Privacy Policy

CBRE NI Privacy Policy

This is the privacy policy of LDM Belfast Limited trading as CBRE NI, a limited liability company established in Northern Ireland (NI032803) with a registered office at The Linenhall, 32-38 Linenhall Street, Belfast, Antrim, BT2 8BG (hereinafter collectively referred to as ‘CBRE NI’, ‘we’, ‘us’ or ‘our’).

This privacy policy sets out how CBRE NI uses and protects the personal data of our customers and visitors to websites operated by us (hereinafter referred to as ‘you’ or ‘your’).

We are focused on implementing the practices of fairness, transparency and accountability to protect your privacy when using, storing and sharing your personal data.  In this privacy policy we explain how we collect personal data about you, how we use it and how you can communicate with us regarding the use of your personal data. This online privacy policy relates to personal data that we collect through websites operated by us (‘Sites’) and not to information which we collect “off-line”. We have a separate policy which relates to the processing of personal data ‘off-line’, and a copy can be made available to you on request.  By willingly providing personal and other information to us you are consenting to the terms and conditions of this privacy policy.

You may withdraw your consent at any time by notifying us at info@cbreni.com or by writing to CBRE NI, 7th Floor – The Linenhall, 32-38 Linenhall Street, Belfast, BT2 8BG.

CBRE NI have the utmost respect for the privacy of all our customers and visitors to our Sites. We are committed to processing your personal data in accordance with current data protection laws, including the General Data Protection Regulation ((EU) 2016/679) insofar as it applies in the United Kingdom, the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (‘Data Protection Legislation’). We will only use your personal data in accordance with this privacy policy.

In this privacy policy the terms ‘personal data’, ‘personal data breach’, ‘and ‘process’, shall have the meaning given to them in the Data Protection Act 2018.

Please read this privacy policy carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data. If you do not agree with this privacy policy in general or any part of it, you should not access any of our Sites or use our products or services.

What categories of personal data do we process?

We collect personal data from you when you register on our Site, either by email, or by filling out a form. The personal data that we collect enables us to respond effectively to your requests for our customised services and products. Personal data that we may process in connection with our services includes, your name, company name, email address, postal address, phone number(s) and any other information that itself can or, when tied to the above information, may identify you as a specific individual.

We collect the domain names and IP addresses of visitors to our Sites for statistical purposes, to measure use, to improve the content or responsiveness of the Site or to customise the content or layout of the Site for the individual visitor. We do not disclose this information to third parties.

We collect email addresses that are volunteered by you, through e-mail messages addressed to us or our employees, through visitor responses via the “contact us” section of the Site, or e-mail marketing destination web pages and public events.  We use e-mail addresses for marketing purposes and to inform those interested in our products about events, products, services or other items of interest. We may also use e-mail addresses volunteered by our visitors to register the visitor for an extranet account, to process orders for brochures and other written materials, or otherwise to respond to a visitor’s request. On our Site we will seek your consent to being contacted by us for promotional or marketing emails at any time. You may opt out of receiving promotional or marketing emails by notifying us by using the unsubscribe function in our newsletter or by contacting us at info@cbreni.com.  Requests to unsubscribe from company emails may take 5 business days to process.

Do we use Cookies?

Yes. A cookie is an element of data that a website can send to your browser, which may then be stored on your system.  You can set your browser to notify you when you receive a cookie, giving you the opportunity to decide whether to accept it.  We use one type of cookie to maintain your login information for as long as you are using the Site. No personal data is stored in this cookie and the cookie is deleted from your computer when you leave the Site.  Our second cookie type simply identifies you as you move throughout the Site, providing faster, personalised access to view various pages on our Sites.

Google Analytics

CBRE NI uses Google Analytics to analyse its website performance.  The information Google Analytics gathers using cookies on our Sites generate generic reports about the use of our Sites. The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google on servers in the United States (‘U.S.’).  If the IP anonymisation is activated, Google will truncate/anonymise the last octet of the IP address for member states of the European Union (‘EU’) as well as for other parties to the agreement of the European Economic Area (‘EEA’).  In exceptional cases, the full IP address is sent to and shortened by Google servers in the U.S.

On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the Site, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider.  Google will not associate your IP address with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser.  However, please note that if you do this, you may not be able to access and utilise the full functionality of the Site.  You can also prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under:

https://tools.google.com/dlpage/gaoptout?hl=en-GB

Further information concerning the terms and conditions of use and data privacy can be found at:

https://www.google.com/intl/en/policies/privacy/partners/

https://www.google.com/analytics/terms/gb.html

https://www.google.de/intl/en-uk/policies/

https://support.google.com/analytics/answer/6004245?hl=en

Please note that on this website, Google Analytics code is supplemented by“anonymizelp” to ensure an anonymised collection of IP addresses within the EU and EEA (also referred to as ‘IP-masking’).

Third-Party Sites

Our website may contain links to other third-party sites.  When you click on one of these links you are visiting a website operated by someone other than CBRE NI and the operator of that website may have a different privacy policy.  We are not responsible for their individual privacy practices, so we encourage you to investigate the privacy policies of such third-party operators.

Children

Our website is not intended for children under 13 years of age.  No one under age 13 may provide any information to us through the Site.  We do not knowingly collect personal data from children under 13.  If you are under 13, do not access, use, or provide any information on the Site or on or through any of its features.  If we learn we have collected or received personal data from a child under 13 without parental consent we will delete that information.  If you believe we might have any information from or about a child under 13 please contact us by sending an email to info@cbreni.com or writing to us at CBRE NI, 32-38 Linenhall Street, Belfast BT2 8BG

How we use your personal data

CBRE NI will not under any circumstances, sell, share or rent your personal data to any other organisation in any way other (unless you have provided us with your explicit consent) other than what has been detailed in this privacy policy.

