Town Centre Securities PLC processes data as a Data Controller as defined in the General Data Protection Regulation (GDPR) (EU) 2016/679.
Our IT and Data Governance Committee is responsible for compliance and can be contacted here:
ITDGC@tcs-plc.co.uk 0113 222 1234
Purpose of this Policy? Town Centre Securities PLC collects personal information about you in the day to day operation of the business and is committed to protecting your information and your privacy. The purpose of this policy is to explain how we collect, process and safeguard your personal information. This policy covers where we collect information through providing a lease, through visiting our website and in other ways in which you might interact with us. CitiPark is a parking operator, operating throughout the UK and is a subsidiary of Town Centre Securities PLC. Their privacy notice can be found at https://citipark.co/privacy.
Name, address, email address, telephone numbers and other contact details; Payment history, credit scoring and proof of identity Bank account details or other payment or financial information Curriculum Vitae Device Name, MAC address, Public Wifi/Internet use CCTV Images To enable us to monitor and improve the website, we gather and record on our servers certain information about all users who visit the website, including without limitation, details of the operating system, browser version, internet service provider, domain name and IP address of the user, the URL which a user has come from, the parts of our website visited and the date and length of each visit (“collected information”). We use certain cookies (small files containing information about you which are stored on your hard drive by our browser) to monitor your use of the website.
We use the following cookies on our website:
Cookie Name Typical Content Expires Purpose Google Analytics utma randomly generated number 2 years This cookie is used to identify unique visitors to our sites. The results are sent to our Google Analytics account so that we may see how many unique visitors come to this site based over a period of time. Google Analytics utmb randomly generated number 30 Minutes This cookie is used by Google Analytics to determine the visitor session times on our sites. Each time you visit a new page on the site the cookie is set to expire within 30 minutes, if it does not find an existing cookie, a new one is created. Google Analytics utmc randomly generated number when user exits browser This cookie is used by Google Analytics in conjunction with _utmb to determine visitor sessions. Unlike _utmb this cookie does not have an expiry date, it determines whether a new session should be created based on whether you have previously closed your browser, re-opened it and come back to the site. Google Analytics utmz randomly generated number, plus information on how the site was reached (for example, directly or via a link, organic search) 6 months This cookie is used by Google Analytics to determine the type of referral used by each visitor to arrive at our site. The cookie determines if the user has come directly to the site or via a search engine, email or email campaign. We use this data to understand how our users arrive at the website. Laravel laravel_session Session ID 1 hour We use a platform called Laravel to let our server know who you are between page loads. This cookie stores a session which links your device to your session on our website. It is only used to authenticate you between requests, not to track your behaviour or for advertising. Most web browsers allow some control of most cookies through the use of browser settings. If you want to find out more information about cookies including how to control what cookies are put on your computer and how to delete them then visit http://www.allaboutcookies.org/
If you would like to opt out of being tracked by Google Analytics then visit http://tools.google.com/dlpage/gaoptout.
Where we are required by law, we will also collect other information including proof of identity as part of the “know your client” compliance.
When you are a tenant or enquiring about leasing space; Contact details for viewings Financial details, credit scoring, payment history as part of our due diligence Proof of Identity Name for registration of Door Access Card into secure buildings When you sign up to our Newsletters via the website; Your name and email address in order to send the Newsletter When you use any of our Public Wifi services; Your name, email address, your device name, MAC address and use of Internet services for legal compliance. When you visit our website; We use the technical data for statistical purposes providing insight to how our website is used. When you apply for a position at Town Centre Securities PLC; We use the information provided in your covering letter and/or Curriculum Vitae as part of our recruitment process. When you purchase Shares in Town Centre Securities PLC; We maintain a register of Shareholders containing your name and address. When you are working with TCS which may provide access to inside information; We maintain a register called Insider list as required by Market Abuse Regulation.
Service providers we use to help us run our business. Examples of such may include; Providers of our property management software which may be hosted by them. Credit Reference agencies in order to obtain the credit scoring. Insurance companies regarding any claims. Solicitors to process leases. Provider of email processing services. Any person with legal or regulatory power over us (such as HMRC or the police) that may require disclosure on legal grounds.
How do we keep your information safe? We take the security of data and your privacy seriously and take appropriate security measures to protect your personal information from unauthorised access. All our staff undergo annual training on data Security at a level relevant to their role. Our IT and Data Governance committee, who meet regularly, take responsibility for data security and compliance of the General Data Protection Regulation (GDPR) (EU) 2016/679.
Data Ref. Type of Data Purpose of Data Review Period Retention Period or Criteria PT01 Name, Address, Email address and Telephone number. Perform Credit Check None 6 Months PT02 Name, Address, Email address and Telephone number. To facilitate viewing of vacant space As Required 2 Years PT03 Name, Address, Email address, Telephone number, payment history and credit scoring. To process offers on Vacant space. None 2 Years CT01 Name, Address, Email address, Telephone number, payment history, credit scoring and Proof of identity. Enable performance of the lease, sending rent demands and correspondence with tenant. Money Laundering/Know your customer As Required 3 months post all outstanding matters are disposed of. PB01 Name, Address, DOB, Employment, Personal health data Processing of Legal Claim As Required 3 years CN01 Name, email address and contact details Receiving Contractors bids / Work Instruction As Required 6 month post all warranty matters are disposed of. PB02 Name, Email Address Receive Newsletters End User Maintains or upon request When Consent is Withdrawn PB03 Name, Email Address, Postal Address, Telephone number Communicate with competition winners None 30 days TN01 Name, Email Address Receive Tenant only Newsletters End User Maintains or upon request When Consent is Withdrawn PB04 Name, Email Address, MAC address, Device name Provision of Free Wifi None 30 days since last activity. PB05 Identifying Image Use of CCTV None 45 Days without incident marker SH01 Name, Address Register of Shareholders As Required 12 years EM01 Name, Address, Telephone, Email Address Process of Recruitment None Depends on stage reached in recruitment process. Max 24 months
Right of access – you have the right to request a copy of the information that we hold about you. Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. Right of portability – you have the right to have the data we hold about you transferred to another organisation. Right to object – you have the right to object to certain types of processing such as direct marketing. Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling. Right to judicial review: in the event that Town Centre Securities PLC refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below. All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
ITDGC@tcs-plc.co.uk 0113 222 1234
If you wish to complain about how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority, the details for the supervisory authority are:
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire firstname.lastname@example.org 0303 123 1113