Privacy Policy
Privacy Policy
最后更新:9/10/2020
亚博最新客户端资本和地区and your personal data
这是资本与地区的亚博最新客户端隐私政策。它列出了我们如何收集和处理您的个人数据,我们使用的内容,并为您提供有关如何修改我们对您持有的信息的重要信息,例如修改或删除以营销传播或更新您的个人详细信息的同意。如果您对此策略有任何疑问,或者我们如何处理您提供给我们的任何个人数据,请使用本文档底部提供的详细信息与我们联系。
"Personal Data" is any data that identifies you. The Personal Data which you supply to us you agree will be true. We will deal with your Personal Data in compliance with the current UK & EU data protection legislation, which includes the EU General Data Protection Regulation (GDPR) which comes into force on 25th May 2018. Please note this applies only to services which we operate and control and not to other companies' or organisations' websites to which we may link. For such external services or sites please see their Privacy Policies to understand how they might be handling your data.
Who is Capital & Regional?
亚博最新客户端Capital&Regional Plc在英国拥有并经营许多购物中心。亚博最新客户端Capital&Regional在伦敦证券交易所的主要市场上列出,并在约翰内斯堡证券交易所上市。
我们收集和处理个人数据的目的
我们收集和处理数据以:了解我们的股东和利益相关者是谁,并向他们发送适当且相关的信息;为资本与地区和我们的购物中心进行营销;亚博最新客户端为了管理我们业务的运营,例如与我们中心运营的企业的合同。在某些情况下,我们还必须持有某些信息以进行法律合规,执法或合同目的。
Legal Basis
Data protection laws set out a number of valid reasons for the collection and processing of personal data. These include: Consent, such as ticking a box to opt-in to receive marketing emails from us; legitimate Interest; compliance with the law; and, to fulfil contractual obligations.
What Data We Collect
When registering to receive RNS or media updates we collect personal data like your contact information. Similarly Shareholders acquiring shares will register their name and address. We also collect contact information in respect of advisors or third parties and in certain circumstances are required to collect and maintain additional personal information such as ID or Passport numbers for regulatory purposes.
为了支持英格兰的NHS测试和跟踪(这是卫生与社会护理部的一部分),我们收集并保留了有限的记录,这些员工,客户和访客是为了接触跟踪的目的而进入我们的办公室。
Covid-19 Track & Trace
To support NHS Test and Trace (which is part of the Department for Health and Social Care) in England, we have been mandated by law to collect and keep a limited record of staff, customers and visitors who come onto our office premises for the purpose of contact tracing.
通过维护员工,客户和访客的记录,并在要求的情况下与NHS测试和跟踪共享这些记录,我们可以帮助识别可能接触冠状病毒的人。
作为我们办公室的客户/访客,您将被要求提供一些基本信息和联系方式。将收集以下信息:
- the names of all customers or visitors, or if it is a group of people, the name of one member of the group
- a contact phone number for each customer or visitor, or for the lead member of a group of people
- date of visit and arrival time and departure time
作为收集您个人数据的数据控制者的场地/机构将负责遵守其持有信息的一段时间内的数据保护立法。当NHS测试和跟踪服务要求该信息时,此时该服务将负责在此期间遵守数据保护立法。
The NHS Test and Trace service as part of safeguarding your personal data, has in place technical, organisational and administrative security measures to protect your personal information that it receives from the venue/establishment, that it holds from loss, misuse, and unauthorised access, disclosure, alteration and destruction.
此外,如果你只与一个成员互动of staff during your visit, the name of the assigned staff member will be recorded alongside your information.
NHS测试和TRACE要求我们从访问之日起保留此信息21天,以使联系跟踪在此期间通过NHS测试和跟踪进行。如果它们是专门要求的,我们将仅与NHS测试共享信息。
例如,如果另一个客户在会场回购rted symptoms and subsequently tested positive, NHS Test and Trace can request the log of customer details for a particular time period (for example, this may be all customers who visited on a particular day or time-band, or over a 2-day period).
我们可能要求您预约访问或到达时填写表格。
根据政府的指导,我们收集的信息可能包括我们通常不会从您那里收集的信息,因此我们仅出于接触跟踪而收集的信息。此类型的信息不会用于其他目的,除非法律要求这样做,否则NHS测试和跟踪将不会向任何第三方披露此信息(例如,由于收到法院命令)。此外,如果仅出于联系跟踪目的收集信息,则在您访问之日后21天将其销毁。
However, the government guidance may also cover information that we would usually collect and hold onto as part of our ordinary dealings with you (perhaps, for example, your name, date of birth and phone number). Where this is the case, this information only will continue to be held after 21 days and we will use it as we usually would, unless and until you tell us not to.
