Privacy Statement, effective as of November 1, 2017

Watchtower Security Solutions Ltd (“Watchtower Property management,” “WPM,” “we,” “us,” “our,” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who register to attend the Company’s corporate events (“Attendees”). This Privacy Statement describes WPM’s  privacy practices in relation to the use of the Company’s Web sites and the related services and products offered by WPM (collectively, the “Services”),as well as individuals’ choices regarding use, access and correction of personal information.

In order to provide our services to you we need to collect and process personal information, including financial information about you. For the protection of your data we use physical, technical and organisational measurements. We reserve the right to amend or modify this Privacy Statement at any time and in response to changes in applicable data protection and privacy legislation.

Except as set out in this Privacy Statement, we will not disclose any of your information to other parties without your permission unless we are legally required to do so by, for example, a court order or for the purposes of prevention of fraud or other crime. By submitting information into our website, you consent to the processing of this data about you by us and the product providers

If you have questions or complaints regarding WPM’s  Privacy Statement or associated practices, please contact us enquiries@watchtowersecuritysolutions.com

 

1. Web sites covered

This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide, of Web sites that link to this Privacy Statement (collectively referred to as “WPM’s  Web sites” or “the Company’s Web sites”).

WPM’s  Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.

 

1. Information collected

Consumers and Potential Consumers (What to be a Guardian):

When expressing an interest in obtaining additional information about the Services, or registering to use the Web sites or other Services, WPM requires you to provide the Company with personal contact information such as name, current address, phone numbers, and email address (“Required Contact Information”), date or birth, nationality and current employment situation and whether you have a partner that you want to live with and the areas you are interested to live in.

When registering for an event, WPM may also require you to provide the Company with financial information, such as credit card number, (“Billing Information”) and the number of interested parties coming to the event. WPM may also ask you to provide additional information related to the event such as interests that you have which relate to the event etc.

Clients and Potential Clients:

When expressing an interest in obtaining additional information about the Services, or registering to use the Web sites or other Services, or registering for an event, WPM requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services or registering for an event, WPM may also require you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). WPM may also ask you to provide additional information, such as company annual revenues, number of employees, job role, industry and service/event related questions (“Optional Information”).

Other Visitors (Staff and Potential Staff):

When Visitors apply for a job with the Company, WPM may also require you to submit additional personal information as well as a resume or curriculum vitae (“Applicant Information”). Required Contact Information, Billing Information, Applicant Information, Optional Information and any other information you submit to WPM to or through the Services are referred to collectively as “Data.”

Video Images

Recording devices might be positioned in and around the building, are for security purposes regarding belongings of WPM and the Data Subjects.

The images are stored locally and stored temporarily, up to 4 weeks.

The stored images are not displayed, they are only considered in case of damage to Camelot’s property, suspicion of misconduct and at the request of police and justice. The images are kept until the incident is handled.

There may be one or more points in the building that can be viewed live.

Please see the full list of data collected, in section 13, below.

As you navigate the Company’s Web sites, WPM may also collect information through the use of commonly-used information-gathering tools, such as cookies and Google Analytics. Google Analytics includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web sites (such as the Web pages viewed and the links clicked). For additional information about the collection of Google Analytics by Camelot, please click here (page 6 below).

 

1. Use of information collected

Personal data is processed for the following purposes, where Data Subjects are Guardians and Potential Guardians, Clients and Potential Clients, Staff and Potential Staff, Suppliers and website visitors:

• Entering into agreements;

• To implement agreements with Data Subjects in the field of rentals and Guardianships;

• Informing Data Subjects;

• Ensuring the security of the company’s property and Data Subjects, more specifically the prevention of criminal offences and illegal activities;

• Approaching Data Subjects for marketing purposes;

• Improving the company’s offline and online services.

The basis for the use of Data Subjects personal data by the company rests on the following grounds:

• Data Subjects have authorized the processing of their personal data for one or more purposes mentioned above;

• The processing is necessary for the execution of agreements with WPM and 3rd parties.

• The (data) administration is necessary for the management of the legitimate interests of the company or a third party.

