Effective date: 11 September 2019
This policy sets out the basis on which we process data about individuals including tenants, visitors to our building or website or anyone who registers with our app.
Tower 42 reserves the right to make amendments to this policy from time to time. Any changes to this policy will be posted on this page.
Who is responsible for your data
Personal data we collect about you
How we collect data about you
We may gather data from our website or app in two main ways: (1) the data you give to us through the app; and (2) the data we collect about you using cookies and similar technologies via the app or website (see below) or in accessing the Tower 42 building.
We collect personal information from you at several different points, including but not limited to the following:
- when we interact with you as a tenant or customer, prospective tenant or customer, or visitor;
- when you visit our building or website or log-in through our app;
- when you enter into an agreement with us;
- when you contact us for help, including matters incidental to accessing the building or using the app such as event bookings, tenant co-ordination and community discussions; and
- when you register your credit card and make a transaction through the app system;
Neither we nor our Third Party Providers (defined below) store your credit card information. Credit card information is stored by payment processors compliant with Payment Card Industry Data Security Standards (PCI DSS).
Special categories of data
Tower 42 does not collect any “Special Categories of data” that could reveal sensitive information such as racial or ethnic origin, sexual orientation, political beliefs etc.
Disclosure of your personal information
We may disclose your personal data, in various ways and for various reasons, with the following categories of people:
- tax, audit, law enforcement or other authorities, when we believe that the law or other regulation requires us to share this data;
- we may disclose your personal information to any member of our group, which means our affiliates, our ultimate holding company and/or its subsidiaries;
- a third party who acquires us or substantially all of our assets;
- third party service providers who perform functions on our or your behalf (including professional advisors such as security consultants, lawyers, auditors, accountants, technical support functions and IT consultants carrying out testing and development work on our systems) and in particular our cloud-based storage and app providers such as SpaceOS Limited (“Third Party Providers”).
Transferring your information internationally
We do not transfer your personal data outside the European Economic Area (EEA), unless it is a country which conforms with the EU Commission’s “adequacy decision”.
Retaining/Deleting your information
Your personal information is kept for as long as your Tower 42 app account is active or for as long as it is necessary to protect our legitimate business interests.
We will use technical and organisational measures to safeguard your information and ensure that our Third Party Providers are held to appropriate security measures. It is important that you keep your password secure when using our app.
Cookies and other similar technologies
We or our Third Party Providers may use web cookies and other similar technologies in interacting with you. These include products from SpaceOS Limited, Google Analytics (Google, Inc.), HotJar Ltd and other technologies that collect data, such as names, IP addresses, locations and default language preferences.
Third Party Properties
Our app and website may contain links to and from our Third Party Providers. If you use any links to these Third Party Providers, please note that they are subject to their own privacy policies and we cannot and do not accept any responsibility or liability for these policies or for any personal data that may be collected through these links.
You have a right to:
- receive certain information about our processing activities;
- request access to the personal data we hold about you;
- request the rectification, erasure or withdrawal of your personal data;
- restrict or object to the processing of your personal data;
- prevent our use of your personal data for direct marketing purposes; and
- in certain circumstances, request to transfer your personal data from us to another data controller.
If you would like to request any of the above, please contact us at firstname.lastname@example.org to make any such requests. We will comply with the Data Protection Legislation in responding to any such requests.
Right to lodge a complaint
If you have any complaints about the way in which we collect, store and use your information, you can contact the supervisory authority in the United Kingdom, the Information Commissioner’s Office: https://ico.org.uk/concerns