Our Divisions

Six Core Capabilities

Each division is built around a critical dimension of national and institutional security.

View All Divisions

Sectors

Eight Sectors

We serve government, defence, and institutional clients across the most demanding security environments in the world.

All Sectors
Legal Document

Privacy Statement

Last Updated

This Privacy Statement explains how the International Group for Safety & Security ("IGSS", "we", "us", or "our") collects, uses, stores, and protects personal data obtained through this website. We are committed to handling all personal information responsibly, transparently, and in full compliance with applicable data protection legislation.

By accessing this website or submitting an enquiry, you confirm that you have read and understood this Privacy Statement. If you do not agree with any part of this statement, you must not use this website or submit your personal data to us.

This statement should be read alongside our Cookie Policy and Terms and Conditions.

1. Data Controller

IGSS is the data controller responsible for the personal data collected through this website. As data controller, we determine the purposes and means by which personal data is processed.

We do not operate a store, subscription service, or user account system. All personal data collected through this website is limited to enquiry correspondence and anonymised analytics.

International Group for Safety & Security
P.O. Box 65018
Mansouriya 35651
State of Kuwait
Email: [email protected]

2. Applicable Law and Regulatory Framework

IGSS processes personal data in accordance with the following legal frameworks. The applicable framework depends on where you are located and the circumstances under which your data is collected.

Kuwait Personal Data Protection Law (PDPL)

As a company registered and headquartered in the State of Kuwait, IGSS is primarily subject to Kuwait's Personal Data Protection Law (PDPL) and its implementing regulations issued by the Communications and Information Technology Regulatory Authority (CITRA). Under the PDPL, we are required to:

  • Collect personal data only for specific, explicit, and legitimate purposes;
  • Process personal data in a manner that is compatible with those purposes;
  • Ensure personal data is accurate and kept up to date;
  • Retain personal data for no longer than is necessary for the stated purpose;
  • Implement appropriate technical and organisational security measures;
  • Obtain consent where required under Kuwaiti law;
  • Facilitate the rights of data subjects as prescribed by the PDPL.

General Data Protection Regulation (GDPR)

Where personal data is collected from individuals located in the European Economic Area (EEA) or the United Kingdom (UK), the General Data Protection Regulation (EU) 2016/679 (GDPR) and its UK equivalent (UK GDPR) may also apply. In those circumstances, IGSS processes personal data in accordance with all applicable GDPR requirements and recognises the full scope of rights afforded to EEA and UK data subjects.

The legal bases on which we rely to process personal data under GDPR are detailed in Section 5 below. Where the GDPR applies and you are dissatisfied with our handling of your data, you have the right to lodge a complaint with the relevant data protection supervisory authority:

  • EEA data subjects: Contact your local supervisory authority. A directory of EU supervisory authorities is available at edpb.europa.eu;
  • UK data subjects: Contact the Information Commissioner's Office (ICO) at ico.org.uk.

IGSS does not appoint a Data Protection Officer (DPO) as this is not required under the applicable frameworks given the nature and scale of our data processing activities. All data protection enquiries should be directed to us using the contact details in Section 16.

3. What Personal Data We Collect

Contact Form Submissions

When you submit an enquiry through our contact form, we collect the personal data you voluntarily provide. This may include your full name, email address, telephone number, job title, organisation or company name, and the content of your message. You are under no obligation to provide this information, but without it we will be unable to review or respond to your enquiry.

We do not collect sensitive or special category personal data through the contact form. You must not submit information relating to racial or ethnic origin, political opinions, religious beliefs, health, biometric data, or any other sensitive category through this website.

Analytics Data

We use analytics tools to collect aggregated, pseudonymous information about how visitors interact with this website. This may include your approximate geographic location (at country or region level), browser type, operating system, device type, pages visited, time spent on the site, and how you arrived at the website. This information is used in aggregate form only and is not used to identify individual visitors.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. Please see our Cookie Policy for full details of the cookies we use, their purposes, and how to manage your preferences.

4. How We Collect Your Data

  • Directly from you, when you voluntarily complete and submit the contact form on this website;
  • Automatically, through analytics tools and cookies that operate when you browse this website.

We do not obtain personal data from third-party data brokers, social media platforms, or any other external source. We do not combine data collected through this website with data from other sources to create profiles of individual visitors.

