Effective Date: January 2019
VMware currently uses CCTV cameras to view and record individuals on and around certain VMware sites. This Policy outlines why we use CCTV, how we will use CCTV and how we will process data recorded by CCTV cameras to ensure we are compliant with data protection laws and best practice. This policy also explains how to make a subject access request in respect of personal data created by CCTV.
We recognize that information that we hold about individuals is subject to applicable data protection legislation. The images of individuals recorded by CCTV cameras in the workplace are personal data and therefore subject to such legislation.
This Policy covers all individuals:
- working for VMware and includes employees, officers, consultants, contractors, freelancers, volunteers, interns, and agency workers (collectively "Staff") and must be read in accordance with the Global Privacy Notice for Employees and Contingent Workers;
- visiting members of the public or third-party organisations and must be read in accordance with the VMWare Privacy Notice.
This Policy is only applicable to VMware sites, where we manage the surveillance systems.
We believe that CCTV and other surveillance systems have a legitimate role to play in helping to maintain a safe and secure environment for all VMware staff and visitors. However, we recognize that this may raise concerns about the effect on individuals and their privacy.
This CCTV Policy (“the Policy”) is intended to address such concerns and is intended to assist Staff in complying with their own legal obligations when working with personal data.
Failure to adhere to this Policy is considered a serious breach of VMware policy and may result in disciplinary action.
In certain circumstances, misuse of information generated by CCTV or other surveillance systems could constitute a criminal offence.
Following investigation, a breach of this policy may be regarded as misconduct leading to disciplinary action, up to and including dismissal.
4. Policy Attributes
i. Reasons for the Use of CCTV
We currently use CCTV in and in some cases around our sites as outlined below. We believe that such use is necessary for legitimate business purposes, including:
- Crime prevention and to protect buildings and assets from damage, disruption, vandalism and other crime
- For the personal safety of staff, visitors and other members of the public and to act as a deterrent against crime
- Supporting internal investigations
- To support law enforcement bodies in the prevention, detection and prosecution of crime;
- To assist in day-to-day management, including ensuring the health and safety of staff and others;
- To assist in the effective resolution of disputes which arise in the course of disciplinary or grievance proceedings;
- To assist in the defence of any civil litigation, including employment tribunal proceedings; and
- In certain circumstances, individual VMware site related requirements.
This list is not exhaustive and other purposes may be or become relevant.
- CCTV monitors the exterior of the building, certain site areas and both the main entrance and secondary exits 24 hours a day and this data is continuously recorded.
- Camera locations are chosen to minimize viewing of spaces not relevant to the legitimate purpose of the monitoring and to ensure that we take a proportionate approach to any privacy impact to our staff. As far as practically possible, CCTV cameras will not focus on private homes, gardens or other areas of private property.
- Surveillance systems will not be used to record sound.
- Surveillance systems are monitored by authorized personnel 24 hours a day, every day of the year.
- Staff using surveillance systems will be given appropriate training to ensure they understand and observe the legal requirements related to the processing of relevant data.
iii. How will we operate any CCTV
- Where CCTV cameras are placed in the workplace, we will ensure that signs are displayed at the entrance of the surveillance zone to alert individuals that their image may be recorded.
- Such signs will contain our contact details, the purpose for using the surveillance system and who to contact for further information, where these things are not obvious to those being monitored.
- Live feeds from CCTV cameras will only be monitored where this is reasonably necessary, for example to protect health and safety.
- We will ensure that live feeds from cameras and recorded images are only viewed by approved members of staff whose role requires them to have access to such data. This may include select members of staff involved with disciplinary investigations or grievance matters. Recorded images will only be viewed in designated, secure offices.
iv. Use of Data gathered by CCTV
- To ensure that the rights of individuals recorded by the CCTV system are protected, we will ensure that data gathered from CCTV cameras is stored in a way that maintains its integrity and security. This may include encrypting the data, where it is possible to do so.
- Given the large amount of data generated by surveillance systems, we store video footage using a cloud computing system. We will take all reasonable steps to ensure that any cloud service provider maintains the security of our information, in accordance with industry standards.
- We may engage data processors to process data on our behalf. We will ensure reasonable contractual safeguards are in place to protect the security and integrity of the data.
v. Retention and erasure of data gathered by CCTV
- Data recorded by the CCTV system is stored digitally using a cloud computing system. Data from CCTV cameras will not be retained indefinitely but will be permanently deleted once there is no reason to retain the recorded information. Exactly how long images will be retained for will vary according to the purpose for which they are being recorded. For example, where images are being recorded for crime prevention purposes, data will be kept long enough only for incidents to come to light.
- In all other cases, recorded images will be kept for no longer than sixty days (60) and this may vary according to local legal requirements. We will maintain a comprehensive log of when data is deleted.
- At the end of their useful life, all images stored in whatever format will be erased permanently and securely. Any physical matter such as tapes or discs will be disposed of as confidential waste. Any still photographs and hard copy prints will be disposed of as confidential waste.
vi. Use of additional surveillance systems
- Prior to introducing any new surveillance system, including placing a new CCTV camera in any workplace location, we will carefully consider local data protection laws and where appropriate carrying out a privacy impact assessment (PIA).
- A PIA is intended to assist us in deciding whether new surveillance cameras are necessary and proportionate in the circumstances and whether they should be used at all or whether any limitations should be placed on their use.
