Privacy Policy

1. Introduction

Savills is committed to ensuring that clients’ privacy is protected and that their personal information is used in accordance with this Privacy Policy. On this website, “Savills” means all of the UK-based emerging growth companies of Savills plc (including, but not limited to, Savills plc, Savills (UK) Limited, Savills Management Resources Limited, Prime Purchase Limited, Savills Advisory Services Limited, Savills Capital Advisors Limited and Savills Investment Management LLP and their subsidiaries) that collect and use customer information as set out in this Privacy Policy. Any reference to “client” refers to the person whose personal information is processed by Savills.

Customers’ personal information will be used by Savills in accordance with the Privacy Policy.

Savills is the administrator of clients’ personal data collected and used by Savills. Savills is committed to processing clients’ personal data confidentially and in accordance with applicable data protection laws, and clients’ personal data may be shared with others only in accordance with the provisions of this Privacy Policy.

Savills privacy policy specifies:

What is personal data
How customers’ personal information is collected
Types of personal data collected
Ways of using personal data
Legal grounds for processing personal data
Ways of sharing personal data
Period of storage of personal data
Types of personal data security
Transfer of personal data abroad
Customers’ rights related to the processing of personal data
The procedure for filing complaints and contacting Savills

In the event of any changes in the use of customer’s personal information, this Privacy Policy will be amended accordingly.

2 What is personal information?

Personal information is any information about a customer. They include, but are not limited to, information such as name, contact information, date of birth, bank account number, and other information that identifies the customer’s needs or circumstances.

Under data protection regulations, certain personal data are classified as “special” data. These include, but are not limited to, information regarding health, racial or ethnic origin, religious beliefs or political views, and sexual orientation. Specific data may be collected, stored and used in specific cases. In addition, the collection and use of conviction data is subject to additional restrictions.

All references to personal data in the Privacy Policy include personal data and, where applicable, specific categories of personal data.

3 Types of personal data collected

Whenever you make contact, Savills asks for your name and contact information (such as phone number, email address and mailing address).

In addition, when providing a service to or on behalf of a client, if required by applicable law, Savills collects data to establish the client’s identity, including at least one type of document with a photograph (for example, a passport, driver’s license or ID card) and one type of document proving residence (for example, a recent utility bill).

Savills also determines whether relatives or relatives of the client work at Savills in order to detect potential conflicts of interest and, if found, take appropriate action in accordance with statutory and regulatory obligations.

Depending on the type of service provided to or on behalf of the client, Savills may also collect the additional personal data specified below.

Buying, selling, renting

When buying, selling or offering property for rent through Savills:

Savills requests a telephone number for contact to arrange a viewing date and to forward received offers to purchase or lease the property by tenants.
When an inquiry is made about the possibility of buying a particular property, Savills responds based on the client’s contact information, and the response may, among other things, send suggestions for alternative properties that can facilitate the client’s search.
In cases where the client is not the owner of the property, Savills asks for documents confirming the authority to sell or offer the property for rent such as a power of attorney, an order appointing a legal guardian or an order of inheritance.
When a client establishes a relationship with Savills, Savills may request data necessary to determine that the client is in compliance with AML/CFT requirements.
If the client is an entity such as a company, trust or charity, Savills may be required to obtain personal information about the entity’s beneficiaries and those who control it. This may include identity and address documents. Savills may also be required to obtain information about other persons who hold title to the property and who are not Savills clients.
Savills also asks for bank account information to enable payment of the rent due.
When working with third parties such as law firms, real estate developers, agents involved in a transaction, Savills may be required to release these documents due to legitimate legal interest.
If a client is interested in purchasing a property offered by Savills, Savills collects personal data on the client’s specific requirements to find a property suitable for the client’s needs. Savills also collects the personal data necessary to acquire a property on behalf of a client and, if necessary, negotiates its purchase on behalf of the client.

If a client is interested in renting a property offered by Savills:

When an inquiry is made about the possibility of renting a particular property, Savills responds based on the client’s contact information, and the response may, among other things, send suggestions for alternative properties that can facilitate the client’s search.
Detailed customer requirements to find a property that meets their needs.
Account data at a bank, housing association or other account to enable management of the approved deposit account on behalf of the client and to arrange payment of the rent due.
In case the client is a tenant under the Right to Rent program, Savills collects the data contained in the biometric residency card, immigration status document or birth certificate in order to carry out the necessary verifications under the above program.
Savills may also be required to obtain identification documents from the client in order to prevent and detect crime, forgery or money laundering.

