Privacy and Security policy
The data protection officer can be reached via the email privacynotice@wt-security.com.
Security Policy
Vulnerability Disclosure Policy. If you believe you have found a security vulnerability, please submit your report to SecurityOfficer@mosaicworld.eu.
Content Privacy Statement, effective as of 30/03/2021
Web sites covered
Information collected Data Subject
Potential Client Data Subject
Client Data Subject
Employee Data Subject
Employee Applicant Data Subject
Supplier
Use of information collected
Web Site Navigational Information Cookies, Web Beacons and IP Addresses Cookies Web Beacons Log Files, IP Addresses, URLs and Other Data Social Media Features and Single Sign-on Do Not Track
Public forums, refer a contact, and customer testimonials
Sharing of information collected
Communications preferences
Correcting and updating your information
Changes to this Privacy Statement
Contacting us
Privacy Statement, effective as of 30/03/2021 Watchtower Security Solutions Limited (“Watchtower,” “we,” “us,” “our,” or the “Company”) undertakes to protect the privacy of persons who visit the Company's websites ("Visitors"), persons who register for the Services such as described below (“Customers” or clients) and persons who register to participate in corporate events (“Participants”). This Privacy Statement describes how Watchtower deals with privacy issues related to the use of the Company's websites and the applications and services that Watchtower offers (collectively, the “Services”). This Privacy Statement explains which data is processed for which purpose and what the legal basis is. Physical, technical and organizational measures have been taken to protect your personal data. We reserve the right to make changes to this privacy statement. The current privacy policy can be consulted online at any time via our website. Except as set forth in this Privacy Statement, we will not disclose your information to third parties without your permission unless we are required by law to do so, for example, by a court order or to prevent fraud or other crime. By submitting information on our website and reading this Privacy Statement, you agree to the processing of this data about you by us and the product providers. If you have any questions or complaints regarding Watchtower's privacy statement or related practices, please contact us at privacynotice@wt-security.com
Address
5 The Apple Store, Far Peak Northleach
Gloucester GL54 3JL
Web sites covered This Privacy Statement applies to the handling of data that refer to this privacy statement. In this privacy statement, we explain how our company collects, uses, shares, and secures your personal information related to the Services that refer to this privacy statement (collectively referred to as “Watchtower’s Web sites” or “the Company’s Web sites”). Watchtower’s Web sites may contain links to other Web sites. Watchtower is not liable for the content of external websites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.
Information collected
The legal basis for collecting and processing the below data is Contractual: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract. See further information on the ICO website (link: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/).
Data Subject - Guardian Applicant
| Data Type | Reason why we store the data / how we use the date | Retention Period After Application |
|---|---|---|
| Name and contact details | To contact Guardian Applicant and send Marketing invitations to view properties that you have not selected, of which Ideal believes will suit your search | 12 months |
| Date of birth | Check the age is above 18 | 12 months |
| Current Address | To perform a credit check. This forms part of the vetting criteria to become a guardian. | 12 months |
| Employment status | This forms part of the vetting criteria to become a guardian. | 12 months |
| Partner status | To find out if Ideal can accommodate the Partner | 12 months |
| Partner emai | To then contact Guardian Applicant Partner in relation to offering accommodation. | 12 months |
| CCTV video | Some of our sites (no all) have additional security in the form of CCTV | 4 weeks period regardless of application date. |
Data Subject - Guardian
| Data Type | Reason why we store the data / how we use the date | Retention Period After Application |
|---|---|---|
| Name and contact details | To contact Guardian Applicant | 12 months |
| Date of birth | Check the age is above 18 | 12 months |
| Photo ID (e.g. copy of passport) & Nationality | To confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Guardian vetting criteria. | 12 months |
| Current Address | To perform a credit check. This forms part of the vetting criteria to become a guardian. | 12 months |
| Credit check | To see if you have a good history of paying, this is part of the Guardian vetting criteria. | 12 months |
| If appropriate, Guarantor name & contact information | If the Credit Check comes back | 12 months |
| Employment status and details. | This forms part of the vetting criteria to become a guardian. | 1 year |
| Bank Details | Set up payment of accommodation Fee and to pay back Damage Security Payment | 1 year |
| Next of Kin name & contact information | In cases of emergencies, were Ideal needs to contact a Guardians Next of Kin. | 1 year |
| Address of previous properties from last 5 years and Employment Details of last 5 years | This forms part of the vetting criteria to become a guardian and this information adheres to the Code of practice: BS 8584:2015 Vacant property protection services. | 1 year |
| Financial information including Invoices, credit history | Business need – to manage the payments | 6 years |
