We strive to ensure that we are fair and transparent about how we use the personal data we collect. We also observe applicable laws that regulate the privacy of personal data, including (but not limited to) the European Union (EU) or United Kingdom (UK) General Data Protection Regulation ('GDPR') and other relevant national, federal, state or local laws (together 'Data Privacy Law').
2. The personal data that we collect about you
We will collect personal data or other information about you that you provide to us when you contact us directly or interact with us through this Site.
When you contact us, the personal data we collect may include your name, contact details and other relevant information about you, your requirements or what services you may be interested in.
You may also provide us with personal data about members of staff, contractors, family or individuals who are relevant to a project. You should ensure that you only provide this information with the knowledge of those other individuals and (if needed) their consent.
We will collect personal data about you when you communicate with us. For example, if you make an inquiry, want to discuss our services, engage us on a project or have an issue. We may also ask you for information when you report a problem with our Site or services.
We will collect information about you if you apply for a job with us and send us your resume or other information about you, your previous work or any references.
3. How we use your personal data
Personal data about you will be used for the following purposes (subject to applicable Data Privacy Law requirements):
- Responding to and dealing with your inquiries;
- Providing services to you (including any pre-contract or after-sales services);
- Processing your requests and fulfilling our contract engagement;
- Client management (including initial client due diligence, where necessary)
- Project management and contract administration;
- Invoicing, billing and administering our accounts;
- Dealing with any service issues or disputes;
- Providing further information about similar services you may be interested in;
- Reviewing and handling employment applications;
- If you take part in customer surveys or sign-up to receive marketing material or updates about PC&P (e.g. newsletters and information about events or services);
- For the purposes described in Cookies section below; or
- Other purposes from time to time that we may tell you about and (if needed) you consent to.
4. Disclosure of your data
We may disclose your personal data:
To PC&P's other offices and to other professionals or contractors (as notified to you from time to time) where needed in order to provide our services or deal with an inquiry or request you make;
- To service providers, who handle data on our behalf in accordance with our instructions under contract. These include IT/data hosting providers or agencies we use to assist us with client due diligence checks;
- To third-party organizations for contract fulfilment purposes (e.g. couriers or payment processors);
- When handling a job application, to former employers or other parties you have told us may be able to provide a reference;
- If we are under a duty to do so to comply with a legal obligation (e.g. to law enforcement agencies or a regulatory authority);
- If our business or substantially all of our assets are acquired by a third party, in which case personal data held by us may be one of the transferred assets; or
- Where necessary for us to establish, defend or enforce our legal rights or to protect the rights, property or safety of others (including without limitation disclosure to professional advisers, insurers, courts, the police, regulators or professional bodies).
5. Third party content on our Site
We may also collect certain information about your visit to our Site by using 'cookies' or similar tracking technology ('cookies'). Cookies are small text files used by many websites that are sent to the computer or device you use when accessing the site. For more information about how cookies work, you can go to the following website: https://www.allaboutcookies.org.
The data we collect through cookies and other tracking technology on this Site may include your geographic location, IP address, device information and browser type, from where you have come to the Site, length of visit and number of page views.
We use this cookie collected information to optimize the performance of this Site, remember the device you used for your visit, analyse who is using our Site and for Site administration or security purposes. Individual users will not be personally identifiable from any data that we gather using cookies. You can change the settings on your web browser (e.g. Microsoft IE or Edge, Apple Safari or Google Chrome) to block or allow cookies; block ‘third-party’ cookies (i.e. cookies set by other online services); clear cookies when you close your browser; open a ‘private browsing’ session to browse the web without recording your history or storing cookies or install add-ons and plugins that extend browser functionality.
The type of cookies we use on this Site are as follows:
Cookie: Google Analytics
Name: _ga, _gali, _gat, _gid
Purpose: These cookies are used to collect information about how visitors use our Site.
We use the information to compile reports and to help us improve the Site. These cookies collect information in an anonymous form, including the number of visitors to the Site, where visitors have come to the Site from and the pages that they visit.
You can opt-out of Google Analytics and its advertising features using the following opt-out browser add on - see: tools.google.com/dlpage/gaoptout.
