This Policy covers all personal information collected by us and where we tell other organisations to collect information for us.
Personal information we use
Personal information is information, or a combination of pieces of information, that could reasonably allow a living person to be identified.
We may collect the following information about you:
- When you sign up for a newsletter, fill out a feedback form, complete a ‘contact us’ form, report a problem with our site or contact us by email, we collect personal information such as your email address name, contact number, postcode and date of birth;
- You may be asked to complete surveys or questionnaires either directly or by email and in doing so we may ask for details such as your age, gender and postcode. The information captured is for research purposes so we can understand our type of visitors and customers, although you do not have to respond to these surveys; and
- When you visit King’s Cross, which includes: Granary Square, Handyside Gardens and Lewis Cubitt Park, St Pancras Square and Gasholder as well as all access roads and public pathways that serve King’s Cross, (altogether, the “King’s Cross Estate”), your image may be captured by us as a still and/or moving image in the following ways:
- By our CCTV cameras and systems;
- By our photographers who are appointed by us to take [marketing and promotional] pictures of the King’s Cross Estate;
- By our drones used by us to carry out site surveys and digital mapping of the King’s Cross Estate from time to time.
- We collect statistical information on the footfall (visits) to the King’s Cross Estate. Data is collected by us from footfall counters or CCTV images but only statistical non-personal information is collected on the number of visits.
How we use your personal information
We use your personal information to:
- Provide and personalise our services, including promoting a good experience when browsing our website;
- Deal with your enquiries and requests;
- Comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies;
- Contact you with marketing and offers relating to products and services offered by us, or selected third parties, unless you have opted out of marketing, or we are otherwise prevented by law from doing so;
- Personalise the marketing messages and offers we send you to make them more relevant and interesting;
- Allow us to compile statistical information and undertake research in relation to the products and services we offer;
- Allow us to compile statistical information, undertake research, carry out site surveys and digital mapping in relation to the King’s Cross Estate;
- Maintain the safety and security of visitors and property at the King’s Cross Estate, as well as prevent and investigate crime; and
- Market, advertise and promote our products and services and the King’s Cross Estate.
Why we can use your personal information
We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:
- To fulfil our contractual obligations to you, for example to fulfil the terms of a promotion you have entered or to provide you with information you have requested;
- To fulfil any legal requirements;
- To meet our legitimate interests, for example to understand how you use our services, to contact you about these services and to develop and tailor our services following our interactions with you or to maintain the safety of visitors, security of property at the King’s Cross Estate, which necessarily involves the prevention and investigation of crime, and to use photographs of the Kings Cross Estate (where you are not clearly identified) for marketing, advertising and promotional purposes. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or privacy and the use is proportionate;
- It is necessary for employment purposes;
- Where it is in the vital interests of the person, for example, it is necessary to protect someone in an emergency;
- It is necessary for archiving, research or statistical purposes.
Who we share personal information with
Where it is in our legitimate interests, because you have contacted us for information or because we have a legal requirement to do so, we may share your personal information within King’s Cross Central General Partner Limited or with Argent (Property Development) Services LLP (who provide us with property development services on the King’s Cross Estate), for the fulfilment of the purpose for which you have contacted us or we have contacted you. In relation to photographs which clearly feature you, we will obtain your consent to share those photographs within our corporate group for marketing, advertising and promotional purposes.
We may also share your personal information with third parties under the following circumstances:
- Service providers and business partners – we may share your personal information with our service providers and business partners that perform marketing services and other business operations for us. For example, we may partner with other companies to optimise our services, send newsletters and marketing emails, support email and messaging services and to analyse information;
- Law enforcement agencies, courts, regulators, government organisations or other third parties – we may share your personal information with these parties where it is necessary to comply with a legal or regulatory obligation or to prevent and investigate crime or any health and safety incidents; and
- Asset purchasers and joint venture partners – we may share your personal information with any third party that purchases one or more of our properties or the companies with which we might jointly own a property.
Where we store your personal information
Your personal information is stored and processed in the UK but in the future may be transferred to, stored and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law / by the European Commission. Where this is the case, we will put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your personal information is adequately protected.
How long we store your personal information for
We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:
- Maintain business records for analysis and / or for audit or risk management purposes;
- Defend or bring any existing or potential legal claims; and
- Deal with any complaints regarding our services.
Where CCTV images are concerned, these are retained for 30 days before being erased, overwritten or destroyed under controlled conditions or automatically overwritten as a normal function of the recording equipment unless required to be retained as part of an ongoing investigation of a health and safety incident or a suspected crime or criminal activity is being investigated.
Your rights over your personal information
Individuals like you (called data subjects) have rights under data protection law to control what information you provide to us and what we can do with it.
You can ask us to change information you think is inaccurate about you. If you believe that the information we hold about you is wrong, you can ask us to change it, for example, if we have spelled your name wrong or have an incorrect address. Please contact us at firstname.lastname@example.org. We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask us to delete information we hold about you (the right to be forgotten). In some circumstance you can ask for your personal information to be deleted, for example:
- Where your personal information is no longer needed for the reason it was collected in the first place;
- Where you have removed your consent for us to use your information (where there is no other legal reason for us to use it);
- Where there is no legal reason for the use of your information or it is not in our legitimate interests; or
- Where deleting the information is a legal requirement.
We cannot always delete your information, for example, if there is a legal reason we need to keep it or where you still expect us to deliver a service to you. But we should tell you why we can’t delete what you are asking us to.
There are other rights that you have under data protection law; please look at the Information Commissioner’s Office (ICO) website for further information (details below).
King’s Cross Central General Partner Limited is the data controller. If you have any questions or concerns about how we collect, use or share your personal information, please contact our Data Protection Officer: email@example.com.
We are committed to working with you to obtain a fair resolution of any request, complaint, or concern about our use of your personal information. If, however, you believe that we have not been able to assist you, you have the right to make a complaint to the ICO, who oversees how businesses and organisations comply with data protection law in the UK:
Information Commissioner’s Office
Tel: 0303 123 1113 / 01625 545745