1. INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
In connection with your use of Tishman Speyer’s services or interactions with us, we generally collect the following personal information. The types of personal information we may collect about you include, but are not limited to, information you provide to us in connection with our Services or information collected automatically about your use of our Site. We use this information to operate our Sites, carry out our business and Services, comply with laws and for other purposes described herein.
• Information You Voluntarily Provide to Us.
We collect information you give us voluntarily when you use our Sites, Services, or interact with us on social media. For example, when you contact us you may provide your name, email address and any information in your message, whether in the form of surveys, questionnaires, phone conversations, written correspondence or otherwise.
• Information Collected Automatically Through Our Sites.
As you navigate through and interact with our Sites, we may compile statistical information concerning the usage of the Sites through analytics services, such as those provided by Google or Shopify Analytics. To do so, we may collect certain information about your equipment, browsing actions and patterns, including:
- Details of your visits to our Sites, such as traffic data, location data, logs and other communication data and the resources that you access and use on the Sites.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
- Information about the type of device you are using, mobile ad identifiers, the time and length of your visit, the website that referred you to our Sites, and the subjects of the ads you click or scroll over.
• Information Collection Based Upon Services Provided.
The information we collect may vary based upon the services we are providing to you, or you are providing to us. For example, we may collect the following information from vendors, tenants, visitors and investors:
- Vendors: Personal identifiers, such as tax identification information, government issued documents, such as licenses; geolocation data, such as location data based upon security badge usage or visitor access system usage; and beneficial ownership information, such as the names of key people and their addresses;
- Tenants: Personal Identifiers, such as date of birth, tax identification number and or social security number; financial account information; government issued documents, such as licenses; leasing information; car details for parking registration; geolocation data, such as location data based upon security badge usage or visitor access system usage; and electronic, visual or similar information, such as security cameras at the property;
- Visitors at Our Properties: Government issued documents, such as licenses; car details for parking registration; geolocation data, such as location data based upon security badge usage or visitor access system usage; and electronic, visual or similar information, such as security cameras at the property;
- Investors: Identifiers (date of birth, tax identification number/social security number); financial account information; copy of government issued identification documents; and professional and employment information.
2. COOKIES AND OTHER TRACKING TECHNOLOGIES
Types of Cookies.
First and Third Party Cookies: First party cookies are generally placed on your computer or device by the website you are visiting. For example, we may use a first party cookie to improve website security. Third party cookies are placed on your computer or device by a source other than the website you are visiting in order to enable third-party features such as advertising, analytics, videos, or interactive content.
• Essential or Strictly Necessary Cookies:
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually set in response to actions taken by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These cookies do not store any personally identifiable information.
• Performance and Functionality Cookies:
Although these are non-essential cookies, they help the website perform and function as designed. For example, performance and functionality cookies may help the website display videos, enable chat sessions, or recognize whether you visited the website before.
• Analytics Cookies:
These cookies track your usage of the website. The information these cookies collect can be used for various purposes such as understanding how visitors use the website, site and content customization, or advertising and marketing.
• Advertising Cookies:
Advertising and marketing cookies perform functions such as helping customize your website experience, personalizing ads based on your online activities and interests, measuring the effectiveness of ads, preventing an ad from reappearing, and serving you targeted advertisements. Information from these cookies may be shared with third parties or third parties may place these cookies on your computer or device. Advertising and marketing cookies may track your online activities.
Our Sites use essential, functional, and performance cookies to function and perform as designed; analytics cookies to understand how you use our Sites, improve our Sites’ functionality and other related purposes; and advertising cookies to help us with our advertising and marketing activities including showing you relevant ads when you visit our Sites or other websites. We and our third-party partners and service providers may collect and track information about your online activities over time and across different websites, applications, and devices.
Embedded Content and Social Media Widgets.
IMPORTANT: BY USING THE SITE, YOU CONSENT TO THE PROCESSING OF ANY PERSONAL INFORMATION FOR THE PURPOSES AND FUNCTIONS DESCRIBED ABOVE.
Do Not Track.
“Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests. Cookies set when you visit our Sites may track you over time and across third party websites.
3. WHY WE COLLECT YOUR INFORMATION
In general, we will use the personal information we collect only for the purpose it was collected, for compatible purposes, as permitted or required by law, as necessary to carry out our contractual duties and obligations, and as otherwise provided in this Policy. For example, we may use your personal information in the following ways:
• To Operate Our Sites.
We may use your personal information to enable use of our Sites, and to administer our Sites;
• To Provide Services.
We may use your personal information to provide you with Services. For example,
- Vendor information may be collected in connection with the usage of our internet, security badges and/or access control systems, parking registration, and to maintain safety and security.
- Tenant information may be collected in connection with usage of our internet, security badges and/or access control systems, parking registration, to maintain safety and security, and/or for waivers in connection with tenant amenities such as gym access.
- Visitors who access our properties may have their information collected in connection with usage of our internet, security badges and/or access control systems, parking registration, to maintain safety and security, and/or for waivers in connection with tenant amenities such as gym access.
- Investor information may be collected in connection with a subscription agreement, distributions, processing of interests and payments, accounting, auditing, reporting to you and the relevant government authorities, acting in compliance with anti-money laundering checks and/or sanctions checks.