| (HMRC regulations) Signed Licence Agreement | Business need - to manage the properties | 7 years (tax reasons) |
| CCTV video | Some of our sites (no all) have additional security in the form of CCTV | 4 week period regardless of guardian left date, i.e. the video is only kept for 4 weeks. |
Data Subject Potential Client
| Data Type | Reason why we store the data / how we use the date | Retention Period After Application |
|---|---|---|
| Name and contact details | To contact Client. Marketing will send you from time to time other information relating to your original request. All communication has an opt-out function. | Until you opt out |
Data Subject - Client
| Data Type | Reason why we store the data / how we use the date | Retention Period After Application |
|---|---|---|
| Name and contact details | To contact Client and Marketing campaigns | 3 years |
| Work Address | To send correspondences | 3 years |
| Correspondence | Business need - to manage the service | 3 years |
| Bank Details | Set up payments | 3 years |
| Property Details (including inspection reports) | Business need - to secure the properties | 3 years |
| Financial information including Invoices, credit history | Business need – to manage the payments | 7 years (HMRC regulations) |
| Signed contract (offer letter) | Business need - to secure the properties | 7 years (tax reason) |
| CCTV video | Some of our sites (no all) have additional security in the form of CCTV | 4 week period regardless of guardian left date, i.e. the video is only kept for 4 weeks. |
Data subject - Employee Applicant
| Data type | Reason why we store data / use the data | Retention period |
|---|---|---|
| Name and contact details | To contact staff | 1 month |
| CV | Business need - investigating suitability for role / verifying experience | 1 month |
| CV | Talent pool (applicant gives prior consent) | 1 year |
DATA SUBJECT - EMPLOYEE.
| Data type | Reason why we store data / use the data | Retention period |
|---|---|---|
| Name and contact details | To contact staff | 7 years |
| Date of birth | Check the age is above 18 | 7 years |
| Photo ID (e.g. cope of passport) & Nationality | To confirm your identity and check that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria. | 5 years |
| BSN | To confirm your identity and to set up wage payment | 7 years |
| Visa (if needed) | To verify that you are legally allowed to live and work/study in the country. This is part of the Staff vetting criteria. | 7 years |
| Current Address | To perform a credit check. This forms part of the staff vetting criteria. | 7 years |
| Driving Licence | To check if staff have a current and valid licence whilst driving the company vehicles. | 2 years |
| Bank Details | To pay wages | 7 years |
| Next of Kin name & contact information | In cases of emergencies, where Watchtower needs to contact an employees Next of Kin. | 7 years |
| Wages (payroll) + Bonuses + Pension + Expense Information | Business need - verifying payment made by Law - HMRC regulations | 7 years |
| Appraisals / Performance Review / Disciplinary History | Business need- verifying and tracking performance and development | 2 years |
| Attendance records: Absences + Maternity / paternity | Business need - verifying performance By Law | 2 years |
| Personal accident/injury claim | Business need - preventing further accident/injury By Law | 10 years |
| Training records | Business need - preventing further accident/injury By Law | 10 years |
| Employment contract | Business need - verifying terms of employment | 2 years |
| CCTV video | Some of our sites (no all) have additional security in the form of CCTV | 28 days of storage, according to the 'regulation of Article 151c of the Municipalities Act', regardless of the date of registration. Images of misconduct/offences for police and judicial authorities can be stored until the prosecution is completed. |
Data subject - Supplier
| Data type | Reason why we store data / use the data | Retention period |
|---|---|---|
| Name and contact details | To contact Supplier Applicant | 1 year |
| Financial information including Invoices, credit history | Business need - to manage the payments | 7 years |
| CCTV video | Some of our sites (not all) have additional security in the form of CCTV | 28 days of storage, according to the 'regulation of Article 151c of the Municipalities Act', regardless of the date of registration. Images of misconduct/offences for police and judicial authorities can be stored until the prosecution is completed. |
Watchtower does not always process all of the above personal data. That depends on which services the customer purchases / wishes to purchase and which functionalities the customer uses on the Company's website. When you use the Company's Services, Watchtower may also collect information by using commonly used information collection tools, such as cookies or Google Analytics ("Website Navigation Data"). Website Navigation Data includes standard information about your web browser (such as browser type and browser language), your IP address, and the actions you perform on the Company's Web sites (such as the visited Web pages and clicked links). Click here for more information about the collection of Website Navigation Data by Watchtower and others.
Video Images
CCTV cameras are set up for security purposes on the sites of Watchtower Clients. The images are stored locally and temporarily stored for a maximum of 4 weeks. The stored images are kept with an accredited third party, they are only viewed in case of damage or suspected misconduct and at the request of the police and judicial authorities. If the police or judicial authorities request the images then they are kept until the incident is resolved.
