This Policy covers all personal data collected by us and where we tell other organisations to collect information for us.
Personal information we use
Personal information is information, or a combination of pieces of information, that could reasonably allow a living person to be identified.
We may collect the following information about you:
- When you sign up for a newsletter, fill out a feedback form, complete a ‘contact us’ form, report a problem with our site or contact us by email, we collect personal information such as your email address name, contact number, postcode and date of birth;
- You may be asked to complete surveys or questionnaires either directly or by email and in doing so we may ask for details such as your age, gender and postcode. The information captured is for research purposes so we can understand our type of visitors and customers, although you do not have to respond to these surveys; and
- When you visit King’s Cross, which includes: Granary Square, Handyside Gardens and Lewis Cubitt Park, St Pancras Square and Gasholder as well as all access roads and public pathways serving the site, (altogether, the “King’s Cross Estate”), your image may be captured by CCTV. The information captured is used for maintaining the safety of visitors, security of property and premises and for preventing and investigating crime.
How we use your personal information
We use your personal information to:
- Provide and personalise our services, including promoting a good experience when browsing our website;
- Deal with your enquiries and requests;
- Comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies;
- Contact you with marketing and offers relating to products and services offered by us, or selected third parties, unless you have opted out of marketing, or we are otherwise prevented by law from doing so;
- Personalise the marketing messages and offers we send you to make them more relevant and interesting;
- Allow us to compile statistical information and undertake research; and
- Maintain the safety of visitors, security of property at the King’s Cross Estate, as well as prevent and investigate crime.
Why we can use your personal information
We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:
- To fulfil our contractual obligations to you, for example to fulfil the terms of a promotion you have entered or to provide you with information you have requested;
- To fulfil any legal requirements;
- To meet our legitimate interests, for example to understand how you use our services, to contact you about these services and to develop and tailor our services following our interactions with you or to maintain the safety of visitors, security of property at the King’s Cross Estate, which necessarily involves the prevention and investigation of crime. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or privacy and the use is proportionate;
- It is necessary for employment purposes;
- It is necessary to protect someone in an emergency;
- It is necessary for archiving, research or statistical purposes.
Who we share personal information with
Where it is in our legitimate interests, because you have contacted us for information or because we have a legal requirement to do so, we may share your personal information within King’s Cross Central General Partner Limited or with Argent (Property Development) Services LLP (who provide us with property development services on the King’s Cross Estate), for the fulfilment of the purpose for which you have contacted us or we have contacted you.
We may also share your personal information with third parties under the following circumstances:
- Service providers and business partners – we may share your personal information with our service providers and business partners that perform marketing services and other business operations for us. For example, we may partner with other companies to optimise our services, send newsletters and marketing emails, support email and messaging services and to analyse information;
- Law enforcement agencies, courts, regulators, government organisations or other third parties – we may share your personal information with these parties where it is necessary to comply with a legal or regulatory obligation or to prevent and investigate crime or any health and safety incidents; and
- Asset purchasers and joint venture partners – we may share your personal information with any third party that purchases one or more of our properties or the companies with which we might jointly own a property.
Where we store your personal information
Your personal information is stored and processed in the UK but in the future may be transferred to, stored and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law / by the European Commission. Where this is the case we have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected.
How long we store your personal information for
We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:
- Maintain business records for analysis and / or for audit or risk management purposes;
- Defend or bring any existing or potential legal claims; and
- Deal with any complaints regarding our services.
Where CCTV images are concerned, these are retained for 30 days before being erased, overwritten or destroyed under controlled conditions or automatically overwritten as a normal function of the recording equipment unless required to be retained as part of an ongoing investigation of a health and safety incident or a suspected crime or criminal activity is being investigated.
Your rights over your personal information
Individuals like you (called data subjects) have rights under data protection law to control what information you provide to us and what we can do with it.
You can ask us to change information you think is inaccurate about you. If you believe that the information we hold about you is wrong, you can ask us to change it, for example, if we have spelled your name wrong or have an incorrect address. Please contact us at email@example.com. We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask us to delete information we hold about you (the right to be forgotten). In some circumstance you can ask for your personal information to be deleted, for example:
- Where your personal information is no longer needed for the reason it was collected in the first place;
- Where you have removed your consent for us to use your information (where there is no other legal reason for us to use it);
- Where there is no legal reason for the use of your information or it is not in our legitimate interests; or
- Where deleting the information is a legal requirement.
We cannot always delete your information, for example, if there is a legal reason we need to keep it or where you still expect us to deliver a service to you. But we should tell you why we can’t delete what you are asking us to.
There are other rights that you have under data protection law; please look at the Information Commissioner’s Office (ICO) website for further information (details below).
King’s Cross Central General Partner Limited is the data controller. If you have any questions or concerns about how we collect, use or share your personal information, please contact our Data Protection Officer: firstname.lastname@example.org.
We are committed to working with you to obtain a fair resolution of any request, complaint, or concern about our use of your personal data. If, however, you believe that we have not been able to assist you, you have the right to make a complaint to the ICO, who oversees how businesses and organisations comply with data protection law in the UK:
Information Commissioner’s Office
Tel: 0303 123 1113 / 01625 545745