More specific ensuring the security of company possessions and customers via camera surveillance in and around client construction sites.

 

1. Web Site Navigational Information

Cookies, Web Beacons and IP Addresses

WPM uses commonly-used information-gathering tools, such as cookies and Google Analytics, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). As described more fully below, we and our partners use these cookies or similar technologies to analyze trends, administer Web sites and Services, track users’ movements around our Web sites and Services, serve targeted advertisements and gather demographic information about our user base as a whole.  This section describes the types of Google Analytics used on the Company’s Web sites and Services, and how this information may be used.

Cookies

WPM uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, WPM’s  servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Camelot, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Email Alerts” or a “sign up to a Newsletter” or “Application for a room” Web forms) or have previously identified yourself to Camelot, you remain anonymous to the Company.

WPM uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Web sites or Services.

Web Beacons

WPM uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site or Service tied to the Web beacon, and a description of a Web site or Service tied to the Web beacon. For example, WPM may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. WPM uses Web beacons to operate and improve the Company’s Web sites, Services and email communications.

Google Analytics

WPM uses Google Analytics, whether or not in combination with cookies, to collect information about the use of the Company’s Websites by Customers and Visitors and about interaction with e-mails from the Company.

Log Files, IP Addresses, URLs and Other Data

As is true of most Web sites, we gather certain information automatically to analyze trends in the aggregate and administer our Web sites and Services.  This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyze overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, WPM uses IP addresses to monitor the regions from which Customers/Cleints and Visitors navigate the Company’s Web sites. WPM also collects IP addresses from Customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.

Social Media Features and Single Sign-on

The Company’s Web sites may use social media features, such as the Facebook “like” button (“Social Media Features”). These features may collect your IP address and which page you are visiting on the Company’s Web site, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on the Company’s Web site to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on the Company’s Web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features. WPM also allows you to log in to certain of our Web sites and Services using sign-in services such as Facebook Connect. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form.

Do Not Track

Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. WPM does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. WPM takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

 

1. Public forums refer a contact, and customer testimonials

WPM may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages. WPM is not responsible for the personal information you choose to submit in these forums.

Customers/Clients and Visitors may elect to use the Company’s referral program to inform contacts about the Company’s Web sites and Services. When using the referral program, the Company requests the contact’s name and email address. WPM will automatically send the contact a one–time email inviting him or her to visit the Company’s Web sites. WPM does not store this information.

WPM posts a list of Customers/Clients and testimonials on the Company’s Web sites that contain information such as Customer names and titles. WPM obtains the consent of each Customer/Client prior to posting any information on such a list or posting testimonials.

 

1. Sharing of information collected

Service Providers

WPM may share Data about Camelot, Visitors, Customers and Attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us.  Without limiting the foregoing, WPM may also share Data about WPM Visitors, Customers and Attendees with the Company’s service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, WPM does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Third Parties

Section 4 of this Privacy Statement, Google Analytics, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browsers.  We may also disclose your personal information to any third party with your prior consent.

Compelled Disclosure

WPM reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

 

1. International transfer of information collected

WPM has a development team in India who may use your Data for testing purposes in an isolated IT environment.  This environment is not stored electronically in India but in Europe. Our development team in India comply with all the procedures and processes of Camelot.  No Data is stored in India.

 

1. Communications preferences

WPM offers Visitors, Customers/Clients, and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may unsubscribe by contacting us using the information in the “Contacting Us” section below.

 

1. Your rights as a Data Subject

You have the following rights under GDPR:

• The right to know whether and what personal data are processed by you;

• The right to inspect and copy such data;

• The right to correct, supplement or delete data if necessary;

• The right to request (partial) destruction of your data. This can only be met if the holding of data for the company is not of significant 6 importance and the data should not be retained under a statutory regulation;

• The right to oppose the processing of your data in certain cases;

• The right to Data portability.

All requests must be made by e-mail to enquiries@watchtowersecuritysolutions.com and in order to prevent misuse, we need you to provide proof of who you are e.g. your identity number or a copy of your Identification document.

