Connected Places Catapult is the trading name of Connected Places Catapult Limited. We focus on growing businesses with innovations in mobility services and the built environment that enables new levels of physical, digital, and social connectedness. Our company registration number is 11837978 and our registered office is 170 Midsummer Boulevard, Milton Keynes, United Kingdom, MK9 1BP. Connected Places Catapult is registered with the Information Commissioner Office, registration number ZA773397.
When we refer to ‘we’, ‘us’ and ‘our’, means Connected Places Catapult.
We may collect any of the following information, depending on how you interact with us as a service user:
Your personal information collected will be used to allow us to support innovative projects, create new commercial opportunities and improve productivity, socio-economic and environmental benefits for places.
Your IP address will be used to allow Connected Places Catapult to set appropriate access permissions on its website.
Our IP and footfall sensors will track movement within Connected Places Catapult London office as part of a ‘testbed’ project currently being run for SME’s to deploy their technology as a showcase and experimental environment. The data from this project will be used for analytical purposes only.
CCTV recording is un use at all Connected Places Catapult locations, this is used to ensure the security of property and premises and for the preventing and investigating crime purposes only. Area monitored by CCTV are sign-posted. Where necessary or required, this information is shared with you, police forces, security organisations and persons making an enquiry.
In many cases we pseudonymise or anonymise your information before we share it with others, or where we no longer require the information in identifiable form.
Anonymisation is the process of turning data into a form which does not identify individuals and where identification is not likely to take place.
Pseudonymisation is the process of information in such a way that it can no longer be attributed to you without the use of additional information and where that additional information is kept separately. This allows for a much wider use of the information for statistical or other purposes.
Directly from you, this information can be collected when:
When participating in projects, we may collect information about you from other providers.
We use your information for a number of purposes. Whenever we use your information, we must have a legal justification under data protection law for its use. The legal justification will depend on the purpose for which we intend using your information.
Our legal justification for processing your personal information generally falls into the categories below:
It is important that you understand that we may share your information with others. We may share your personal information within our group of companies and with third parties.
We may share your personal information within the Connected Places Catapult group of companies.
We retain information in accordance with our legal obligations and national best practice. We ensure compliance through regular auditing and ensure information is securely disposed of when it has reached the end of its retention period. We implement data retention periods for different categories of personal data and/or different processing purposes, including where appropriate, archiving periods. We will only keep your personal information for as long as reasonably necessary to support our legitimate business interests and to comply with our legal and regulatory requirements.
A copy of Connected Places Catapult Records Management Policy can be provided upon request.
Connected Places Catapult supports innovative projects globally. We (or third parties acting on our behalf) may store or process information that we collect about you in countries outside the UK. Information may be transferred, processed and stored outside the country where your information is collected, including countries where the level of data protection may net be deemed adequate by local legal or regulatory authority in the country of origin of the data. Where we make a transfer of your personal information outside of the UK, we will take the required steps to ensure that your personal information is protected.
Generally: e.g. if your permanent address is outside the UK, or the project is outside of the UK, we may send details to individuals specifically to promote your involvement within the project.
The safeguards in place to ensure that the data is securely protected are:
In other circumstances, the law may permit us to otherwise transfer your personal information outside the EEA. In all cases, however, any transfer of your personal information will be compliant with applicable data protection law.
We will not usually charge for handling a request to exercise your rights. If we cannot comply with your request to exercise your rights, we will usually tell you why.
If you make a large number of requests or it is clear that it is not reasonable for us to comply with a request, then we do not have to respond. Alternatively, we can charge for responding.
Under data protection legislation you have the right to:
Making a complaint will not affect any other legal rights or remedies that you have.
We have implemented appropriate technical and organisational security to protect your personal information, this includes:
Please contact us if you require further information about how we secure your data.
If you have any queries or would like to exercise your rights or to establish whether any rights apply to you, please speak to the Risk & Compliance Manager (firstname.lastname@example.org).
You can also contact our Data Protection Manager:
Telephone: +44 (0)1908 359 999