Visitors

Privacy Policy for SITU's Visitors

At SITU, we respect your personal data. This Fair Processing Notice explains how we will use your personal data when you visit our premises.

OUR CONTACT DETAILS


Our head office address is:
SITU Living Ltd
Unit 3
Ulysses House
Ulysses Park
Heron Road
Exeter
EX2 7PH         

               
Our Data Protection Officer is Chris Richardson and he can be contacted at chris.richardson@situ.co.uk 

 

WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?  HOW WILL WE USE THAT PERSONAL DATA?

When you visit our premises, we may ask you to sign in to our visitors’ book. We ask for your full name, vehicle registration number and who you are visiting. This data is recorded only in the visitors’ book and not on any other system.

We will pass this data to a public authority representative if required, such as the fire service in the event of a fire or police in the event of a security incident.

Whilst you are on our premises, you may be asked or may want to give a member of our team further personal data, such as your email address or phone number. For example, you may be a prospective client and want to follow up on the meeting. At this point we would cease to treat you as a visitor for the purposes of data privacy. We treat different people’s data differently, depending on who they are. Each group has a different Fair Processing Notices so if you would like information on how we classify different people please contact dataenquiries@situ.co.uk. We will also be able to provide you a copy of the relevant FPN.

It may be necessary for us to collect medical data from you, which is classified under GDPR as “Special Category”. For example, if you may be pregnant or are a wheelchair user requiring a ground floor meeting room. If this is the case then we will take the information from you verbally and will not record it without your explicit consent.  For further information please email our secure email address: dataenquiries@situ.co.uk.

SITU does not operate or control CCTV in any of our premises.

 

WHAT IS OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA?

We need a legal basis in order to process your personal data.  Most of our processing is done because we have a legitimate interest in doing so.

We will process the following personal data because you have consented for us to do so:

- we process your health data with your consent if you make us aware of something when discussing special requirements.

 

We will process the following personal data because we believe that we have a legitimate interest in doing so:

- your personal data provided when you sign in to one of our buildings. Our legitimate interest is regarding the security of our staff, our premises and our visitors.

You have the right to object to our processing your data using legitimate interest.  Please speak to us if you have any concerns.

 

DO WE USE ANY AUTOMATED DECISION MAKING?

We do not use any automated decision making.

 

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

 

We do not share your data with any third parties.

 

 

DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE OF THE EU OR EEA?

We do not transfer your personal data outside of the EU.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

 

We will hold your data for as long as the visitors’ book is being used, but not longer than two years.

 

YOUR RIGHTS AS A DATA SUBJECT

The GDPR gives you rights as a data subject. You have:

1. the right to request from us access to your personal data;

2. the right to request from us rectification of your personal data;

3. the right to request from us erasure of your personal data;

4. the right to request from us restriction of processing your personal data;

5. the right to object to our processing of your personal data;

6. the right of data portability;

7. if we are processing your personal data on the basis of your consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of processing based on your consent before you withdrew it; and

8. You have the right to complain to the ICO.

More information on your rights can be found in Chapter 3 of the GDPR.