Last updated 25 May 2018
WHAT DO WE COLLECT, WHAT DO WE DO WITH IT AND WHY?
Purpose/ lawful basis
Who is it shared with?
Contact details (name, address, email address, phone number, fax number, correspondence)
You (the data subject)
General enquiry – in our legitimate interests to process the information to respond to your enquiry
The Lendlease Group
You (the data subject)
To register your interest in a residential property or make a reservation – to take steps at your request to enter into a contract with you
When you make a reservation and when you purchase a property – for the performance of our contract with you
The Lendlease Group and its legal and sales advisors
Contact details (name, address, email address, phone number), marketing preferences
To sign up to our newsletter/ marketing or shopping centre Wi-Fi – this is in our legitimate interests, but to comply with marketing rules, we will ask you for your consent to electronic marketing
Contact details (name, address, email address, phone number, fax number, warranty information, contract, account information, defect notification(s), correspondence)
You (the data subject), contractors/ sub-contractors where maintenance/ support provided (e.g. defects)
To manage your purchase/ our contractual relationship – for the performance of our contract with you
Contractors/ sub-contractors to remedy defects, the Lendlease Group, our Customer Relationship Management system provider.
Our phone system
For training and monitoring purposes - for our legitimate business interests
The Lendlease Group
Our CCTV cameras
For crime prevention and public safety - for our legitimate business interests
The Lendlease Group and its property and security managers and law enforcement agencies
Job applications (Lendlease) (CV information, contact details (name, address, phone number, email address), references, correspondence)
Workday (external website), you (the data subject)
To review and interview job candidates – for our legitimate business interests
The Lendlease Group, recruitment contractors
Cookies and IP addresses
Please see our cookies policy
Please see our cookies policy
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
Some examples of customer data retention periods:
When you purchase a home from us, we’ll keep the personal data you give us for twelve years, so we can comply with our legal and contractual obligations.
If you’ve not used your account for more than five years, it will be flagged as inactive and we’ll contact you to ask whether you want to keep it open. Unless you reply to say ‘yes’, we’ll close the account and delete or anonymise the personal data associated with it.
Where we say above that we collect your information on the basis of our legitimate business interests, we are required to carry out a balancing test of these interests against your interests and rights under the Data Protection Laws. As a result of our balancing test, which is detailed below, we have determined, acting reasonably and considering the circumstances, that we are able to process your personal data in accordance with the Data Protection Laws on the basis that we have a legitimate business interest.
We have a legitimate interest in processing your information as:
We need the information to respond to your enquiries;
We need the information to send you information;
We would be unable to provide our services without processing your information;
We would be unable to process your job application without processing your information;
We need call recordings for evidential purposes and to help us perform our contract(s) with you; and/or
CCTV is there for safety reasons and for the prevention/ detection of crime.
We consider that it is reasonable for us to process your personal data for the purposes of our legitimate interests outlined above as we process your personal data only so far as is necessary for such purpose.
Impact of processing
We consider that it is reasonable for us to process your personal data for the purposes of our legitimate interests outlined above as it can be reasonably expected for us to process your personal information in this way for the purposes set out above. In most cases the information is being processed for your benefit as well as ours.
Special Categories of personal data
Where we process any special categories of personal data (e.g. diversity, medical, biometric information), we will separately ask for explicit consent, if this is required by law. In this case, you have the right to withdraw your consent to this processing at any time.
In some circumstances, we may have another lawful reason to collect such special categories of personal data, in which case we will inform you of this prior to the processing taking place.
OTHER DISCLOSURES OF YOUR PERSONAL DATA?
We may disclose your personal information to any member of the Lendlease Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 ("Lendlease Group").
We will disclose your personal information to third parties, as set out above and:
to our professional advisors (including without limitation tax, legal or other corporate advisors who provide professional services to the Lendlease Group);
to other third-party suppliers for business administration or IT purposes;
in the event, or in connection with, a merger or sale involving all or part of the Lendlease Group or as part of a corporate reorganisation or share sale or other change in corporate control to any prospective sellers or buyers of such business or assets;
in the event of any insolvency situation (e.g. the administration or liquidation) of Lendlease Corporation Limited or any of its group entities;
to protect the rights, property, or safety of us, our staff, our customers, or others.This includes exchanging information with other companies and organisations (including without limitation the local police or other local law enforcement agencies or regulatory bodies) for the purposes of staff and customer safety, crime prevention, fraud protection and credit risk reduction; and/or
if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.
