PRIVACY NOTICE
|
Who are we? |
|
We are 79 Borough Road Limited trading as ‘The Ministry’ of 103 Gaunt Street, London SE1 6DP [email protected] We provide shared workspace and hospitality services to members. |
|
What does this Policy cover? |
|
We at 79 Borough Road Limited take your personal data seriously. This policy:
|
|
Are you providing personal data about someone else? |
|
If so, you must be authorised by that other person to share their personal data with us for the purposes and ways in which we will use and process their data as set out below.
Please do not share personal data about another person with us if you are not sure whether you are authorised to do so. |
|
What personal data do we collect about you? |
|
We collect the information necessary to be able to ensure the safety and security of you and others while you are on our premises, to deliver Wi-Fi, network and bandwidth, telephony services, to enable us to administer a voucher/credit system on our own or on behalf of our member companies, to purchase services, to allow us to contact you regarding enquiries, arranging tours, support issues, news, event invites, meeting room bookings and payments, to understand customer satisfaction and opinions on our offering and service quality and to improve our food and beverage menus and inform and facilitate promotions and loyalty schemes. This information includes your name, email address, contact details, job title, demographic, identification documents and information collected using CCTV cameras, telephone number, lead source, membership type, company name, company size, company address, bandwidth and telephone usage, purchase history, F&B habits and purchase history, voucher/credit balances, bank account details, support issue messages, feedback on customer experience and on our offering and service quality, member portal information (interests, areas of expertise, personal websites, bio, interesting facts, likes, dislikes, social media links), attendance history, visitor history, meeting room and printing usage.
|
|
Where do we collect personal data about you from? |
|
The following are the different sources we may collect personal data about you from:
· Directly from you. This is information you provide to us while you are on our premises, making an enquiry on the website, registering or buying tickets for an event, responding to our emails/calls, using the online members portal, registering a visitor or as a visitor, using the access control, using the WiFi & bandwidth, using the printers, making desk calls, registering guests or as a guest, using the mobile app, raising support requests and making purchases. · From an agent/third party acting on your behalf or one of our third party partners. e.g. from one of our clients or members, from Essensys, Nexudus, Eventbrite, eZeep, Good Barber, S2 Access Control, Tevalisa, Fitronics, COMO UK Ltd, or Google Analytics. We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement
· Through publicly available sources. We use the following public sources: o LinkedIn o Facebook o Twitter o Instagram o The Ministry Website & Mobile App · By Reference or word of mouth. For example, you may be recommended by a friend, a present or former colleague, a staff member or an existing member. · Using CCTV cameras. We have cameras on our premises and your image and movements will be recorded while you are on our site.
|
|
How and why we use your personal data? |
|
We use your personal data where we need to respond to an enquiry/perform a contract we are about to enter into or have entered into with you, to ensure the safety and security of our clients, members, their guests and anyone who attends our premises. We will initially collect basic information on you such as contact details and position and then we may ask for additional information, such as identity documents, to verify your identity. CCTV cameras will record your image and movements while you are on our premises.
We collect Wi-Fi, network & bandwidth and telephony usage to ensure we deliver an exceptional IT service. We capture the creation time, field entries and source of each website enquiry so we can follow up with the correct information. We gather information on member purchases made at the deli so that we can collect information to enable us to monitor and improve our offering and inform and facilitate promotions and loyalty schemes and offer a better service. We collect information entered from each member account profile on the members portal to allow members to learn more about the community and encourage networking. We collect information entered by event attendees to manage the event operationally and to gain insight into ticket sales. We collect details of support tickets raised so we can improve the service we offer to members and resolve issues. We collect attendance data via the Access Control so we can monitor the building usage and for security purposes. We collect information on each guest visitor to ensure the safety and security of our clients and to gain insight into how frequent guests are in the building. We gather website and mobile app traffic data so we can monitor the performance of our website and mobile app. We collect information on the usage of the printers so we can improve our services. We gather feedback on customer satisfaction so that we can understand customer experience and to enable us to monitor and improve our offering and inform improvements and new services. We collect information on utilisation of vouchers/credits to enable us to administer a voucher/credit system on our own or on behalf of our member companies. |
|
How long do we keep your personal data for? |
|
We keep your information until you ask us to delete it except where data is collected or processed on the basis of our legitimate interests. We keep CCTV and body camera footage for no longer than 30 days from the date that the footage is recorded unless we are required by law to retain the footage for security purposes. |
|
Who do we share your personal data with? |
|
Your personal data may be shared with the client or member who initiates the use of our services or provision of this office, space or desk to you. We may share your personal data with third-party service providers who assist us with administering the provision of our activities and services such as member portal providers, IT service providers, security and access control system providers, EPOS system providers, customer engagement service providers, event partners. We may also conduct checks on you to verify the information you have provided and where we do this we will inform of you any third party we instruct for such purpose. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. |
|
What legal basis do we have for using your information? |
|
For clients, members, their guests, and anyone using our services or premises, our processing is necessary for our legitimate interests in that we need the information in order to be able to ensure their safety and security and to contact such persons for that purpose or to provide our services to them (e.g. checking your requirements for using our services or premises). If you notify us of any health or disability requirements, then this may involve the processing of more detailed personal data including sensitive data such as health information that you or others provide about you. In that case we always ask for your consent before undertaking such processing. For clients and members, we may also rely on our processing being necessary to perform a contract for you, for example in contacting you. |
|
What happens if you do not provide us with the information we request or ask that we stop processing your information? |
|
If you do not provide the personal data necessary, or withdraw your consent for the processing of your personal data, we may not be able to permit entry onto our premises or provide you with our services. |
|
Do we make automated decisions concerning you? |
|
No, we do not carry out automated decision making or automated profiling. |
|
Do we use Cookies to collect personal data on you? |
|
To provide better service to you on our websites, we use cookies to collect your personal data when you browse. See our cookie policy here for more details. |
|
Do we transfer your data outside the EEA? |
|
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA. |
|
What rights do you have in relation to the data we hold on you? |
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
|
Rights |
What does this mean? |
|
1. The right to be informed
|
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy. |
|
2. The right of access |
You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law. |
|
3. The right to rectification |
You are entitled to have your information corrected if it’s inaccurate or incomplete. |
|
4. The right to erasure |
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. |
|
5. The right to restrict processing |
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future. |
|
6. The right to data portability |
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. |
|
7. The right to object to processing |
You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities). |
|
8. The right to lodge a complaint |
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. The contact details for the UK Information Commissioner’s Office is provided below. |
|
9. The right to withdraw consent |
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes. |
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
|
How will we contact you? |
|
We may contact you by phone, email or social media. If you prefer a particular contact means over another please just let us know. |
|
How can you contact us? |
|
If you are unhappy with how we’ve handled your information, or have further questions on the processing of your personal data, contact us here: 79 Borough Road Limited, 103 Gaunt Street, London, SE1 6DP or [email protected]. If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details: Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Telephone number: 0303 123 1113 Website: www.ico.org.uk |