This policy tells you how we use CCTV.
This website https://mcleanlegal.co.uk/ is a site operated by McLean Legal Limited (“We”). We are registered in England and Wales under company number 13467485 and have our registered office at C/O Clear Accountancy Services Limited, E-Innovation Centre, Priorslee, Telford TF2 9FT. We hold meetings at Suite 2, Partnership House, 83 High Street, Kinver, Staffordshire DY7 6HD (“the Property”), but no correspondence is accepted at this address. All written correspondence should be sent to our registered office (or if pertaining to a legal matter in which John McLean is acting as an appointed solicitor, to Nexa Law Limited – see further information in our Terms and Conditions of Use). Our VAT number is 384075971.
McLean Legal Limited does not provide any services direct to the public or trade.
We are a limited company. John McLean is the sole director of the company. John McLean Solicitor, John McLean Consultant Solicitor and John McLean Commercial Property Solicitor are all trading names of McLean Legal Limited.
John McLean is not a sole practitioner or a freelance solicitor. John McLean is a Consultant Solicitor with Nexa Law Limited – see our Terms and Conditions of Use for further details.
The Property – 83 High Street, Kinver, Staffordshire DY7 6HD
The Property is owned and operated by McLean Legal Limited. It is not a branch office of Nexa Law Limited, and is solely owned and operated by us as a workspace for John McLean Consultant Solicitor and to facilitate a convenient meeting space for meetings with clients and other visitors. See our Terms and Conditions of Use for further information about our relationship with Nexa Law Limited.
1.1 We use CCTV cameras to view and record individuals on and around the Property in order to maintain a safe environment for staff and visitors. However, we recognise that the images of individuals recorded by CCTV cameras are personal data which must be processed in accordance with data protection legislation. As a controller, we have registered our use of CCTV with the Information Commissioner’s Office (ICO) and seek to comply with its best practice suggestions.
(c) assist staff in complying with their own legal obligations when working with personal data. In certain circumstances, misuse of information generated by CCTV or other surveillance systems could constitute a criminal offence; and
2.1 This policy applies to all employees, officers, consultants, self-employed contractors, casual workers, agency workers, volunteers and interns. It also applies to anyone visiting our premises or using our vehicles.
Full name of legal entity: McLean Legal Limited
Email address: email@example.com
Postal address: McLean Legal Limited, C/O Clear Accountancy Services Limited, E-Innovation Centre, Priorslee, Telford, Shropshire TF2 9FT
Telephone number: 01384 872069
Controllers: are the people who, or organisations which, determine the manner in which any personal data is processed. They are responsible for establishing practices and policies to ensure compliance with the law. We are the controller of all personal data used in our business for our own commercial purposes.
Data: is information which is stored electronically, or in certain paper-based filing systems. In respect of CCTV, this generally means video images. It may also include static pictures such as printed screen shots.
Data users: are those of our employees whose work involves processing personal data. This will include those whose duties are to operate CCTV cameras and other surveillance systems to record, monitor, store, retrieve and delete images. Data users must protect the data they handle in accordance with this policy and our Data Protection Policy.
Processing: is any activity which involves the use of data. It includes obtaining, recording or holding data, or carrying out any operation on the data including organising, amending, retrieving, using, disclosing or destroying it. Processing also includes transferring personal data to third parties.
Processors: are any person or organisation that is not a data user (or other employee of a controller) that processes data on our behalf and in accordance with our instructions (for example, a supplier which handles data on our behalf).
Surveillance systems: means any devices or systems designed to monitor or record images of individuals or information relating to individuals. The term includes CCTV systems as well as any technology that may be introduced in the future such as automatic number plate recognition (ANPR), body worn cameras, unmanned aerial systems and any other systems that capture information of identifiable individuals or information relating to identifiable individuals.
(g) to allow us to identify the arrival of visitors to the entrance to the building.
This list is not exhaustive and other purposes may be or become relevant.
6.2 CCTV monitors the interior of our premises 24 hours a day and this data is continuously recorded on the detection of motion outside of office hours. CCTV is disabled during officer hours to maintain the privacy and confidentiality of client meetings, although may be enabled for the purposes of crime prevention and to maintain the personal safety of staff, visitors and other members of the public.