Property management

In connection with the outsourcing of property management to Savills on behalf of a client, Savills asks for additional data to enable the client to be contacted in emergency situations outside business hours or to urgently inform the client of the occurrence of a specific event.
When providing real estate portfolio management services to a client, Savills transfers personal data to third-party financing institutions to the extent necessary to enable Savills to perform its obligations to the client and to provide appropriate management and advisory services in connection with real estate investments.
If the client is a tenant of a building managed by Savills, Savills may be required to provide the property owner with the client’s personal information, albeit only after taking into account the client’s rights.
If a CCTV system is in operation in the building, Savills can record the customer’s image, which will form part of the customer’s personal data.

Investment transactions

When a client enters into a relationship with Savills Investment Management LLP or its subsidiary for investment purposes, Savills collects data necessary to identify the client as an entity that meets AML/CFT requirements. If the investor is an entity such as a company, trust or charity, Savills may be required to collect personal information about the controlling person and beneficiaries of that entity.

Other

If you agree to receive reports, news or other market information, in addition to the above data, Savills collects data on your industry and the type of content you would like to receive

4 Ways of using personal data

Legal grounds for data processing

In accordance with data protection laws, Savills is authorized to use customers’ personal data if there is a legal basis for doing so, which includes, but is not limited to:

employment objectives;
The need to access the information in order to perform the contract concluded with the customer;
The need to perform a legal obligation;
the need to process data in order to perform activities that are in the legitimate interest of Savills (or a third party), provided that the interests and fundamental rights of the client do not override the interests of Savills (or a third party), including but not limited to the need to:
- processing data to promote Savills’ business, brands and products, and to determine the reach and effectiveness of its campaigns. This includes, but is not limited to, sending marketing information to the client – once Savills has been contracted to provide certain services or has performed such services – which may be similar and of interest to the client, or if the client has expressed an interest in receiving such information. The client has the right to opt out of receiving such information at any time;
- processing data to enhance knowledge of the real estate market. This includes, among other things, conducting analysis and market research to better understand trends and provide customers with more detailed knowledge and services better suited to individual needs in the future;
- data processing for the efficient and effective administrative and technical operation of Savills’ business. This includes, but is not limited to: verifying the accuracy of customer data and obtaining more detailed information about the customer; processing data for administrative efficiency purposes, such as in connection with the outsourcing of certain administrative functions to third parties specializing in such services; processing data for network and data security purposes, i.e., taking steps to protect customer data from loss, damage, theft or unauthorized access, or to fulfill a customer’s request related to the exercise of any of the following rights.

Legal grounds applicable in exceptional cases:

The need to protect the interests of the customer (or third parties) or
the need to use the data in the public interest or for official purposes.

Savills may process special categories of personal data in the following exceptional cases:

with the express consent of the client, in which case Savills shall explain the purpose of using such data at the time of obtaining the client’s consent.

The following details how personal information is used for the purposes of providing the services ordered.

Buying, selling, renting

Savills uses personal data to perform obligations in the rental or sale of real estate or, if the client is a buyer or tenant, to prepare viewings, obtain feedback and prepare a sales or rental agreement.
Savills uses personal data to conduct due diligence in accordance with other legal or regulatory obligations.
Savills transfers the client’s personal data to the client’s lawyers and to lawyers and agents acting for the other party to the transaction to the extent necessary to enable the sale or purchase transaction. Savills may also transfer the client’s personal data to other agents involved in the transaction or to developers, as the case may be.
Savills transfers client’s personal data to third-party tenant screening agencies for purposes related to the prevention and detection of crime, forgery or money laundering, as well as to verify the client’s ability to enter into a lease agreement.

Zarządzanie nieruchomościami

In the case of property management on behalf of a client, Savills may be required to transfer the client’s personal data to third-party contractors hired to perform maintenance work at the client’s facilities.
Savills may also transfer client personal data to SPF Private Clients Limited.
Savills uses closed-circuit television systems at properties due to legitimate legal interests to protect properties and ensure the safety of guests, tenants and customers, as well as to prevent and detect crimes.

Investment transactions

In the case of the provision of real estate portfolio management services to a client, Savills transfers personal data to third-party financing institutions to the extent necessary to enable Savills to perform its obligations to the client related to obtaining financing and providing relevant management and advisory services in connection with real estate investments.
When using Savills Investment Management services, Savills collects and stores personal data for the purpose of maintaining an investment register in order to comply with the requirements of the Financial Conduct Authority (UK financial regulator). A third-party administrator, Langham Hall UK LLP, is responsible for maintaining the records.

Funding

Savills may provide your personal information to SPF Private Clients Limited, an independent company with Savills’ “preferred service provider” status, on a referral basis in connection with obtaining financing to enable the acquisition of real estate or the provision of the following services:

when buying a property under the UK government’s “Help to Buy” program, Savills discloses data that must be shared with those running the program in order to verify eligibility and enable the client to participate in and benefit from the program;
when using mortgage brokerage services, Savills discloses personal data that must be submitted to financing institutions (and, if the client applies for a large mortgage, to private banks) in order to fulfill its obligations related to obtaining financing options for the client;
when a client purchases a property or seeks an insurance product, Savills sends information to a selected group of insurance companies in order to obtain suitable insurance product offers that meet the client’s requirements.

