This policy (together with our Cookie Policy) sets out how we use any personal data that we collect from you or that you provide to us via our website at coventgardenconsultation.co.uk (our site) and any related services, including our planning policy, community engagement, urban design, regeneration, social and economic development, and visual communications services. It does not cover third-party websites linked from our services.

Please read this policy carefully to understand how we will use your personal data. By using our site you agree that we may process and use your personal data in accordance with this policy.

You are able to unsubscribe from the news and information service at any time and/or “opt out” of receiving communications. You can do this by either clicking the unsubscribe link in any email you are sent from us or by emailing feedback@coventgardenconsultation.co.uk directly. If you unsubscribe from the services, we will not retain the data you submitted when you subscribed for the service and will cease sending you news and information.

We are the Controller in respect of your personal data we collect from you.

Our full name: Capital & Counties CG Limited as General Partner of Capital & Counties CGP,

Shaftesbury CG Limited and Covent Garden Holdings (No.3) Limited

Our contact details: Regal House, 14 James Street, London, WC2E 8BU

feedback@shaftesburycapital.com

We ensure that your personal information is processed lawfully, transparently, and for a specific purpose. Once that purpose is fulfilled, your data is no longer retained. The grounds for processing your information include:

– Contractual necessity.

– Legal compliance.

– Explicit consent for designated purposes.

– Legitimate interests pursued by Shaftesbury Capital.

We will only use your personal data for the purpose for which we collected it.

We collect personal information necessary for service provision, including but not limited to, name, address, email, and phone number. This information aids in:

– Delivering tailored services;

– Communicating updates;

– Improving service delivery and content;

– Complying with any legal obligations we may have.

We do not make any automated decisions using your personal information.

We may disclose your personal data to the following recipients:

1. to our suppliers to the extent necessary for them to perform their services to us;
2. to service providers to whom we outsource certain functions of our business. For example, we have service providers such marketing agencies who provide marketing support or IT service providers who provide / support IT applications or systems, which means that your personal data will be hosted on their servers, but under our control and direction. We require all our service providers to respect the confidentiality and security of personal data;
3. to a prospective buyer in the event of a sale, merger or restructuring of any part of our business;
4. to any company within the Shaftesbury Capital group of companies and our joint venture companies); or
5. to any regulatory agency or enforcement body (e.g. the police or intelligence services) or court where we reasonably believe that we are required to do so by applicable law or regulation or by any court order or at their request where it is legal to do so.

We do not transfer your personal data outside the UK.

We employ robust technical and organisational measures to protect your personal information from unauthorised access, alteration, disclosure, or destruction. Our commitment extends to requiring any third parties we work with to also employ adequate protection measures.

Personal information is retained only as long as necessary for the fulfilment of the purposes mentioned herein, or as required by law (e.g., for tax, legal, accounting purposes). Upon expiration of the retention period, personal information may be anonymised, pseudonymised or destroyed.

You have the following rights with respect to your Personal Information

• You can ask for copies of your Personal Information;
• You can ask us to rectify inaccurate or incomplete Personal Information;
• You can ask us to erase your Personal Information;
• You can ask us not to use your Personal Information for marketing;
• You can ask us to restrict the processing of your Personal Information;
• You can object to the processing of your Personal Information;
• You can ask that we transfer your Personal Information to another organisation or to you
• You can complain about our processing of your Personal Information; and

In addition, to the extent that the legal basis of our processing of your Personal Information is consent, you can withdraw that consent at any time.

Please contact us using the contact information below if you wish to discuss or exercise any of your rights described above.

We may update this Privacy Policy to reflect changes in our practices.

For enquiries or concerns regarding this policy or your personal information please contact our Company Secretary by post (Regal House, 14 James Street, London, WC2E 8BU), or by email at feedback@shaftesburycapital.com. If you believe that your data protection rights have been breached, you also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO).

This policy is reviewed periodically and as necessary due to system changes, policy updates, or legal enhancements.

Data Controller: means a natural or legal person which determines the means and purposes of processing of personal data.

Data Subject: means an individual whom the personal data is about.

EEA: means the European Economic Area.

GDPR: means the General Data Protection Regulation (EU) 2016/679.  References to the GDPR also include the equivalent regime implemented in the UK by the Data Protection Act 2018.

ICO: the Information Commissioner’s Office regulates the processing of personal data by all organisations within the UK.

Legitimate Interests: this is a ground which can be used by organisations as a lawful basis of processing, for example where personal data is used in ways that could reasonably be expected, or there is a compelling reason for the processing.

Member States: means those countries which are part of the European Union.

Service Providers: these are a range of third parties to whom we outsource certain functions of our business. For example, we have service providers who provide / support IT applications or systems, which means that your personal data will be hosted on their servers, but under our control and direction. We require all our service providers to respect the confidentiality and security of personal data.