CCTV Privacy Policy
Effective Date: 21/03/2025
1. Introduction
ERGO Travel Insurance Services Ltd (ERGO TIS) is committed to protecting the privacy and security of employees, visitors, and other individuals on our premises. This Privacy Policy outlines how we use Closed-Circuit Television (CCTV) systems at our Horsham and Mansfield offices, in compliance with data protection regulations, including the UK General Data Protection Regulation (UK GDPR).
2. Purpose of CCTV Use
CCTV is used to:
- Enhance the safety and security of employees, visitors, and company assets.
- Monitor and prevent unauthorised access to office premises and sensitive areas (entrances, exits, and computer/store rooms).
- Assist in investigating security incidents, theft, or misconduct.
- Ensure compliance with legal and regulatory requirements.
3. Scope of CCTV Coverage
CCTV cameras are installed only in key areas where monitoring is necessary for security purposes, specifically at:
- Building entrances and exits.
- Computer and store rooms.
No cameras are placed in areas where individuals have a higher expectation of privacy, such as restrooms or private meeting rooms.
4. Data Collection and Retention
- Data Collected: CCTV captures video footage of individuals entering, exiting, or moving within monitored areas. No audio recording is conducted.
- Data Retention: Recordings are stored securely for 30 days and are automatically and permanently deleted after this period.
5. Access to CCTV Data
- CCTV footage is accessible only by authorised IT Operations Team members through the secure Meraki Management or Vision Portals.
- HR and Compliance Managers may request access to recordings via an IT Service Desk ticket for legitimate purposes.
6. Data Protection and Security Measures
To safeguard personal data, ERGO TIS implements the following measures:
- CCTV systems are physically connected via Ethernet to a secure Meraki network, segmented in its own VLAN and protected by a firewall.
- Privacy windows are configured to exclude user workstations from camera view.
- Access to CCTV data is restricted to authorised personnel only.
- Regular system maintenance, calibration, and data integrity checks are conducted.
7. Data Minimisation
CCTV is used strictly for security purposes, focusing only on entrances, exits, and sensitive areas, ensuring minimal data collection necessary for its purpose.
8. Individuals’ Rights
Individuals have the following rights under UK GDPR:
- Right to be informed: This policy provides full transparency about CCTV usage.
- Right of access: Individuals may request access to footage via IT Service Desk.
- Right to erasure: Footage is deleted after 30 days, but early deletion may be requested in exceptional cases.
- Right to restrict processing and object: Concerns may be raised with ERGO TIS and will be addressed promptly.
- Right to complain: Individuals may lodge complaints with the Information Commissioner’s Office (ICO) if necessary.
9. Changes to This Policy
ERGO TIS reserves the right to update this policy to reflect changes in legal requirements or operational practices. Any updates will be communicated appropriately.
10. How to Lodge a Complaint
If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
For details on how to contact the ICO, please visit: How you can contact us | ICO
11. Contact Information
For questions or concerns about this policy or CCTV data processing, please contact: dataprotectionofficer@ergo-travel.co.uk
By scanning the QR code at our office entrances, you acknowledge that you have read and understood this CCTV Privacy Policy.