Your information will always be stored and used in compliance with the relevant data protection legislation.
The use of your information is covered by the General Data Protection Regulations Article 6 (1) (c) – a legal obligation to which we as a venue/establishment are subject to. The legal obligation to which we’re subject, means that we’re mandated by law, by a set of new regulations from the government, to co-operate with the NHS Test and Trace service, in order to help maintain a safe operating environment and to help fight any local outbreak of corona virus.
We do not hold or transfer this data outside of the EU.
根据法律,您拥有许多作为数据主体的权利,例如获取信息的权利,访问有关您的信息的权利以及纠正我们对您持有的任何不准确数据的权利。
- You have the right to request that we erase personal data about you that we hold (although this is not an absolute right).
- 您有权要求我们限制在某些情况下对您持有的有关您的个人数据的处理。
- You have the right to object to processing of personal data about you on grounds relating to your particular situation (also again this right is not absolute).
如果您不满意或希望抱怨如何使用信息,则应在第一案中与工作人员联系以解决您的问题。
If you are still not satisfied, you can complain to the Information Commissioner’s Office. Their website address is www.ico.org.uk.
使用个人数据进行营销传播
We only send post, email, text messages and mobile notifications to you about news and services that we consider may be of interest to you only if you have given us permission to do so.
Electronic notifications may be sent to you via your internet browser if you have given consent for us to do so. If you subsequently wish to remove consent for these you can do so following the instructions provided by your internet browser software.
谁控制或可以访问数据?
Personal data is accessed and processed by staff at the support office of Capital & Regional. The use of personal data will remain under the control of Capital & Regional at all times operating as the Data Controller. Capital & Regional do not sell your data to other companies.
We use selected third parties, called Data Processors, to help operate our services which include, for example, email system or database providers. When employing Data Processors, we ensure that they comply with data protection laws including ensuring that data is held securely and that only the information required to complete the work is supplied to them. If we stop using a particular Data Processor’s services we require that personal data held by them is securely deleted or anonymised. Third parties involved with our database and email systems are Tiger Systems and Nunki, and website data can be processed by Innovation Digital. Some customer data required to fulfil retailer and commercial partner requests and to fulfil contractual obligations, is stored within Salesforce.
In compliance with the law we may be obligated to disclose Data about you to a law enforcement agency or by a court order.
个人数据仅在欧盟内持有和处理。
Data subjects have various rights in relation to accessing and amending the data companies hold on them under GDPR. More information on how to do this can be found later in this document.
Your personal data is not shared with other companies for their own purposes unless specifically stated at the time of collection and you have given your permission.
Retention Period & Criteria
We only keep personal data for as long as necessary for the purpose for which it was collected or to comply with legal, contractual or law enforcement purposes. At the end of this period data is either deleted or anonymised so that it can be used for statistical and analytical purposes in a non-identifiable way.
Security
We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.
数据主体的权利
Data subjects have a number of rights which we recognise and uphold. These include: The right to be informed about how we collect and process your personal data which is detailed in this document; The right to access this information; The right to rectify or erase data; The right to restrict the processing of data; The right to data portability; The right to object; and, rights relating to automated decision making and profiling. Data subjects also have the right to lodge complaints with the Information Commissioners Office and the right to withdraw consent.
How do I access or amend my data?
Please contact us dataofficer@www.decobolsas.com. In line with GDPR access requests are free and will be responded to within a month.
How do I remove myself from your mailing list?
Please email dataofficer@www.decobolsas.com with the word 'remove' in the subject line and the email address that you wish to be removed within the email. Please note that it may take up to 28 days to action your request via this method.
Each email we send contains an unsubscribe link and a link to the customer profile tool.
Opting out of marketing communications will be honoured unless a later opt-in is received for the same contact details.
If you would like request we delete your data completely please email us at dataofficer@www.decobolsas.com.
更改本隐私声明
We will occasionally update this Privacy Statement and when we do, we will also revise the "last updated" date at the top of this document. We will obtain your consent for any updates to this Privacy Statement that materially expand the sharing or use of your personal information in ways not disclosed in this Privacy Statement at the time of collection.
Identity and Contact Details
Data Controller: Capital & Regional, 22 Chapter Street, London, SW1P 4NP.
If you have any comments or queries in connection with our privacy policy or the data we hold, please telephone 020 7932 8000 or write to Customer Services, Capital & Regional, 22 Chapter Street, London, SW1P 4NP, or email dataofficer@www.decobolsas.com.