Uk-Policy

Privacy Statement, effective as of November 1, 2017

Camelot Real Estate Management Ltd and Camelot Guardian Management Ltd. (“Camelot,” “Camelot Europe,” “we,” “us,” “our,” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend the Company’s corporate events (“Attendees”). This Privacy Statement describes Camelot’s privacy practices in relation to the use of the Company’s Web sites and the related services and products offered by Camelot (collectively, the “Services”),as well as individuals’ choices regarding use, access and correction of personal information.

In order to provide our services to you we need to collect and process personal information, including financial information about you. For the protection of your data we use physical, technical and organisational measurements. We reserve the right to amend or modify this Privacy Statement at any time and in response to changes in applicable data protection and privacy legislation.

Except as set out in this Privacy Statement, we will not disclose any of your information to other parties without your permission unless we are legally required to do so by, for example, a court order or for the purposes of prevention of fraud or other crime. By submitting information into our website, you consent to the processing of this data about you by us and the product providers

If you have questions or complaints regarding Camelot’s Privacy Statement or associated practices, please contact us privacynotices@cameloteurope.com

 

1. Web sites covered

This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide, of Web sites that link to this Privacy Statement (collectively referred to as “Camelot’s Web sites” or “the Company’s Web sites”). 

Camelot’s Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.

 

2. Information collected

Consumers and Potential Consumers (What to be a Guardian):

When expressing an interest in obtaining additional information about the Services, or registering to use the Web sites or other Services, Camelot requires you to provide the Company with personal contact information such as name, current address, phone numbers, and email address (“Required Contact Information”), date or birth, nationality and current employment situation and whether you have a partner that you want to live with and the areas you are interested to live in.

When registering for an event, Camelot may also require you to provide the Company with financial information, such as credit card number, (“Billing Information”) and the number of interested parties coming to the event. Camelot may also ask you to provide additional information related to the event such as interests that you have which relate to the event etc.

Clients and Potential Clients:

When expressing an interest in obtaining additional information about the Services, or registering to use the Web sites or other Services, or registering for an event, Camelot requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services or registering for an event, Camelot may also require you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Camelot may also ask you to provide additional information, such as company annual revenues, number of employees, job role, industry and service/event related questions (“Optional Information”).

Other Visitors (Staff and Potential Staff):

When Visitors apply for a job with the Company, Camelot may also require you to submit additional personal information as well as a resume or curriculum vitae (“Applicant Information”). Required Contact Information, Billing Information, Applicant Information, Optional Information and any other information you submit to Camelot to or through the Services are referred to collectively as “Data.”

Video Images

Recording devices might be positioned in and around the building, are for security purposes regarding belongings of Camelot and the Data Subjects.

The images are stored locally and stored temporarily, up to 4 weeks.

The stored images are not displayed, they are only considered in case of damage to Camelot's property, suspicion of misconduct and at the request of police and justice. The images are kept until the incident is handled.

There may be one or more points in the building that can be viewed live.

Please see the full list of data collected, in section 13, below.

As you navigate the Company’s Web sites, Camelot may also collect information through the use of commonly-used information-gathering tools, such as cookies and Google Analytics. Google Analytics includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web sites (such as the Web pages viewed and the links clicked). For additional information about the collection of Google Analytics by Camelot, please click here (page 6 below).

 

3. Use of information collected

Personal data is processed for the following purposes, where Data Subjects are Guardians and Potential Guardians, Clients and Potential Clients, Staff and Potential Staff, Suppliers and website visitors:

  • Entering into agreements;
  • To implement agreements with Data Subjects in the field of rentals and Guardianships;
  • Informing Data Subjects;
  • Ensuring the security of the company's property and Data Subjects, more specifically the prevention of criminal offences and illegal activities;
  • Approaching Data Subjects for marketing purposes; 
  • Improving the company's offline and online services.

The basis for the use of Data Subjects personal data by the company rests on the following grounds:

  • Data Subjects have authorized the processing of their personal data for one or more purposes mentioned above;
  • The processing is necessary for the execution of agreements with Camelot and 3rd parties.
  • The (data) administration is necessary for the management of the legitimate interests of the company or a third party. 

More specific ensuring the security of company possessions and customers via camera surveillance in and around client construction sites.

 

4. Web Site Navigational Information

Cookies, Web Beacons and IP Addresses

Camelot uses commonly-used information-gathering tools, such as cookies and Google Analytics, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). As described more fully below, we and our partners use these cookies or similar technologies to analyze trends, administer Web sites and Services, track users’ movements around our Web sites and Services, serve targeted advertisements and gather demographic information about our user base as a whole.  This section describes the types of Google Analytics used on the Company’s Web sites and Services, and how this information may be used.