We may disclose, use and/or aggregate, anonymous information about you for marketing, advertising, research, compliance, or other purposes.
DO WE DISCLOSE PERSONAL DATA TO THIRD COUNTRIES?
We may transfer personal information to countries other than the country in which the data was originally collected. These countries may not have the same data protection laws as the country in which you initially provided the information and may not provide the same level of protection.
Where your information is processed by or shared between the Lendlease Group, your information is likely to be transferred to or from Australia, the United Kingdom, Greater China, Japan, Malaysia, Singapore, Hong Kong, the United States and Italy for the purposes set out above.
Where your information is transferred to a third party (for example our Customer Relationship Management system provider) this is also likely to be transferred to a third country, namely the United States.
Where your personal data is collected within the European Economic Area ("EEA"), it will only be transferred outside of the EEA where an adequate level of protection for your rights as a data subject can be ensured, and where the transfer is otherwise in accordance with relevant data protection laws, including by incorporating standard clauses approved by the European Commission in our agreements. A copy of these can be found at: http://eur-lex.europa.eu/
Search = CELEX:32010D0087
WHAT DO WE DO TO HELP PROTECT PERSONAL DATA?
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We, and our external service providers, take reasonable steps to protect personal data from misuse, interference or loss and unauthorised access, modification and disclosure with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. We store most data about you in computer systems and databases operated by either us or our external service providers. However, safeguards and security measures apply to personal data in both electronic and hard copy form.
Personal data is only retained for as long as it is necessary for the identified purposes, to the extent necessary for purposes reasonably related to those identified purposes (for example, resolving disputes) or as required by law, in accordance with the periods set out above.
WHAT RIGHTS DO YOU HAVE?
You have a number of rights under the Data Protection Laws in relation to the way we process your personal data, which are set out below. You may contact us using the details set out below to exercise any of these rights. We will respond to your request within one month.
In some instances, we may be unable to carry out your request, in which case we will write to you (again, within one month) to explain why.
1. You have the right to request access to your personal data
You have the right to request confirmation that your personal data is being processed, to request access to your personal data (through us providing a copy) and to be provided with other information about how we process your personal data.
2. You have the right to ask us to rectify your personal data
You have the right to request that we rectify your personal data if it is not accurate or not complete.
3. You have the right to ask us to erase your personal data
You have the right to ask us to erase or delete your personal data where there is no reason for us to continue to process your personal data. This right would apply if we no longer need to use your personal data to provide services to you, where you withdraw your consent for us to process special categories of your personal data, or where you object to the way we process your personal data (see right 6 below).
4. You have the right to ask us to restrict or block the processing of your personal data
You have the right to ask us to restrict or block the processing of your personal data that we hold about you. This right applies where you believe the personal data is not accurate, you would rather we block the processing of your personal data rather than erase your personal data, where we don't need to use your personal data for the purpose we collected it for but may require it to establish, exercise or defend legal claims.
5. You have the right to port your personal data
You have the right to obtain your personal data from us and use it for your own purposes across different services. This allows you to move personal data easily to another organisation, or to request us to do this for you.
6. You have the right to object to our processing of your personal data
You have the right to object to our processing of your personal data where we process your data on the basis of our legitimate business interests, unless we are able to demonstrate that, on balance, our legitimate interests override your rights or we need to continue processing your personal data for the establishment, exercise or defence of legal claims.
7. You have the right not to be subject to automated decisions
You have the right to object to any automated decision making, including profiling, where the decision has a legal or significant impact on you.
8. You have the right to withdraw your consent
You have the right to withdraw your consent to our processing of personal data, if consent was the mechanism we used to collect it.
HAVE A PRIVACY ENQUIRY?
ATTN: Data Protection Manager
20 Triton Street
London NW1 3BF
We aim to resolve all enquiries promptly and in accordance with Data Protection Laws.
We will always aim to address your concerns if you have any and would encourage you to contact us at the address above. You can also contact the relevant data protection/ supervisory authority in your jurisdiction. For the purposes of the Data Protection Laws, our lead supervisory authority is the Information Commissioner's Office, who can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or at www.ico.org.uk .
sole traders, partnerships and businesses
Our website may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or your use of those websites.
A list of Lendlease Group entities can be found here.
CHANGES TO THIS POLICY