Other examples of the use of personal data

If Savills disposes of part of the business or merges it with another organization, then client data may be disclosed to Savills’ advisors and potential acquirers or joint venture partners and their advisors. In such a case, the new owners of the business will only be entitled to use the client’s data in the same or similar manner as set forth in this Privacy Policy.
Savills shares personal data with regulators, governmental or quasi-governmental organizations, law enforcement agencies, and courts, tribunals and arbitration bodies to the extent necessary to fulfill regulatory and legal obligations.
Use of third-party service providers who process personal data on behalf of Savills to provide services to Savills. This includes, but is not limited to, providers of IT systems and services, as well as third-party verification or credential checking agencies for the purpose of crime prevention and detection.
Savills may transfer the client’s personal data to any employee of the Savills Group to the extent necessary to enable Savills to perform its obligations to the client.
Savills stores personal information in its customer relationship management systems and uses it to provide clients with marketing information about other services offered by Savills, similar to those previously requested, that the client may find useful. The client has the right to opt out of receiving such information at any time.

Consequences of failure to provide data requested by Savills

The transfer of certain personal data is necessary in order to provide the services contracted to Savills. For example:

in the case of a property sale on behalf of a client, contact information is needed to provide the client with up-to-date information about property inspections, offers and the progress of the sale; and
in the case of an order to find a property that meets certain requirements, more detailed information about the client is needed to find a suitable property.

In addition, some information is necessary to perform Savills’ legal obligations. For example, Savills may ask a client to submit identity documents in order to comply with anti-counterfeiting and anti-money laundering obligations.

Failure to provide data for the above purposes will prevent Savills from performing the contract concluded with the customer and may prevent Savills from providing services or from continuing to provide certain services to the customer. The client will be informed at the time of collecting data from the client.

5 Types of personal data security

Savills attaches great importance to data security and has implemented solutions designed to prevent unauthorized access to personal data, including but not limited to:

customer files are stored in secure customer relationship management systems. The above systems are accessed only by individuals at Savills who need to see customer information for legitimate business purposes;
Paper documents are stored in locked cabinets.

All data is stored in data centers that have systems and safeguards in place to protect against both unauthorized access to personal data and other external factors that could damage it. Strict access requirements are in place, which are limited to those who absolutely need it.

Only Savills employees and other Savills Group employees have access to personal data to the extent necessary. Training is provided for Savills employees requiring access to personal data.

6 Period of storage of personal data

The storage period for personal data depends on the type of services ordered by the customer. The period may be longer than the period of service provision in case of a statutory or regulatory obligation to keep personal data for a longer period of time, or if it is necessary to keep it due to a claim.

7. transfer of personal data abroad

Savills may transfer, store or process customers’ personal data outside the UK and the European Economic Area(EEA). Where personal data is transferred to countries that do not provide the same level of protection for personal data as the laws of the UK, Savills is committed to implementing appropriate safeguards.

One of the following safeguards will be implemented:

Transferring data to a non-EEA country with privacy laws that offer the same protection as in the EEA. For more information, visit the European Commission’s website: (European Commission Justice)
Entering into an agreement with the recipient of the data obliging it to provide protection in accordance with EEA standards. For more information, visit the European Commission’s website: (European Commission Justice)
Transfers of data to organizations under the Privacy Shield agreement, which sets privacy standards for data transfers between the US and EU countries. According to its provisions, these standards should be similar to those applied within the EEA. For more information on data protection, visit the European Commission’s website: (European Commission Justice)

8. customer rights related to the processing of personal data

The customer has a number of rights in connection with his/her personal data, including but not limited to the right to:

receive information on how personal data is used;
To gain access to personal data held by Savills;
request the correction of personal data that, in the customer’s opinion, is incorrect, incomplete or inaccurate;
request deletion of personal data under the following circumstances:
- if Savills processes personal data for longer than necessary to fulfill the purpose for which it was originally collected;
- if Savills cites consent as the legal basis for data processing, which the client has withdrawn;
- if Savills cites legitimate interests as the legal basis for processing the data and the client objects to the processing and there are no compelling and overriding grounds entitling Savills to continue processing the data;
- if personal data is processed unlawfully (i.e., in violation of requirements under data protection laws);
- if the deletion of personal data is necessary to comply with a legal obligation;
- To request a restriction of data processing where, in the customer’s opinion:
  - personal information is incorrect;
  - Personal data is processed by Savills unlawfully;
  - Savills no longer needs the personal data, but the client obliges Savills to store it to enable the client to establish, assert or defend against claims;
  - The client has objected to Savills’ use of his or her personal data;
- request a copy of the personal data provided to Savills in a commonly used electronic format. This right applies to personal data provided to Savills that is necessary for the performance of the contract concluded with the client, as well as personal data for the processing of which Savills invokes the client’s consent;
- object to Savills’ processing of personal data where Savills claims a legitimate interest or the performance of an activity in the public interest in order to comply with the lawfulness of the processing. If an objection is raised, Savills will make an assessment to determine whether Savills has an overriding and legitimate basis entitling it to continue processing the client’s personal data; and
- not to be subject to fully automated decisions that produce legal consequences or could have a similar significant impact on the customer.

