This article will explain why you may see a Not Secure pop-up on your site.
Your site may not automatically redirect users to the secure (https) version. This means that any user who visits your site will see a Not Secure message, depending on the web browser.
When users view your site securely (using https), the content of the site is encrypted when it is sent to and from the user's computer or device. This prevents an intermediary from observing the content that the user is browsing.
If the user browses the site insecurely (using http), the content is transmitted without encryption. A third-party could then read that information during transmission. This is not an issue with normal web content, but any submitted information (names, email addresses, personal information, etc.) should be transmitted securely.
There are several articles that can explain this topic in further detail, but this is the main difference between the Secure and Not Secure versions of the page.