification checks and site access profiles) to ensure data input accuracy.
• Storage Limitation: We do not keep technical files longer than required to honor product manufacturing warranties, project revisions, or standard corporate tax audits.
• Integrity and Confidentiality: Your data is protected by high-tier encryption protocols at rest and in transit.

Because our business operates multiple customer-facing brands out of a unified e-commerce backend, we employ strict data security standards to isolate and protect project data:

• Access Control: Access to raw customer data, site self-surveys, and structural photographs is strictly restricted to authorised designers, logistical safety managers, and production engineers.
• Secure Third-Party Handshakes: When transferring logistics profiles or site photos to specialised transport contractors (such as HIAB crane or Moffett forklift operators for Pergola Pros), data is shared via encrypted pipelines solely to execute pre-delivery risk assessments.
• No Local Payment Retention: All financial transactions are funnelled through fully certified, Level 1 PCI-DSS compliant payment gateways. Sterling Grid Security Ltd never views or stores unencrypted credit or debit card data on local hardware.

As a registered UK company processing personal data digitally, Sterling Grid Security Ltd recognises its statutory requirement to be registered with the Information Commissioner’s Office (ICO), the UK’s independent data protection regulatory authority. We maintain our operations in alignment with the ICO’s codes of practice.

n the highly unlikely event of a security compromise resulting in an unauthorised breach of personal data, the Company maintains an active Data Breach Response Plan. Where required by law, we will notify the Information Commissioner’s Office (ICO) and any affected individuals within 72 hours of becoming aware of the breach.