Cookies

Camelot uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, Camelot’s servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Camelot, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Email Alerts” or a “sign up to a Newsletter” or “Application for a room” Web forms) or have previously identified yourself to Camelot, you remain anonymous to the Company.

Camelot uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Web sites or Services. 

Web Beacons

Camelot uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site or Service tied to the Web beacon, and a description of a Web site or Service tied to the Web beacon. For example, Camelot may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. Camelot uses Web beacons to operate and improve the Company’s Web sites, Services and email communications.

Google Analytics

Camelot uses Google Analytics, whether or not in combination with cookies, to collect information about the use of the Company's Websites by Customers and Visitors and about interaction with e-mails from the Company.


Log Files, IP Addresses, URLs and Other Data

As is true of most Web sites, we gather certain information automatically to analyze trends in the aggregate and administer our Web sites and Services.  This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyze overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, Camelot uses IP addresses to monitor the regions from which Customers/Cleints and Visitors navigate the Company’s Web sites. Camelot also collects IP addresses from Customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.


Social Media Features and Single Sign-on

The Company’s Web sites may use social media features, such as the Facebook “like” button (“Social Media Features”). These features may collect your IP address and which page you are visiting on the Company’s Web site, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on the Company’s Web site to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on the Company’s Web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features. Camelot also allows you to log in to certain of our Web sites and Services using sign-in services such as Facebook Connect. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form.


Do Not Track

Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user's browser DNT preference setting. Camelot does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Camelot takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

 

5. Public forums refer a contact, and customer testimonials

Camelot may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages. Camelot is not responsible for the personal information you choose to submit in these forums.

Customers/Clients and Visitors may elect to use the Company’s referral program to inform contacts about the Company’s Web sites and Services. When using the referral program, the Company requests the contact’s name and email address. Camelot will automatically send the contact a one–time email inviting him or her to visit the Company’s Web sites. Camelot does not store this information.

Camelot posts a list of Customers/Clients and testimonials on the Company’s Web sites that contain information such as Customer names and titles. Camelot obtains the consent of each Customer/Client prior to posting any information on such a list or posting testimonials.

 

6. Sharing of information collected

Service Providers

Camelot may share Data about Camelot, Visitors, Customers and Attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us.  Without limiting the foregoing, Camelot may also share Data about Camelot Visitors, Customers and Attendees with the Company’s service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, Camelot does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Third Parties

Section 4 of this Privacy Statement, Google Analytics, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browsers.  We may also disclose your personal information to any third party with your prior consent.

Compelled Disclosure

Camelot reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

 

7. International transfer of information collected

Camelot has a development team in India who may use your Data for testing purposes in an isolated IT environment.  This environment is not stored electronically in India but in Europe. Our development team in India comply with all the procedures and processes of Camelot.  No Data is stored in India.

 

8. Communications preferences

Camelot offers Visitors, Customers/Clients, and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may unsubscribe by contacting us using the information in the “Contacting Us" section below.

 

9. Your rights as a Data Subject

You have the following rights under GDPR:

  • The right to know whether and what personal data are processed by you;
  • The right to inspect and copy such data;
  • The right to correct, supplement or delete data if necessary;
  • The right to request (partial) destruction of your data. This can only be met if the holding of data for the company is not of significant 6 importance and the data should not be retained under a statutory regulation;
  • The right to oppose the processing of your data in certain cases;
  • The right to Data portability.

All requests must be made by e-mail to privacynotice@cameloteurope.com and in order to prevent misuse, we need you to provide proof of who you are e.g. your identity number or a copy of your Identification document.

 

10. Mobile applications

Without limiting the generality of this Privacy Statement, in addition to information gathered through its Web sites or submitted to its Services, Camelot may obtain information through applications (“Mobile Applications”) that Customers/Clients or their authorized individuals (“Users”) download to, and run on, their mobile devices (“Devices”). Mobile Applications provided by Camelot may obtain information from, or access data stored on, Users’ Devices to provide services related to the relevant Mobile Application. For example, a Mobile Application may: access a camera on a User’s Device to enable the User to upload photographs to the Services; access the call history on a User’s Device to enable the User to upload that information to the Services; access calendar information on a User’s Device to enable the User to match meeting attendees with contacts submitted by the User to the Services; access the geographic location of a User’s Device to enable the User to identify contacts submitted by the User the Services who are nearby; or access contact information on a User’s Device to enable the User to sync contact information between the information that is stored on the User’s Device and the information that is submitted to the Services. Information obtained to provide Mobile Application services may include information obtained in preparation for anticipated updates to those services. Mobile Applications may transmit information to and from Devices to provide the Mobile Application services.