5. Legal Basis for Processing

We process personal data only where we have a valid legal basis to do so. The legal bases we rely on are as follows:

  • Legitimate interests (PDPL / GDPR Art. 6(1)(f)): We have a legitimate interest in receiving and managing business enquiries, maintaining records of correspondence, and analysing how our website is used. We have assessed that this interest is not overridden by the fundamental rights and freedoms of data subjects, given that the data collected is limited in scope and is not used for profiling, marketing, or any purpose beyond managing genuine business enquiries.
  • Consent (PDPL / GDPR Art. 6(1)(a)): Where you have given explicit consent, including through accepting non-essential cookies via our cookie banner, we process data on this basis. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
  • Legal obligation (PDPL / GDPR Art. 6(1)(c)): Where we are required to process or retain data to comply with a legal obligation, court order, or regulatory requirement under applicable law.
  • Protection of vital interests (GDPR Art. 6(1)(d)): In exceptional circumstances where processing is necessary to protect the vital interests of any individual.

We do not carry out automated decision-making or profiling within the meaning of GDPR Article 22. No decision that produces a legal or similarly significant effect will be made about you based solely on automated processing of your personal data.

6. Purposes of Processing

We use the personal data we collect for the following purposes only:

  • To receive, review, log, and respond to enquiries submitted through our contact form;
  • To assess whether an enquiry falls within our areas of activity and to determine the appropriate response;
  • To communicate with you regarding your enquiry, including arranging further discussions or meetings where appropriate;
  • To maintain an internal record of correspondence in connection with a potential or existing business relationship;
  • To analyse and improve the performance, content, and structure of this website through aggregated analytics data;
  • To comply with our legal, regulatory, and contractual obligations.

We will not use your personal data for any purpose other than those listed above without first obtaining your explicit consent or establishing a separate legal basis for doing so.

7. Data Retention

We retain personal data only for as long as is necessary for the purpose for which it was collected, or as required by applicable law. The following retention periods apply:

  • Enquiries not leading to engagement: Retained for a reasonable administrative review period and then permanently deleted;
  • Enquiries leading to a business engagement: Retained for the duration of the engagement and for such further period as is required by Kuwaiti commercial law or as is reasonably necessary for the management of the relationship and any related legal claims;
  • Analytics data: Subject to the retention settings of the relevant analytics provider. IGSS does not independently retain raw analytics data beyond what the provider stores.

Upon expiry of the applicable retention period, all personal data is permanently deleted or irreversibly anonymised. We do not retain personal data in a form that allows identification of individuals for longer than is necessary.

8. Disclosure of Your Data

IGSS does not sell, rent, trade, license, or otherwise transfer your personal data to third parties for their own commercial or marketing purposes under any circumstances.

We may disclose your personal data in the following limited circumstances:

  • Trusted service providers (data processors): Third-party providers engaged to assist us in operating this website and managing communications. This includes our website hosting provider, contact form service provider, and analytics provider. These parties act as data processors and are bound by written data processing agreements that prohibit them from using your data for any purpose other than providing the contracted service;
  • Professional and legal advisors: Where disclosure is necessary in connection with a legitimate legal matter, including to seek legal advice or to defend or bring legal proceedings;
  • Regulatory and governmental authorities: Where we are required to disclose personal data by applicable law, a binding court order, or a competent regulatory or government authority. Where legally permitted to do so, we will notify you of such a disclosure;
  • Business transfers: In the event of a merger, acquisition, reorganisation, or sale of all or part of our business, personal data held by us may be transferred to the relevant parties as part of that transaction. We will notify affected individuals of any such transfer and of any changes to data processing practices that result from it.

In all cases of disclosure, we take steps to ensure that personal data is protected and that the receiving party is bound by appropriate confidentiality and data protection obligations.

9. International Data Transfers

This website is operated from and personal data is processed in the State of Kuwait. If you are accessing this website from a country with data transfer restrictions, including any EEA member state, the United Kingdom, or other jurisdictions with equivalent restrictions, your personal data will be transferred to and processed in Kuwait.

Kuwait may not currently be recognised as providing an equivalent level of data protection to that required within the EEA under GDPR. Where GDPR applies to the transfer of your personal data to Kuwait, we rely on your explicit consent to that transfer (GDPR Art. 49(1)(a)), which you provide by submitting an enquiry through this website. You are advised that this transfer is necessary to allow us to manage your enquiry and that the risks of transfer to a country without an adequacy decision include the possibility that the data may be subject to access by government authorities in that country.

You may withdraw your consent to the transfer at any time by contacting us, though this will prevent us from processing any further enquiry from you.

10. Data Security

We have implemented and maintain appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, unauthorised disclosure, or destruction. Our security measures include:

  • Encrypted connections (HTTPS/TLS) for all data transmitted through this website;
  • Restricted internal access to personal data on a strict need-to-know basis;
  • Written data processing agreements with all third-party service providers who process data on our behalf, incorporating data security obligations;
  • Regular review of access controls and security configurations;
  • Prompt response procedures in the event of a suspected data security incident.

No method of internet transmission or electronic storage is fully secure. While we take all reasonable precautions, we cannot guarantee the absolute security of personal data transmitted to us and you do so at your own risk.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and any applicable supervisory authority within the timeframes required by applicable law.