We will use your personal data to supply you with the products and services you request, and to provide you with updates. Your personal data will also be used to manage your account, evaluate products or services we could offer to you. In addition, your personal data will be used to respond to any questions and comments and to follow up on our customer service.  If necessary, your personal data may also be used to gain feedback on our products, services, and Sites, to tackle disputes, collect payments due or resolve outstanding issues, to prevent potentially prohibited or illegal activities.

Our legal basis to process your personal data

We rely on the following legal bases to process your personal data:

CONTRACT: We will process your personal data where it is necessary to enter into and perform a contract to provide you with our services, such as assessing suitability for a service, including consider whether or not to offer to you the service, the price, the payment methods available and the conditions to attach. We will also process your personal data when managing the services we provide to you and when updating your records on our systems.

LEGITIMATE INTERESTS: We will process your personal data where it is in our legitimate interests to do so, such as, managing services we provide to you, updating your records, contacting you about your account and account payment (where appropriate).  We will also process your personal data to follow guidance and recommended best practice of government and regulatory bodies and to keep records of communications between you and our employees.

LEGAL OBLIGATION: We will process your personal data where we are legally mandated to share your personal data with people or organisations such as regulatory bodies and government agencies.

CONSENT: We will process your personal data where you have willingly provided us with your personal data to enable us to provide our services and products.  You may withdraw your consent at anytime in the future by emailing info@cbreni.com or by writing to us at CBRE NI, 32-38 Linenhall Street, Belfast BT2 8BG.

When Do We Share Your Personal Data With Other Organisations

We do not sell, trade, or otherwise transfer to third parties your personal data, other than as set out in this privacy policy.  .  Any personal data that you provide to us will be used for our purposes only. Your personal data will only be shared with individuals, companies and organisations identified in this privacy policy. In some instances, we may need to provide personal data to third parties that we use to deliver specific products or services to you (such as shipping or direct mailing organisations). It may also be necessary for our website administrator (an external third party) to have access to the back end of the Site for administration purposes and your personal data may be accessible to the website administrator when carrying out these purposes.  In such cases, our agreements with these third parties do not permit them to use personal data for purposes other than fulfilling those specific services or allow such third parties to further disclose your personal data. When necessary we may share your personal data within our Group for the purpose of providing our products and services in an efficient manner. For the purposes of this privacy policy, ‘Group’ will mean CBRE NI and any subsidiary or holding company from time to time of CBRE NI, and any subsidiary from time to time of a holding company of that company.

Where we are legally obliged to share your personal data with regulatory bodies or government agencies we will do so accordingly and only to the extent required to fulfil our regulatory obligations.

Data Transfers To Countries Outside The EU/EEA

Data entered onto our Site may be transferred to a server in the U.S. and stored there.  Your personal data may be used by the Group, or other entities outside the EU and the EEA including in the U.S.

Please note that outside the EU and the EEA different standard of data protection might apply.  By completing and submitting the contact form on our Site, you acknowledge and consent that data may be transferred across international borders, including to countries outside the EU and the EEA.

Whenever we transfer your personal data out of the UK to countries which have laws that do not provide the same level of data protection as the UK law, we always ensure that a similar degree of protection is afforded to it by ensuring that the following safeguards are implemented.

How Long Do We Keep Your Personal data

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, such as providing our products and services to you, managing our relationship with you and for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

How We Protect Your Personal data

CBRE NI takes the security of your personal data seriously. We implement appropriate security measures to maintain the safety of your personal data when you transmit it from your computer to the Site and to protect such information from loss, misuse, unauthorised access, unauthorised disclosure, alteration, or destruction. You should be aware that no internet transmission is ever 100% secure or error-free.  In particular, e-mails sent to or from the Site may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.  Where you use passwords, ID numbers or other special access features on this Site, it is your responsibility to safeguard them.

In addition, we limit access to your personal data to those CBRE NI employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your Rights Under Data Protection Legislation

We detail below a list of the rights that all individuals have in accordance with current Data Protection Legislation.  Not all rights are absolute and may only apply in certain circumstances.  Should you wish to exercise your rights at any time we will advise you if circumstances allow for the rights to be exercised.

You have the right to:

  • Request access to your personal data (commonly known as a “subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object.
  • You also have the absolute right to object any time to the processing of your personal data for direct marketing purposes (see ‘What categories of personal data do we process?’ section above for details of how to object to receiving direct marketing communications).
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in one of the following scenarios:
    • If you want us to establish the data’s accuracy;
    • Where our use of the data is unlawful but you do not want us to erase it;
    • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
    • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

CBRE NI is registered with the Information Commissioner’s Office (‘ICO’) and we have nominated our Executive Director, Mr. Gerard McCann as our Data Protection Officer (DPO) . Should you wish to contact us with regard to the manner in which we process your personal data you can send an email to our DPO at info@cbreni.com. You can also write to us at CBRE NI, 7th Floor The Linenhall, 32-38 Linenhall Street, Belfast, BT2 8BG

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within three months. Occasionally it could take us longer than three months if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

COMPLAINTS

You have the right to make a complaint at any time to the ICO, the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

CHANGES TO THIS PRIVACY POLICY

We may change this privacy policy from time to time to reflect changes in the law and /or our privacy practices.  We encourage you to check this privacy policy for changes whenever you visit our Sites.

April 2024 (v3)