Data protection information (to Article 13, GDPR)
We want to protect our company from unauthorised access and use access control with image capture and video surveillance for this purpose. In the following, we will provide detailed information in accordance with the requirements of Article 13, GDPR.
Who is responsible for data processing?
The controller within the meaning of data protection law and the GDPR is:
Keller Group Plc (“Company”),
2 Kingdom Street,
London, W2 6BD, United Kingdom
Processing of personal data
(Purpose of processing and legal basis)
We use video surveillance to monitor unauthorised access to our yard premises and to manage access to the company yard, building and office premises in a targeted manner.
Access
For this purpose, a doorbell with a camera has been installed at administration buildings and IT server rooms, allowing visitors to be recognised and admitted. These recordings are activated by a motion detector and stored as soon as people approach the entrance area. This applies to all persons who seek access to the premises.
CCTV technology is used for access control to yards, where it is also used in a targeted manner. If security incidents occur, the Keller IT security team will investigate as necessary.
Surveillance
To monitor our premises, we use a video system that records unauthorised access during all hours. The recorded footage is reviewed and evaluated only in the event of incidents. Strict access permissions are granted to Keller employees on a need-to-know basis. Offences are reported to the relevant authorities.
The legal basis for the processing of the videos is the legitimate interest (Art. 6 (1) f, GDPR) in the protection of our company and the protection of confidential information. This applies to both access control and video surveillance.
How long is the data stored?
Access control data and video surveillance data is deleted after 30 days unless the recordings are still needed to clarify an incident. Then they are kept for as long as they are needed for this purpose.
To who will the data be passed on?
Keller IT Security has access to access control data in the event of security incidents. Data is transmitted to IT security via the cloud system of the provider; Verkada. For this purpose, we have concluded the necessary Data Processing Agreement. In addition, video surveillance recordings may be viewed by management if necessary (e.g. clarification of safety incidents).
Verkada, 406 E 3rd Avenue,
San Mateo, CA 94401,
United States of America
Your rights as a data subject
In accordance with Article 15 of the GDPR, you have the right to request information about the personal data we process about you. Your further rights as a data subject are outlined in Art. 15 – 22 of the GDPR, and you have the right to lodge a complaint with the data protection supervisory authority responsible for the GDPR in Article 77 GDPR.
Contact information
If you have any questions regarding the processing of personal data or wish to enact your rights as a data subject, please contact Keller at [email protected].