- Any PIA will consider the nature of the problem that we are seeking to address at that time and whether the surveillance camera is likely to be an effective solution, or whether a better solution exists. We will consider the effect a surveillance camera will have on individuals and therefore whether its use is a proportionate response to the problem identified.
- No surveillance cameras will be placed in areas where there is an expectation of privacy (for example, in changing rooms) unless, in very exceptional circumstances, it is judged by us to be necessary to deal with very serious concerns.
vii. Covert Monitoring
- If covert monitoring is justified, it will only be carried out with the express authorisation of an appropriate member of VMware’s Legal Department and the local HR Business Partner. The decision to carry out covert monitoring will be fully documented in accordance with local employment custom or practice.
- The risk of intrusion on innocent workers will always be a primary consideration in reaching any such decision.
- Only limited numbers of people will be involved in any covert monitoring.
- Covert monitoring will only be carried out for a limited and reasonable period consistent with the objectives of making the recording and will only relate to the specific suspected illegal or unauthorised activity.
viii. Ongoing review of CCTV use
- The Security Department will ensure that the ongoing use of existing CCTV cameras in the workplace is reviewed in the event of any change, so as to ensure that their use remains necessary and appropriate, and that any surveillance system is continuing to address the needs that justified its introduction.
ix. Requests for disclosure
- We may share data with other group companies and other associated companies or organisations, for example shared services partners where we consider that this is reasonably necessary for any of the legitimate purposes set out as mentioned in “5th point- Roles & Responsibilities”.
- No images from our CCTV cameras will be disclosed to any other third party, without express permission being given by the without express permission being given by a member of the Privacy Team in VMware’s Legal department. Data will not normally be released unless satisfactory evidence that it is required for legal proceedings or under a court order has been produced.
- In other appropriate circumstances, we may allow law enforcement agencies to view or remove CCTV footage where this is required in the detection or prosecution of crime.
- We will maintain a record of all disclosures of CCTV footage in accordance with our Records and Retention Policy.
- No images from CCTV will ever be posted online or disclosed to the media.
x. Subject access requests
- Data subjects may make a request for disclosure of their personal information if this is allowed under local data protection law and this may include CCTV images (data subject access request).
- All data subject access requests must be made to or directed to: firstname.lastname@example.org.
- A data subject access request is subject to the statutory conditions from time to time in place and should be made in writing, in accordance with our Data Subject Rights Policy and our Data Protection Notice.
- We reserve the right to obscure images of third parties when disclosing CCTV data as part of a subject.
- For us to locate relevant footage, any requests for copies of recorded CCTV images must include:
a. the date and time of the recording;
b. the location where the footage was captured; and
c. if necessary, information identifying the individual.
xi. Local laws
- VMware operates in many countries and it is VMware’s intention to comply with all applicable legal requirements. If other jurisdictions grant individuals rights in relation to their personal data, then such rights will be addressed as part of this Policy.
- If a provision of this Policy conflicts with applicable local legal requirements, VMware may adopt regional or country-specific policies on this subject to accommodate local conditions or legal requirements
- If any member of staff or of the public have any questions about this Policy or any concerns about our use of CCTV, then they should contact us at email@example.com.
5. Roles & Responsibilities
- The Security Department has overall responsibility for ensuring compliance with relevant legislation and the effective operation of this policy and includes day-to-day management responsibility for deciding what information is recorded and how it will be used.
- The Security Department will work with VMware’s Legal Department and Human Resources Department in respect to disclosure requests.
CCTV: means fixed and domed cameras designed to capture and record images of individuals and property.
Data: is information which is stored electronically, or in certain paper-based filing systems. In respect of CCTV, this generally means video images. It may also include static pictures such as printed screen shots.
Data subjects: means all living individuals about whom VMware hold personal information because of the operation of our CCTV (or other surveillance systems).
Personal data: means data relating to a living individual who can be identified from that data (or other data in our possession). This will include video images of identifiable individuals.
Data controllers: are the people who, or organisations which, determine the way any personal data is processed. They are responsible for establishing practices and policies to ensure compliance with the law. We are the data controller of all personal data used in our business.
Data processors: are any person or organisation that is not a data user (or employee of a data controller) that processes data on our behalf and in accordance with our instructions (for example, a supplier which handles data on our behalf).
Data users: are those of our employees whose work involves processing personal data. This will include those whose duties are to operate CCTV cameras and other surveillance systems to record, monitor, store, retrieve and delete images. Data users must protect the data they handle in accordance with this policy and the VMware Privacy Notice.
Processing: is any activity which involves the use of data. It includes obtaining, recording or holding data, or carrying out any operation on the data including organising, amending, retrieving, using, disclosing or destroying it. Processing also includes transferring personal data to third parties.
Surveillance systems: means any devices or systems designed to monitor or record images of individuals or information relating to individuals. The term includes CCTV systems as well as any technology that may be introduced in the future such as automatic number plate recognition (ANPR), body worn cameras, unmanned aerial systems and any other systems that capture information of identifiable individuals or information relating to identifiable individuals.
VMware: means VMware, Inc., headquartered in the U.S., and its group companies, a part of the Dell Family (as defined in our Privacy Notice) and includes references to “we”, “us” and “our”.