If you wish to exercise any of the above rights, please send an email to: kontakt.rodo@savills.pl

Savills retains information about a customer’s request to exercise his or her rights and the response to such request in order to demonstrate Savills’ compliance with its data protection obligations, and to handle any inquiries, complaints or claims related to such request. This information is stored in accordance with the principles set forth in Section 6 above.

9 Complaints and contact information

Complaints

Any complaints regarding the use of personal data should be sent to kontakt.rodo@savills.pl. If a complaint is not upheld, the customer has the right to file a complaint with the data protection authority in the customer’s country (in the UK: Information Commissioner, or Data Protection Ombudsman, in Poland: President of the Office for Personal Data Protection). Additional information on how to contact your local data protection authority can be obtained by sending an email to: kontakt.rodo@savills.pl

Contact information

Please send any questions, comments or requests regarding any aspect of this Privacy Policy by email to: kontakt.rodo@savills.pl or in writing to the address: Savills Sp. z o.o., Al. Jana Pawła II 22, 00-133 Warsaw

10. use of cookies by Savills at https://officemarket.pl

What is a cookie?

Cookies (also known as “cookies”) are small text files that are computer data that are stored on a user’s computer when they visit certain pages and allow a website to recognize the user’s computer. Cookies make it easier for users to navigate websites and allow them to use certain features, as well as provide information to website owners.

What cookies does Savills use?

When you browse the Savills website, cookies that are necessary for its operation are used automatically. Savills uses cookies that are not essential if you give your consent by checking the “Allow all cookies” option.

For what purpose are cookies used by Savills?

This website may use the cookies listed below. The table below describes how cookies work and the purpose of using cookies. By clicking on the “+” symbol, the list will expand presenting detailed information about each cookie. In the event that further information regarding a cookie can be found on an external site, when you expand the tab, a link to that site is provided under “More Information”.

Required:

Cookie	Duration	Description
calc_sid	session	Proper functioning of the AI calculator
_GRECAPTCHA	6 months	Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.
rc::a	Never Expires	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
rc::f	Never Expires	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user’s browser can display emojis properly.
rc::b	session	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
rc::c	session	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookieyes-consent	1 year	CookieYes sets this cookie to remember users’ consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors.
PHPSESSID	session	This cookie is native to PHP applications. The cookie stores and identifies a user’s unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed.

Functional:

Cookie	Duration	Description
wp-wpml_current_language	session	WordPress multilingual plugin sets this cookie to store the current language/language settings.

Analitics:

Cookie	Duration	Description
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.

How do I disable or restrict cookies?

The use of cookies by Savills is necessary for the operation of the site available at https://officemarket.pl. In accordance with the applicable provisions of the Act of July 16, 2004. Telecommunications Law (Journal of Laws No. 171, item 1800, as amended) you may delete or block all cookies used on this site, but be aware that restricting or deleting them may affect its functionality and operation.

Your browser may allow you to restrict or delete cookies set by this site. Your browser’s help function should tell you how to do this. You can also visit www.allaboutcookies.org or www.wszystkoociasteczkach.pl, which provide general information about cookies and how to manage cookies on your computer.

To opt out of tracking by Google Analytics across all sites, visit http://tools.google.com/dlpage/gaoptout.

11. privacy policy changes

Savills shall be entitled to amend the Privacy Policy, including in particular in the event that:

there will be a need to adjust the content of the Privacy Policy to applicable laws or a need to make editorial changes to the Privacy Policy,
update of the administrator data indicated in the Privacy Policy will be required,
changes, modifications or characteristics of the party will occur, and
other cases permitted by law will occur.

The Privacy Policy will be amended by publishing the new Privacy Policy on the Savills website.

Savills will notify users of the relevant changes and their effective date, in particular by posting a notice on the website, no later than 7 days prior to the implementation of the changes, by posting the new content of the Privacy Policy on the website.

Your continued use of the site after the Privacy Policy has changed will mean that you agree to the new content of the Privacy Policy.