Metrus Limited Website Privacy Statement
What information will we use?
We may collect and use information about you when you contact us or register your interest with us. We may collect your name, address, telephone number and email address. When you visit our website we may collect information about how you use it, including details of your visits, your computer’s Internet Protocol (“IP”) address, technical information, your login details, location data, browser type, browser version, operating system and platform, the pages viewed and resources accessed, the time and date of your visit, the time spent on those pages and other statistics. If you visit one of the properties where we act as manager or agent, there may be CCTV surveillance which captures your image and you may have to sign a visitor book.
How will your information be used?
We may use your information to:
- Process your registration
• Respond to queries or requests submitted by you
• Administer our obligations in relation to any agreement we have in place with you
• Send you news about our services which we think may be of interests to you.
When we send you news about our services, we rely on your consent. You have the right to withdraw that consent at any time. Please see the ‘Your choices and rights’ section of this policy for more details. In other cases, we process your information in pursuance of our legitimate interest unless we are under a legal obligation.
How long will we keep your information?
We will keep your information for as long as we need it to fulfil the purposes described in this policy. As a general rule however, we will keep:
- aggregate browser data for 6 months
• Information to process your requests for 3 months or the duration of our relationship
• Information we gather in pre-contractual negotiations (where you do not become a tenant) for 6 years for business tenancies and 3 years for residential tenancies
• Surveillance data for 30 days (or less if mandated by the individual property Privacy Impact Assessment) or 3 years if required for a dispute.
Who will we share your information with?
We may share your information with:
- Different parts of our organisation
• other organisations and service providers that we work with or partner with from time to time for example, joint property agents where you have enquired about a property
• our professional advisors if relevant to your enquiry
• our clients
• any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation.
We will never share your details with anyone else without your permission.
Links to third party sites
Our website contains links to other sites for which Metrus is not responsible. You should read the privacy policies of every website that collects data and please contact the owner or operator of such websites if you have any concerns or queries.
What are cookies and which ones do we use?
Cookies are small pieces of data or text files that are stored (by a website such as ours) within your browser. Cookies are stored on your device for varying periods of time – from as little as the duration of your browsing session to several months. Each time you return to the website, the browser retrieves and sends cookies to the server, which helps to improve your experience of the website by, for example, remembering settings and measuring overall use of the website so that we can see where we can make site improvements.
This website uses only two categories of cookies as laid out in the International Chamber of Commerce UK Cookie Guide:
- ‘Strictly Necessary Cookies’ that are required in order to enable you to use the website and its various features, and
- ‘Performance Cookies’ that are used to collect anonymous user behaviour data and information, which is used to further improve the website.
The table below lists the cookies used by this website and provides brief details about each cookie.
Strictly Necessary Cookies:
|ASP.NetSession ID||Visitor session||Session||This Domain|
|LoginStatus||Visitor session||Session||This Domain|
|_utma||Google Analytics||Persistent||This Domain|
|_utmb||Google Analytics||Persistent||This Domain|
|_utmc||Google Analytics||Session||This Domain|
|_utmz||Google Analytics||Persistent||This Domain|
For a full up to date list of Google Analytics cookies used, please visit: developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
How can you restrict or block cookies?
You can manage and/or delete cookies from your device. However, please be aware that reducing cookie usage may limit the functionality and performance of the website and some features might not work as expected. You can change your cookie settings at any time using your web browser settings.
To learn more about cookies and how to manage or remove them, please visit: www.allaboutcookies.org/manage-cookies
To opt out of being tracked by Google Analytics for all websites, please visit: tools.google.com/dlpage/gaoptout
Your choices and rights
You have a number of rights in relation to your information and in some instances, can make choices about how we collect and use it. For example, you can decide not to receive marketing material from us, you can tell us how you want to receive marketing communications from us, and can object to some of the ways in which we use your information.
You can contact us using the details below to:
- request access to your information
- ask that we update, complete or correct your information
- ask that we erase or restrict our use of your information
- request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to ‘data portability’).
If you are concerned about how your information is used, please contact us. You also have a right to complain to the Information Commissioner’s Office.
Who we are
We are Metrus Limited, a company registered in England under company number 04290499. Our registered office is at 11-15 William Road, London, NW1 3ER. Get in touch by contacting the Data Protection Officer in writing at: Metrus Limited, 8-10 Hallam Street, London, W1W 6NS or you can telephone 020 7631 0550 and ask for the Data Protection Officer.
CCTV Privacy Statement
This Policy applies to personal data collected by CCTV and or Electronic Access Control Systems (EACS) at sites managed by METRUS.