 

1. Mobile applications

Without limiting the generality of this Privacy Statement, in addition to information gathered through its Web sites or submitted to its Services, WPM may obtain information through applications (“Mobile Applications”) that Customers/Clients or their authorized individuals (“Users”) download to, and run on, their mobile devices (“Devices”). Mobile Applications provided by WPM may obtain information from, or access data stored on, Users’ Devices to provide services related to the relevant Mobile Application. For example, a Mobile Application may: access a camera on a User’s Device to enable the User to upload photographs to the Services; access the call history on a User’s Device to enable the User to upload that information to the Services; access calendar information on a User’s Device to enable the User to match meeting attendees with contacts submitted by the User to the Services; access the geographic location of a User’s Device to enable the User to identify contacts submitted by the User the Services who are nearby; or access contact information on a User’s Device to enable the User to sync contact information between the information that is stored on the User’s Device and the information that is submitted to the Services. Information obtained to provide Mobile Application services may include information obtained in preparation for anticipated updates to those services. Mobile Applications may transmit information to and from Devices to provide the Mobile Application services.

Mobile Applications may provide WPM with information related to Users’ use of the Mobile Application services, information regarding Users’ computer systems, and information regarding Users’ interaction with Mobile Applications, which WPM may use to provide and improve the Mobile Application services. For example, all actions taken in a Mobile Application may be logged, along with associated information (such as the time of day when each action was taken). WPM may also share anonymous data about these actions with third-party providers of analytics services. In addition, if a User downloads a WPM Mobile Application after clicking on a third-party mobile advertisement for the Mobile Application or for Camelot, the third-party advertiser may provide WPM with certain information, such as the User’s Device identification information, which WPM may use to track the performance of its advertising campaigns.

Customers/Clients may configure WPM Mobile Application services, and the information accessed or obtained by the Mobile Application on a User’s Device may be affected by the Customer’s/Client’s configuration. In addition, if a Customer/Client  purchases more than one Service from WPM and its affiliates, a Mobile Application may be designed to interoperate with those Services; for instance, to provide a User with access to information from any or all of those Services or to provide information from a User’s Device to any or all of those Services. Information accessed or obtained by the Mobile Application on a User’s Device may be accessible to the Customer/Client and its organization, depending on the intended functionality of the Mobile Application. WPM may provide updated versions of its Mobile Applications. If your mobile device’s settings permit, those updates will be downloaded and installed automatically on your mobile device. By installing a WPM Mobile Application on your mobile device, you consent to the downloading and updating of that Mobile Application.

In addition to Mobile Applications offered by Camelot, the Company may offer platforms for the creation of third-party Mobile Applications, including but not limited to the WPM for Mobile platform. Third parties may obtain information from, or access data stored on, Users’ Devices to provide services associated with any third-party Mobile Applications that Users download, install, use, or otherwise interact with over a WPM platform. Camelot’ Mobile Applications may also contain links or integrations to other Mobile Applications provided by third parties. Third parties’ use of information collected through third-party Mobile Applications is governed by the privacy statements of such third parties. The Company encourages you to review the privacy statements of third-party providers of Mobile Applications to understand their information practices.

Notices and contractual terms related to a particular Mobile Application may be found in the End User License Agreement or relevant terms of service for that application. The Company encourages you to review the End User License Agreement or relevant terms of service related to any Mobile Applications you download, install, use, or otherwise interact with to understand that Mobile Application’s information practices. The Mobile Application’s access to information through a User’s Device does not cause that information to be “Customer Data” under WPM’s  Master Subscription Agreement with the Customer/Client or under this Privacy Statement, except as follows: To the extent that a User uses a Mobile Application to submit electronic data and information to a Customer/ Client account on our Services pursuant to the Customer’s Master Subscription Agreement with WPM (or a similar agreement that governs the Customer’s subscription(s) to WPM’s  Services), that information constitutes “Customer Data” as defined in such agreement, and the provisions of that agreement with respect to privacy and security of such data will apply.

 

1. Changes to this Privacy Statement

WSS reserves the right to change this Privacy Statement. WSS will provide notification of the material changes to this Privacy Statement through the Company’s Web sites at least thirty (30) business days prior to the change taking effect.