Mobile Applications may provide Camelot with information related to Users’ use of the Mobile Application services, information regarding Users’ computer systems, and information regarding Users’ interaction with Mobile Applications, which Camelot may use to provide and improve the Mobile Application services. For example, all actions taken in a Mobile Application may be logged, along with associated information (such as the time of day when each action was taken). Camelot may also share anonymous data about these actions with third-party providers of analytics services. In addition, if a User downloads a Camelot Mobile Application after clicking on a third-party mobile advertisement for the Mobile Application or for Camelot, the third-party advertiser may provide Camelot with certain information, such as the User’s Device identification information, which Camelot may use to track the performance of its advertising campaigns.

Customers/Clients may configure Camelot Mobile Application services, and the information accessed or obtained by the Mobile Application on a User’s Device may be affected by the Customer’s/Client’s configuration. In addition, if a Customer/Client  purchases more than one Service from Camelot and its affiliates, a Mobile Application may be designed to inter operate with those Services; for instance, to provide a User with access to information from any or all of those Services or to provide information from a User’s Device to any or all of those Services. Information accessed or obtained by the Mobile Application on a User’s Device may be accessible to the Customer/Client and its organization, depending on the intended functionality of the Mobile Application. Camelot may provide updated versions of its Mobile Applications. If your mobile device’s settings permit, those updates will be downloaded and installed automatically on your mobile device. By installing a Camelot Mobile Application on your mobile device, you consent to the downloading and updating of that Mobile Application.

In addition to Mobile Applications offered by Camelot, the Company may offer platforms for the creation of third-party Mobile Applications, including but not limited to the Camelot for Mobile platform. Third parties may obtain information from, or access data stored on, Users’ Devices to provide services associated with any third-party Mobile Applications that Users download, install, use, or otherwise interact with over a Camelot platform. Camelot’ Mobile Applications may also contain links or integrations to other Mobile Applications provided by third parties. Third parties’ use of information collected through third-party Mobile Applications is governed by the privacy statements of such third parties. The Company encourages you to review the privacy statements of third-party providers of Mobile Applications to understand their information practices.

Notices and contractual terms related to a particular Mobile Application may be found in the End User License Agreement or relevant terms of service for that application. The Company encourages you to review the End User License Agreement or relevant terms of service related to any Mobile Applications you download, install, use, or otherwise interact with to understand that Mobile Application’s information practices. The Mobile Application’s access to information through a User’s Device does not cause that information to be "Customer Data" under Camelot’s Master Subscription Agreement with the Customer/Client or under this Privacy Statement, except as follows: To the extent that a User uses a Mobile Application to submit electronic data and information to a Customer/ Client account on our Services pursuant to the Customer's Master Subscription Agreement with Camelot (or a similar agreement that governs the Customer’s subscription(s) to Camelot’s Services), that information constitutes “Customer Data” as defined in such agreement, and the provisions of that agreement with respect to privacy and security of such data will apply.

 

11. Changes to this Privacy Statement

Camelot reserves the right to change this Privacy Statement. Camelot will provide notification of the material changes to this Privacy Statement through the Company’s Web sites at least thirty (30) business days prior to the change taking effect.

 

12. Contacting us

Questions regarding this Privacy Statement or the information practices of the Company’s Web sites and Services should be directed to:

UKguardians UKguardians@cameloteurope.com =  Existing or previous Guardian Question

UKsales UKsales@cameloteurope.com = Client Question

UKenquiries UKenquiries@cameloteurope.com = potential guardian enquires and other enquires

privacynotice@cameloteurope.com = GDPR questions and this Privacy Statement

13. Data Collection Table


Data Subject - Guardian Applicant

Data TypeReason why we store the data / how we use the dateRetention Period After Application
Name and contact detailsTo contact Guardian Applicant and send Marketing invitations to view properties that you have not selected, of which Camelot believes will suit your search12 months
Date of birthCheck the age is above 1812 months
Current AddressTo perform a credit check. This forms part of the vetting criteria to become a guardian.12 months
Employment statusThis forms part of the vetting criteria to become a guardian.12 months
Partner statusTo find out if Camelot can accommodate the Partner 12 months
Partner emailTo then contact Guardian Applicant Partner in relation to offering accommodation.12 months
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 weeks period regardless of application date.