For more information about Google Analytics and privacy, see support.google.com/analytics/answer/6004245
7. Security of your data
We employ appropriate technological and operational security measures to protect the personal data that we collect and hold against unauthorized access, unlawful processing or accidental loss, destruction or damage.
Data transmission over the internet is inherently insecure, and although we use appropriate technological and organizational security measures to protect your personal data from unauthorized access by others, we cannot fully guarantee the total security of any data sent over the internet or by public communications services.
8. International data transfers
PC&P is an international business. The personal data that we collect from you may be transferred between and stored in countries where we have offices or in regions where you or other individuals who we deal with have requested services including the European Union (EU)/European Economic Area (EEA), United Kingdom (UK), United States, United Arab Emirates, China, Japan and elsewhere.
The international nature of our business means that contact details of clients and other individuals who we deal with may be shared between our global offices so PC&P can deal with inquiries, provide services, respond to inquiries, send marketing information and administer our business internationally in an efficient and effective manner. In addition, our back-office service providers who process data on our behalf may use IT equipment located in the United States and other countries outside of the UK/EU/EEA.
If you are located in the UK/EU/EEA, in order to safeguard your personal data, we will only permit a transfer of your personal data from the UK/EU/EEA to a third country that is not officially approved under the GDPR where such transfer is exempt or we have appropriate mechanisms in place as authorized under the GDPR to protect the privacy of that data.
9. How long do we keep personal data?
How long we keep your personal data depends on the purpose for which it was collected in the first place. We adopt data retention policies that set out the different periods we hold personal data for in accordance with Data Privacy Law. The criteria we use for determining relevant data retention periods are based on:
- whether we need to keep data to comply with contractual obligations, deal with any potential claims or to enforce our rights;
- legislative requirements (for example, duties to hold financial or tax records);
- where we have identified a continued legitimate need to hold personal data to serve a particular purpose; and/or
- relevant guidance issued by regulatory authorities.
Personal data that we no longer need to hold is securely disposed of and/or anonymised, so you can no longer be identified from it.
10. If you are based in the UK/EU/EEA - legal basis for processing your personal data
We process personal data relying on one or more of the following lawful grounds:
- where we agree to provide a service to you, in order to take any pre-contract steps at your request and/or to perform our contract obligations;
- where we need to use your personal data for the legitimate interest of being able to provide architectural services and promote or administer our business (provided that we will do so in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right of privacy);
- where you have freely provided your consent to us using your personal data for particular purposes, such as receiving electronic direct marketing;
- where we need to protect your vital interests or those of someone else (such as in a medical emergency); and/or
- we need to collect or hold your personal data to comply with a legal obligation.
We do not usually collect any sensitive personal data (or special category data) about you such as data relating to health, ethnic origin or religious/philosophical/political beliefs but, if we do, we will only do so with your explicit consent or where we have legal grounds under Data Privacy Law.
11. If you are based in the UK/EU/EEA - your legal rights
If you are an individual located in the UK/EU/EEA, you have certain legal rights in relation to your personal data under the GDPR. These are:
- to request information about the personal data that we hold about you as well as certain other related information (called a 'data subject access request').
- to request that we correct any personal data that we hold about you which is inaccurate or incomplete;
- to object to any automated processing (if applicable) that we carry out in relation to your personal data, for example if we conduct any automated credit scoring;
- to object to us using your personal data to send you direct marketing;
- that we erase your personal data or to object to and/or to restrict the use of your personal data by us unless we have a legitimate reason for continuing to hold or use that data; or
- that we give you an electronic copy of your own personal data or transfer it to an alternative provider where such data was collected from you for an agreed purpose or to perform our contract with you.
If you are not satisfied with our response or believe that we are illegally processing your personal data, you also have the right to complain to the national data protection regulator in the UK (https://ico.org.uk/) or particular EU/EEA country where you are located (see https://edpb.europa.eu/about-edpb/board/members_en).
12. Contact or Complaints
If you would like to exercise any of the above rights or if you have any questions or concerns about how we use your personal data, you can contact us using the details below:
Elizabeth Dunham firstname.lastname@example.org
Pelli Clarke & Partners
1056 Chapel Street
New Haven, CT 06510
When you make any request, we may ask you to provide us with appropriate evidence to verify your identity before we can respond.