Compliance & Industry Standards

Last updated: 14 May 2026

GuardFlow is built specifically for the UK private security industry and is designed to help operators meet their statutory obligations.

SIA (Security Industry Authority)

The platform records SIA licence numbers, expiry dates and licence types for every operative. Approved Contractor Scheme (ACS) record-keeping is supported. The customer remains responsible for verifying every licence on the official SIA Register.

Right to Work

Right-to-work documents (passport, BRP, share code) can be uploaded and verified per Home Office guidance. Records are retained for the duration of employment plus 2 years.

Working Time Regulations 1998

Shift scheduling enforces the 48-hour weekly average where the operative has not signed an opt-out, and surfaces rest-break warnings.

HMRC & payroll

Timesheet exports include all data required for PAYE / RTI and CIS reporting. Records are retained for 6 years per HMRC requirements.

BS 7858 (screening)

Vetting documents (5-year address history, references, employment gaps) are stored against each operative's profile.

Information security

• TLS 1.2+ in transit, AES-256 at rest.
• Row-level security enforced at the database layer.
• Audit log of all admin actions.
• Daily encrypted backups, 30-day retention.

Reporting concerns

Compliance concerns can be raised at support@guardflowapp.com. Whistle-blowing disclosures are handled confidentially.