6.3 Camera locations are chosen to minimise viewing of spaces not relevant to the legitimate purpose of the monitoring. As far as practically possible, CCTV cameras will not focus on private homes, gardens or other areas of private property.
7.1 Where CCTV cameras are placed in the workplace, we will ensure that signs are displayed at the entrance of the surveillance zone to alert individuals that their image may be recorded. The signs will contain details of the organisation operating the system, the purpose for using the surveillance system and who to contact for further information, where these things are not obvious to those being monitored.
7.3 We will ensure that live feeds from cameras and recorded images are only viewed by approved members of staff whose role requires them to have access to such data. This may include HR staff involved with disciplinary or grievance matters. Recorded images will only be viewed in designated, secure offices.
8.1 In order to ensure that the rights of individuals recorded by the CCTV system are protected, we will ensure that data gathered from CCTV cameras is stored in a way that maintains its integrity and security. This may include encrypting the data, where it is possible to do so.
8.2 Given the large amount of data generated by surveillance systems, we may store video footage using a cloud computing system. We will take all reasonable steps to ensure that any cloud service provider maintains the security of our information, in accordance with industry standards.
9.1 Data recorded by the CCTV system will be stored digitally using a cloud computing system. Data from CCTV cameras will not be retained indefinitely but will be permanently deleted once there is no reason to retain the recorded information. Exactly how long images will be retained for will vary according to the purpose for which they are being recorded. For example, where images are being recorded for crime prevention purposes, data will be kept long enough only for incidents to come to light. In all other cases, recorded images will be kept for no longer than 90 days. We will maintain a comprehensive log of when data is deleted.
9.2 At the end of their useful life, all images stored in whatever format will be erased permanently and securely. Any physical matter such as tapes or discs will be disposed of as confidential waste. Any still photographs and hard copy prints will be disposed of as confidential waste.
10.1 Prior to introducing any new surveillance system, including placing a new CCTV camera in any workplace location, we will carefully consider if they are appropriate by carrying out a data protection impact assessment (DPIA).
10.2 A DPIA is intended to assist us in deciding whether new surveillance cameras are necessary and proportionate in the circumstances and whether they should be used at all or whether any limitations should be placed on their use.
10.3 Any DPIA will consider the nature of the problem that we are seeking to address at that time and whether the surveillance camera is likely to be an effective solution, or whether a better solution exists. In particular, we will consider the effect a surveillance camera will have on individuals and therefore whether its use is a proportionate response to the problem identified.
10.4 No surveillance cameras will be placed in areas where there is an expectation of privacy (for example, in changing rooms) unless, in very exceptional circumstances, it is judged by us to be necessary to deal with very serious concerns.
11.1 We will never engage in covert monitoring or surveillance (that is, where individuals are unaware that the monitoring or surveillance is taking place) unless, in highly exceptional circumstances, there are reasonable grounds to suspect that criminal activity or extremely serious malpractice is taking place and, after suitable consideration, we reasonably believe there is no less intrusive way to tackle the issue.
11.2 In the unlikely event that covert monitoring is considered to be justified, it will only be carried out with the express authorisation of the Chief Executive Officer (“CEO”). The decision to carry out covert monitoring will be fully documented and will set out how the decision to use covert means was reached and by whom. The risk of intrusion on innocent workers will always be a primary consideration in reaching any such decision.
11.4 Covert monitoring will only be carried out for a limited and reasonable period of time consistent with the objectives of making the recording and will only relate to the specific suspected illegal or unauthorised activity.
12.1 No images from our CCTV cameras will be disclosed to any third party, without express permission being given by the CEO. Data will not normally be released unless satisfactory evidence that it is required for legal proceedings or under a court order has been produced.
13.1 Data subjects may make a request for disclosure of their personal information and this may include CCTV images (data subject access request). A data subject access request is subject to the statutory conditions from time to time in place and should be made in writing.
13.2 In order for us to locate relevant footage, any requests for copies of recorded CCTV images must include the date and time of the recording, the location where the footage was captured and, if necessary, information identifying the individual.