This information forms part of our privacy notice
Closed Circuit Television (CCTV) & Access Control Systems are in operation at some of the sites managed by METRUS. Where these systems are able to process Data which by itself or with other Data available to us can be used to identify you, this is known as Personal Data.
This data protection policy sets out how we use that personal data, you can contact us at www.metrus.co.uk if you have any questions, including specific questions about whether or not a particular site you are visiting or intend visiting has a CCTV and or Access Control System installed and whether data processors are operating that site on our behalf.
We take the security of your personal data very seriously and take a stringent approach to data protection which includes taking appropriate technical, physical and organisational steps to protect it and store it. We regularly evaluate whether it is necessary and proportionate to use CCTV systems at each of the sites for which we are responsible as Data Controllers. Each site that uses CCTV has had a privacy impact assessment conducted and annual audits are undertaken to ensure that correct legal procedures are followed. We also conduct regular legitimate Interest Assessments and document them.
Prior to disclosing any CCTV footage, we seek the advice of a specialist data protection advisory service to protect your personal data from inappropriate or wrongful disclosure.
Your data will not be processed or stored outside of the European Economic Area (EEA)
The lawful basis for processing personal data by the use of CCTV is: For the legitimate interest of the Data Controller or that of other persons or organisations. We will use the data obtained from CCTV images for the purposes set out below:
- Good property management;
- Maintaining the security of the premises and the prevention and investigation of crime;
- To monitor goods and services;
- For health and safety;
- For Protecting the rights, property and for the personal safety of the occupiers of the buildings, including the staff and the tenants, visitors to the buildings (including, the tenant’s staff, visitors to the building and members of the public) and those of Metrus;
- When you exercise your rights under data protection law and make requests;
- Based on your consent if you ask us to disclose your personal data to other people or organisations such as a company handling a claim on your behalf, or otherwise agree to disclosures:
- For the security of equipment and vehicles.
CCTV recorded images will be kept for a limited period only, usually a maximum of 30 days and are then erased. The exception being where images are required for evidential purposes or another legally valid reason including responses to your legal rights (subject rights). The Data will be collected directly during any visits you make to the site in question.
Electronic Access Control
The Lawful Basis for Processing Personal Data via the use of an Access Control System is: For the legitimate interest of the data controller or that of other persons or organisations.
The data will be collected directly and may include a combination of the following Personal Data dependant on the system itself and its objectives:
- Your name
- Your photographic image
- The company you work for
- Your position within that company
- Your vehicle registration number
- Your address and contact details
The Access Control System may record the days / times that you enter and leave the premises. This information will not be given to any third parties including your employer without first obtaining your permission and will not be used to make any automated decisions concerning your employment.
Prior to any of your data being entered or processed by or into an access control system you will be advised of the exact content of the required data and the purposes for which your data will be used. You will have the right to question why the data is required and to object to anything that you do not want to be processed.
Where you give your consent to your personal data being processed you will have the right to withdraw that consent at any time.
Your data will only be kept within the access control system for the duration of time during which you asked to use the system to gain entry and to leave the premises where it is installed. After this time, your Data will be deleted from the system. For example, when and if you are no longer employed in the building or are not intending to re-visit the building again, your data will be deleted.
We will process your personal data:
As necessary to comply with a legal obligation, e.g.:
- When you exercise your rights under data protection law and make requests
- For compliance with legal and regulatory requirements and related disclosures
- For establishment and defence of legal rights:
- For activities relating to the prevention, detection and investigation of crime
- To verify your identity
- For the security of the premises
- For Health and Safety
- For the safety and security of tenants, their employees and members of the public
- For Good property/estate management
Sharing of my personal data
Subject to applicable data protection law we may share your personal data with:
- Companies and other persons providing services to us
- Courts and Law enforcement agencies to comply with legal requirements, and for the administration of justice
- In an emergency or to otherwise protect our vital interests
- To protect the security or integrity of our business operations and those of our tenants
- The tenants of the premises
- For Health and Safety
Automated decision making and processing
- Your data will not be used in order to make any automated decisions which may or could significantly affect you.
Your rights under applicable data protection law
Your rights are as follows:
- The right to be informed about the processing of your personal data
- The right to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed
- The right to object to processing of your personal data
- The right to have your personal data erased (the “right to be forgotten”)
- The right to request access to your personal data and information about how we process it (Subject Access requests)
- The right to move, copy, or transfer your personal data (data portability)
- Rights in relation to automated decision-making including profiling
You also have the right to complain to the Information Commissioner’s office. It has enforcement powers and can investigate compliance with data protection law:
The contact details are as follows: Website www.ico.org.uk