Data Subject – Guardian

Data TypeReason why we store the data / how we use the dateRetention Period After Guardian has left
Name and contact detailsTo contact Guardian Applicant1 year
Date of birthCheck the age is above 181 year
Photo ID (e.g. copy of passport) & NationalityTo confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Guardian vetting criteria. 1 year
Visa (if needed)To verify that you are legally allowed to live and work/study in the country. This is part of the Guardian vetting criteria.1 year
Current AddressTo perform a credit check. This forms part of the vetting criteria to become a guardian.1 year
Credit checkTo see if you have a good history of paying, this is part of the Guardian vetting criteria.1 year
If appropriate, Guarantor name & contact informationIf the Credit Check comes back low a guarantor is required.1 year
Employment status and details.This forms part of the vetting criteria to become a guardian.1 year
Bank DetailsSet up payment of accommodation Fee and to pay back Damage Security Payment 1 year
Next of Kin name & contact informationIn cases of emergencies, were Camelot needs to contact a Guardians Next of Kin.1 year
Address of previous properties from last 5 years and Employment Details of last 5 yearsThis forms part of the vetting criteria to become a guardian and this information adheres to the Code of practice: BS 8584:2015 Vacant property protection services. 1 year
Financial information including Invoices, credit historyBusiness need – to manage the payments6 years (HMRC regulations)
Signed Licence AgreementBusiness need - to manage the properties7 years (tax reasons)
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of guardian left date, i.e. the video is only kept for 4 weeks.

Data Subject – Potential Client

Data TypeReason why we store the data / how we use the dateRetention Period
Name and contact detailsTo contact Client Marketing will send you from time to time other information relating to your original request. All communication has an opt-out function.Until you opt out
Work AddressTo send correspondences Until you opt out
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period i.e. the video is only kept for 4 weeks.

Data Subject – Client

Data TypeReason why we store the data / how we use the dateRetention Period After Client has left
Name and contact detailsTo contact Client Marketing campaigns3 years
Work Address To send correspondences 3 years
CorrespondenceBusiness need - to manage the properties3 years
Bank DetailsSet up payments 3 years
Property Details (including inspection reports) 3 years
Financial information including Invoices, credit historyBusiness need – to manage the payments6 years (HMRC regulations)
Signed contract (offer letter)Business need - to manage the properties7 years (tax reasons)
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of client handback date, i.e. the video is only kept for 4 weeks.

Data Subject – Employee

Data Type Reason why we store the data / how we use the dateRetention Period After Staff has left
Name and contact detailsTo contact staff7 years
Date of birth Check the age is above 187 years
Photo ID (e.g. copy of passport) & NationalityTo confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria. 7 years
National Insurance NumberTo confirm your identity and to set up wage payment.7 years
Visa (if needed)To verify that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.7 years
Current AddressTo perform a credit check. This forms part of the staff vetting criteria.7 years
Credit check 5 years history verification CRB Check Driving Licence 2 Character References Criminal & Civil Records 2 Proofs of Address (Utility Bill & Bank Statement)To perform screening process as specified in BS 7858-2012 - staff screening.7 years
Bank DetailsTo pay wages 7 years
Next of Kin name & contact informationIn cases of emergencies, were Camelot needs to contact a employees Next of Kin.7 years
Wages (payroll) + Bonuses + Pension + Expense InformationBusiness need – verifying payment made By Law - HMRC regulations6 years
Appraisals / Performance Review / Displinary History Business need – verifying and tracking performance and development 7 years
Attendance records: Absences + Maternity / paternityBusiness need – verifying performance By Law4 years
Personal accident/injury claimBusiness need – preventing further accident/injury By Law11 years
Training recordsBusiness need – verifying training needs (performance and development)5 years
Employment contractBusiness need – verifying terms of employment2 years 7 years for information required by Belastingdienst
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of Staff left date, i.e. the video is only kept for 4 weeks.

Data Subject – Employee Applicant

Data TypeReason why we store the data / how we use the dateRetention Period
Name and contact detailsTo contact staff1 year
Date of birthCheck the age is above 181 year
Photo ID (e.g. copy of passport) & NationalityTo confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria. 1 year
National Insurance NumberTo confirm your identity1 year
Visa (if needed)To verify that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.1 year
CVBusiness need – investigating suitability for role / verifying experience1 year

Data Subject – Supplier

Data TypeReason why we store the data / how we use the dateRetention Period After Supper has delivered product or service
Name and contact detailsTo contact Supplier Applicant 1 year
Financial information including Invoices, credit historyBusiness need – to manage the payments6 years (HMRC regulations)
CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of when the Supplier has delivered the product or service, i.e. the video is only kept for 4 weeks.