11. Your Rights as a Data Subject

Subject to the conditions and limitations prescribed by applicable law, you have the following rights in relation to personal data we hold about you. These rights apply under both the Kuwait PDPL and, where the GDPR applies, in accordance with GDPR Chapter III:

  • Right of access (PDPL / GDPR Art. 15): You may request a copy of the personal data we hold about you and information regarding how, why, and on what basis we process it;
  • Right to rectification (PDPL / GDPR Art. 16): You may request correction of any inaccurate or incomplete personal data we hold about you without undue delay;
  • Right to erasure (PDPL / GDPR Art. 17): You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent, where you have objected to processing and there are no overriding legitimate grounds, where the data has been unlawfully processed, or where deletion is required by law;
  • Right to restriction of processing (GDPR Art. 18): You may request that we temporarily suspend the use of your personal data in certain circumstances, including while the accuracy of your data is being contested or while an objection is being considered;
  • Right to data portability (GDPR Art. 20): Where processing is based on consent or contract and is carried out by automated means, you may request to receive your personal data in a structured, commonly used, machine-readable format, and to transmit it to another controller where technically feasible;
  • Right to object (PDPL / GDPR Art. 21): You may object at any time to our processing of your personal data where we rely on legitimate interests as the legal basis. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defence of legal claims;
  • Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal;
  • Right not to be subject to automated decision-making (GDPR Art. 22): You have the right not to be subject to a decision based solely on automated processing that produces a legal or similarly significant effect. We confirm that we do not carry out such processing;
  • Right to lodge a complaint: You have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction. See Section 16 for contact details.

To exercise any of these rights, please submit a written request to [email protected]. We will respond within 30 days or within such shorter timeframe as may be required by applicable law. We reserve the right to verify your identity before processing any request. Where a request is manifestly unfounded or excessive, we may charge a reasonable administrative fee or decline to act on the request, in either case providing written reasons.

IGSS will not discriminate against you for exercising any of your data subject rights.

12. Accuracy of Information

IGSS takes reasonable steps to ensure that personal data we hold is accurate and kept up to date. However, we are dependent on you providing accurate information when you submit an enquiry. You are responsible for ensuring that any information you submit to us is truthful, accurate, and not misleading.

If any information you have provided to us changes, or if you believe that data we hold about you is inaccurate, please notify us promptly at [email protected].

13. Limitation of Liability

To the fullest extent permitted by applicable law, IGSS shall not be liable for any loss, damage, or harm arising from:

  • Any unauthorised access to, or use of, personal data transmitted through this website that is caused by a third party and is beyond our reasonable control;
  • Any inaccuracy in personal data resulting from information provided by you;
  • Any failure by you to maintain the security of your own devices, networks, or communications;
  • Any processing of personal data that you consent to by accessing this website and submitting your data through our contact form;
  • Any disclosure of personal data required by applicable law or compelled by a competent court or authority.

Nothing in this statement excludes or limits our liability for death or personal injury caused by our negligence, or for any other liability that cannot be excluded or limited under applicable Kuwaiti law.

14. Cookies

This website uses cookies. A cookie consent banner is displayed on your first visit, giving you control over which categories of cookies are set. Only essential cookies are placed without your consent. All other cookies require your explicit permission.

Full details of the cookies used, their purposes, retention periods, and third-party providers are set out in our Cookie Policy. You may manage your preferences or withdraw consent at any time through the cookie settings tool on that page.

15. Children

This website is not directed at or intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate parental consent, we will take immediate steps to delete it.

If you believe that a child has submitted personal data through this website, please contact us immediately at [email protected].

16. Changes to This Statement

We reserve the right to update or amend this Privacy Statement at any time to reflect changes in our data processing practices, applicable law, or regulatory guidance. The "Last Updated" date at the top of this page reflects when the statement was most recently revised.

Where changes are material, we will take reasonable steps to bring them to your attention. Continued use of this website following the publication of an updated statement constitutes your acceptance of the revised terms.

17. Contact and Complaints

All questions, requests to exercise data subject rights, or concerns regarding this Privacy Statement and our data processing activities should be submitted in writing to:

International Group for Safety & Security
P.O. Box 65018
Mansouriya 35651
State of Kuwait
Email: [email protected]

We will acknowledge your request promptly and respond within 30 days or within the timeframe required by applicable law. If you are not satisfied with our response, you have the right to escalate your complaint to the relevant supervisory authority:

  • Kuwait: Communications and Information Technology Regulatory Authority (CITRA) at citra.gov.kw;
  • EEA data subjects: Your local data protection authority. Full directory at edpb.europa.eu;
  • UK data subjects: The Information Commissioner's Office (ICO) at ico.org.uk.

This website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only