: January 1, 2020
Last Reviewed on
: July 21, 2020
This policy applies solely to visitors of CBRE Offices (“Office
”) with respect to how CBRE, Inc. (“CBRE
”) collects and uses Personal Information when such visitors (“you
”) visit the Office. We reserve the right to update this Policy at any time, and we will provide or make available to you a new privacy notice when we make any substantial updates.
1. HOW “PERSONAL INFORMATION” IS DEFINED IN THIS POLICY
“Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or, in the case of California residents, with their household. “Personal information” does not include information publicly and lawfully made available in government records, deidentified or aggregate information about individuals or, in the case of California residents, their households.
2. PERSONAL INFORMATION WE COLLECT, PURPOSES OF USE, SOURCES
During your visit to the Office, and/or during the last 12 months, CBRE collects or has collected the following data from you directly
- Moving images of you for the purpose of ensuring safety and security at the Office, and also for process/alarm confirmation (for example to confirm whether alarms are functioning) (collectively, “CCTV Data”).
- Your contact information when you sign in as a visitor, being your name, your company name and your email, for the purpose of logging your visit to the Office for safety and security purpose. (collectively, “Visitor Data”).
To verify your identity and contact information, CBRE may also view your identification when you visit the Office. However, CBRE does not store or share your identification.
CBRE does not collect any Personal Information covered by this Policy from you from any other source.
CBRE does not sell your Personal Information.
3. DISCLOSURE OF YOUR PERSONAL INFORMATION
CBRE may disclose, and/or has disclosed in the last 12 months, the CCTV Data and Visitor Data to the following categories of third parties for a business purpose:
- Our related entities and affiliates; and
- Service providers, such as our professional advisors, lawyers, our vendors who provide data processing, IT, software, information security or related services.
CBRE may, only as strictly required, also disclose your Personal Information to the following third parties:
4. QUESTIONS REGARDING OUR PRIVACY PRACTICES
- Any competent law enforcement body, regulatory or government agency, court or other third party (such as an insurer) where we believe disclosure is necessary to comply with applicable law or regulation; and
- To a third party to exercise, establish or defend our legal rights or the rights of our employees or for the administration of justice, or to protect the vital interests of you or any other person.
If you have any questions about this Privacy Notice or the processing of your personal data, please contact [email protected]
5. SUPPLEMENT – CALIFORNIA CONSUMER PRIVACY RIGHTS
Office visitors who reside in the State of California have the following rights:
- The right to request that CBRE discloses what personal information it collects, uses, discloses, and sells, and to request copies of such information, provided you may only make two (2) such requests in any 12-month period.
- The right to request deletion of y our personal information (subject to lawful exceptions).
- The right not to receive discriminatory treatment for any exercise of your rights conferred by the CCPA.
You may exercise your rights to know, access, delete or opt out by completing the form in our Data Subject Rights Portal or by calling us at +1 (866) 428 4722. We will ask for your name, email address, and your relationship to us in order to begin processing your request.
Upon receipt of a request from you to exercise any applicable rights, above, we will need to reasonably verify that you are the person about whom we collected Personal Data. We may also ask you to provide additional detail or clarify your request to allow us to properly understand, evaluate and respond to your request. In order to verify your request, we will ask for additional information (“Verifiable Information”) to compare against the information we hold about you, or if you have an account with us, by asking you to log in to that account. Types of Verifiable Information we may ask for depend on the context of your relationship with CBRE, but may include:
- Name of a CBRE employee with whom you interacted;
- The name of your employer;
- Date or other details of your visit to a CBRE office; or
- Email address, phone number, or other contact information we may have on file for you.
We will only use Verifiable Information to verify your identity or authority to make the request.
An authorized agent can make a request under CCPA on your behalf out by completing the form in our Data Subject Rights Portal or by calling us at +1 (866) 428 4722 and providing for your name, email address, and your relationship to us, and identifying themselves as your authorized agent. Upon receipt of the request, we will ask them to provide documentary evidence that they are your legally authorized agent, and to verify your identity as noted above.