 

1. Contacting us

Questions regarding this Privacy Statement or the information practices of the Company’s Web sites and Services should be directed to:

For Sales- sales@watchtowersecuritysolutions.com

For General Enquiries- enquiries@watchtowersecuritysolutions.com

For Marketing – marketing@watchtowersecuritysolutions.com

 

1. Data Collection Table

Data Subject – Guardian Applicant

Data TypeReason why we store the data / how we use the dateRetention Period
After Application

Name and contact detailsTo contact Guardian Applicant and send Marketing invitations to view properties that you have not selected, of which WPM believes will suit your search12 months

Date of birthCheck the age is above 1812 months

Current AddressTo perform a credit check. This forms part of the vetting criteria to become a guardian.12 months

Employment statusThis forms part of the vetting criteria to become a guardian.12 months

Partner statusTo find out if WPM can accommodate the Partner12 months

Partner emailTo then contact Guardian ApplicantPartner in relation to offering accommodation.12 months

CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 weeks period regardless of application date.

 

​

Data Subject – Client

Data TypeReason why we store the data / how we use the dateRetention Period
After Client has left

Name and contact detailsTo contact Client Marketing campaigns3 years

Work AddressTo send correspondences3 years

CorrespondenceBusiness need – to manage the properties3 years

Bank DetailsSet up payments3 years

Property Details (including inspection reports)3 years

Financial information including Invoices, credit historyBusiness need – to manage the payments6 years (HMRC regulations)

Signed contract (offer letter)Business need – to manage the properties7 years (tax reasons)

CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of client handback date, i.e. the video is only kept for 4 weeks.

 

Data Subject – Employee

Data TypeReason why we store the data / how we use the dateRetention Period
After Staff has left

Name and contact detailsTo contact staff7 years

Date of birthCheck the age is above 187 years

Photo ID (e.g. copy of passport) & NationalityTo confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.7 years

National Insurance NumberTo confirm your identity and to set up wage payment.7 years

Visa (if needed)To verify that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.7 years

Current AddressTo perform a credit check. This forms part of the staff vetting criteria.7 years

Credit check 5 years history verification CRB Check Driving Licence 2 Character References Criminal & Civil Records 2 Proofs of Address (Utility Bill & Bank Statement)To perform screening process as specified in BS 7858-2012 – staff screening.7 years

Bank DetailsTo pay wages7 years

Next of Kin name & contact informationIn cases of emergencies, were WPM needs to contact a employees Next of Kin.7 years

Wages (payroll) + Bonuses + Pension + Expense InformationBusiness need – verifying payment made By Law – HMRC regulations6 years

Appraisals / Performance Review / Displinary HistoryBusiness need – verifying and tracking performance and development7 years

Attendance records: Absences + Maternity / paternityBusiness need – verifying performance By Law4 years

Personal accident/injury claimBusiness need – preventing further accident/injury By Law11 years

Training recordsBusiness need – verifying training needs (performance and development)5 years

Employment contractBusiness need – verifying terms of employment2 years 7 years for information required by Belastingdienst

CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of Staff left date, i.e. the video is only kept for 4 weeks.

 

Data Subject – Employee Applicant

Data TypeReason why we store the data / how we use the dateRetention Period

Name and contact detailsTo contact staff1 year

Date of birthCheck the age is above 181 year

Photo ID (e.g. copy of passport) & NationalityTo confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.1 year

National Insurance NumberTo confirm your identity1 year

Visa (if needed)To verify that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria.1 year

CVBusiness need – investigating suitability for role / verifying experience1 year

 

Data Subject – Supplier

Data TypeReason why we store the data / how we use the dateRetention Period
After Supper has delivered product or service

Name and contact detailsTo contact Supplier Applicant1 year

Financial information including Invoices, credit historyBusiness need – to manage the payments6 years (HMRC regulations)

CCTV videoSome of our sites (no all) have additional security in the form of CCTV4 week period regardless of when the Supplier has delivered the product or service, i.e. the video is only kept for 4 weeks.