PURESEOUL CCTV Policy
Last Updated: 26/08/2023
1. Purpose and Scope
This policy outlines the guidelines for the installation, operation, and management of Closed-Circuit Television ("CCTV") systems within PURESEOUL Retail LTD ("PURESEOUL", or "we) offline stores while adhering to the provisions of the General Data Protection Regulation ("GDPR") and other applicable data protection laws.
The purpose of this policy is to ensure the lawful use of CCTV systems while safeguarding individual privacy rights.
2. POLICY STATEMENT
PURESEOUL is committed to enhancing security and safety while respecting the rights and privacy of individuals. The use of CCTV systems is intended to be in compliance with GDPR regulations and other relevant data protection laws.
This policy applies to all visitors to our premises, including customers, contractors, and employees.
All activities related to the installation, operation, and management of CCTV systems shall be carried out in strict compliance with the provisions of the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and other relevant data protection regulations.
We have also publicly registered our use of CCTV with the Information Commissioner's Office (ICO).
4. SYSTEM INSTALLATION & MANAGEMENT
4.1 The installation, operation, and maintenance of CCTV systems shall be overseen by our Facilities management team and general compliance manager in line with GDPR principles and established guidelines.
4.2 Access to CCTV control rooms, equipment, and footage shall be limited to authorised personnel.
4.3 Appropriate physical, technical, and organisational measures shall be implemented to protect CCTV data against unauthorised access, alteration, loss, or theft.
5. PURPOSE OF USE
5.1 An overview of our current use of CCTV is briefly outlined below - we believe these applications are essential for our day-to-day business operations.
Please note that this outline is not exhaustive and there may be additional purposes that are pertinent or could become applicable in due course.
5b) To ensure on-site safety for employees, customers, visitors etc.
5c) Assist in the prevention, detection, and prosecution of crime by supporting law enforcement bodies.
6. SINAGE AND LOCATION OF CAMERAS
6.1 Camera placement shall be determined based on security needs (as laid out in section 5), with every effort to avoid intrusion into private areas where individuals have a reasonable expectation of privacy.
6.2 The presence of these placed CCTV cameras shall be clearly communicated through conspicuous signage at entrances and other relevant locations around the property.
7. Data Retention
7.1 CCTV footage shall be retained digitally using cloud-based software. The period of time data is kept for may vary.
7.2 After the retention period, footage shall be securely erased unless it is required for ongoing legal processes or investigations.
8. ACCESS AND AUTHORISATION
8.1 Access to CCTV footage shall be limited to authorised personnel who have a legitimate need, aligned with their job roles and responsibilities.
8.2 We will only release images and data if a court order has been obtained. In certain situations, law enforcement agencies may be given access to limited CCTV footage to help with the identification or prosecution of crimes.
8.3 Unauthorised viewing, copying, or sharing of CCTV footage is strictly prohibited.
9. POLICY REVIEW
9.1 This CCTV policy shall be reviewed periodically to ensure its alignment with GDPR and other relevant regulations.
9.2 Necessary updates or amendments shall be made to maintain compliance with changing legal requirements.
10. QUESTIONS AND CONCERNS
Individuals concerned about the use of CCTV systems or their right to request information about personal data can contact us via email at firstname.lastname@example.org
Alternatively, you may write to us using the below address
PURESEOUL RETAIL LTD
[Re: Privacy Compliance Officer]
C/O Taxassist Accountants Cricklewood, 119 Cricklewood Broadway, London, England, NW2 3JG.
By adhering to this policy, PURESEOUL aims to balance security imperatives with individual privacy rights, upholding the principles of GDPR and other pertinent data protection laws.