Use of information collected Personal data, of the Data Subject is processed for the following purposes:
entering into agreements;
to execute agreements with the Data Subject in the field of rental and loan;
informing the Data Subject;
ensuring the safety of the property of the Company and the person concerned, more specifically the prevention of criminal offenses and illegal activities;
approaching Data Subjects for marketing purposes;
improving the Company's offline and online services.
The legal basis for collecting and processing the below data is Contractual: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract. See further information on the ICO website (link: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/).
Web Site Navigational Information Cookies, Web Beacons and IP Addresses
Watchtower uses commonly-used information-gathering tools, such as cookies to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). As described more fully below, we and our partners use these cookies or similar technologies to analyse trends, administer Web sites and Services, track users’ movements around our Web sites and Services, serve targeted advertisements and gather demographic information about our user base as a whole. This section describes the types of Google Analytics used on the Company’s Web sites and Services, and how this information may be used.
Cookies
Watchtower uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, Watchtower’s servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Watchtower, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Email Alerts” or a “sign up to a Newsletter” or “Application for a room” Web forms) or have previously identified yourself to Watchtower, you remain anonymous to the Company. Watchtower uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Web sites or Services. The following sets out how Watchtower uses different categories of cookies and your options for managing cookies’ settings: Web Beacons Watchtower uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site or Service tied to the Web beacon, and a description of a Web site or Service tied to the Web beacon. For example, Watchtower may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites.
Web beacons
Watchtower uses Web beacons to operate and improve the Company’s Web sites, Services and email communications. Log Files, IP Addresses, URLs and Other Data As is true of most Web sites, we gather certain information automatically to analyse trends in the aggregate and administer our Web sites and Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyse overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, Watchtower uses IP addresses to monitor the regions from which Customers/Clients and Visitors navigate the Company’s Web sites. Watchtower also collects IP addresses from Customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.
Social Media Features and Single Sign-on
The Company’s Web sites may use social media features, such as the Facebook “like” button (“Social Media Features”). These features may collect your IP address and which page you are visiting on the Company’s Web site, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on the Company’s Web site to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on the Company’s Web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features. Watchtower also allows you to log in to certain of our Web sites and Services using sign-in services such as Facebook Connect. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign-up form.
Do Not Track
Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user's browser DNT preference setting. Watchtower does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Watchtower takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
Public forums, refer a contact, and customer testimonials Watchtower may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Watchtower is not responsible for the personal information you choose to submit in these forums. Customers/Clients and Visitors may elect to use the Company’s referral program to inform contacts about the Company’s Web sites and Services. When using the referral program, the Company requests the contact’s name and email address. Watchtower will automatically send the contact a one–time email inviting him or her to visit the Company’s Web sites. Watchtower does not store this information. Watchtower posts a list of Customers/Clients and testimonials on the Company’s Web sites that contain information such as Customer names and titles. Watchtower obtains the consent of each Customer/Client prior to posting any information on such a list or posting testimonials.
Sharing of information collected Service Providers
Watchtower may share Data about Watchtower, Visitors, Customers and Attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us. Without limiting the foregoing, Watchtower may also share Data about Watchtower Visitors, Customers and Attendees with the Company’s service providers to ensure the quality of information provided, and with third–party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, Watchtower does not share, sell, rent, or trade any information with third parties for their promotional purposes. Third Parties Section 4 of this Privacy Statement, Google Analytics, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browsers. We may also disclose your personal information to any third party with your prior consent. Compelled Disclosure Watchtower reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
Communications preferences
Watchtower offers Visitors, Customers/Clients, and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may unsubscribe by contacting us using the information in the “Contacting Us" section below.
Your Rights as a Data Subject As a data subject, you have the following rights: • The right to know whether and which of your personal data is processed; • The right to inspect and copy that data; • The right to correction, addition or deletion of data if necessary; • The right to request (partial) destruction of your data. This can only be met if the retention of the data is not of considerable importance to the Company and the data must not be retained on the basis of a statutory regulation; • The right to object to the processing of your data in certain cases; • The right to data portability.
If you would like to exercise your rights, please notify your request by email to privacynotice@wt-security.com
In order to prevent misuse, we ask you to adequately identify yourself in a written request for access, for example by sending a copy of a valid ID. Don't forget to shield the citizen service number and passport photo on the copy. 9. Changes to this Privacy Statement Watchtower reserves the right to change this Privacy Statement. Watchtower will provide notification of the material changes to this Privacy Statement through the Company’s Web sites at least thirty (30) business days prior to the change taking effect. 10. Contacting us Questions regarding this Privacy Statement or the information practices of the Company’s Web sites and Services should be directed to: privacynotice@wt-security.com
Pursuant to privacy legislation, you also have the right to file a complaint with the Information Commissioner’s Office. This can be done by their website https://ico.org.uk/make-a-complaint/ or by calling their helpline on 0303 123 1113.