• For Internal Use.
We may use your personal information for furthering our business including analyzing your information and other uses; to review, improve, and monitor our website, applications, online services, and overall client experience; to provide customization to meet specific needs; to assess trends, interests, and the demands of clients; and to carry out our obligations and enforce our rights including those arising from any contracts entered into between you and us, including for billing, payment, and collections.
• To Communicate with You
. We may use your personal information to communicate with you including sending messages about the availability of our Sites, security, or other service-related issues. (You may change your communication preferences at any time. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.) We may also send you administrative or account-related information to keep you updated about your account and our Sites. Such communications may include information about Policy updates, confirmations of your account actions or transactions, security updates or tips or other relevant transaction-related information. Site-related communications are not promotional in nature.
• To Provide Customer Support.
We may use your personal information to provide customer service and engage in quality control activities concerning our properties and services.
• To Enforce Compliance with Our Terms and Agreements or Policies.
• To Ensure the Security of the Services.
As noted above, we may process your personal information as necessary or appropriate to protect the rights, property, security, and safety of Tishman Speyer, our employees and clients, our information systems, and the public. Keeping you safe requires us to process your personal information, such as your device information, activity information and other relevant information. We use such information to combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity so that unauthorized users do not gain access to your information.
• To Maintain Legal and Regulatory Compliance.
We are subject to certain laws and regulations which may require us to process your personal information. We may also use your personal information to respond to law enforcement requests, as required by applicable law, court order, governmental regulations, and for other lawful processes or public safety purposes.
• To Engage in Marketing Activities.
We may process your contact information or information about your interactions on our Sites to send you marketing communications and keep you updated about our Sites; provide you with information about events or other materials; and deliver targeted marketing to you.
• Other Purposes.
We may use your personal information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
4. DISCLOSURE OF YOUR INFORMATION
In general, we will not disclose your personal information except with your consent and as described in this Policy. We may disclose your data for the same reasons that we may use it as described in this Policy, which includes disclosing it to our affiliates and non-affiliated third parties, as we deem necessary to carry out those purposes. We endeavor to choose affiliates and non-affiliates with similar standards to ours regarding the protection of data.
• Service Providers.
We may share your personal information with our service providers for various purposes including to manage, improve, or optimize our Sites and/or Services provided to you. These service providers may include accounting, legal, tax preparation, IT, due diligence, communications, marketing, and payment processing providers. These service providers may engage additional companies to be able to support us. Such companies do not have any independent right to use or disclose your personal information except as we request.
• To Maintain Legal and Regulatory Compliance.
We reserve the right to share any information collected through our Sites or Services with legal authorities if it is, in our sole opinion, necessary to investigate, prevent or otherwise take action regarding suspected fraud, situations involving threats or potential harm, or if otherwise required by law (such as by a subpoena, court order or other legal means).
• To Protect You, Us or Others.
We may share your personal information if we believe, in good faith, that such disclosure would protect your interests or rights or the interests or rights of others, including Tishman Speyer and its personnel; to protect the integrity of our Sites; and to protect against and investigate fraud.
• Within Our Corporate Organization.
Tishman Speyer is a part of a corporate organization that has many legal entities, business processes, management structures and technical systems. Tishman Speyer may, subject to applicable law, share your personal information within this organization in order to conduct its business and provide services to you.
• Mergers and Acquisitions.
We can share, sell, assign, or license your personal data in connection with certain business transactions, such as a sale, acquisition, merger, or change in control, or in preparation for any of these events. In such cases, we will take appropriate steps under the circumstances and to the extent possible to ensure that the recipient agrees to provide privacy protections substantially similar to those established by this Policy. Any entity that acquires all or substantially all of the Company’s assets will have the right to continue using your data consistent with this Policy or as otherwise agreed to by you.
• Other Parties, Depending Upon the Nature of Your Relationship with Us.
- Vendor: we may disclose personal information to property management, security, and parking service providers at the Property.
- Tenants: we may disclose personal information to property management, security, and parking service providers at the Property.
- Visitors to Our Properties: we may disclose personal information to property management, security, and parking service providers at the Property.
- Investors: we may disclose personal information to platform providers, escrow agents, account managers, law firms, accounting firms, transfer agents, banks or similarly situated service providers.
5. LINKS TO THIRD PARTIES’ SITES AND THIRD-PARTY INTEGRATIONS
We may provide links to websites or resources outside of our Sites for your informational purposes only. We may also provide links to third party integrations. Third party integrations are websites or platforms that synchronize with our Sites to provide you with additional functionality, tools, or services such as maps, sending you requested information, etc.
You acknowledge and agree we are not responsible for the availability of third party sites, resources, or integrations and do not endorse and are not responsible or liable for any content, advertising, goods, services or other materials on, available through, or provided by such sites, resources, or integrations. We are not responsible for the privacy or other practices of such sites and cannot guarantee the security of personal information that you provide, or that is collected by, such sites. We encourage you to review the privacy policies and terms and conditions on those linked sites.
We take precautions to protect data and information under our control from misuse, loss or alteration. Our security measures include industry-standard physical, technical and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your personal information. However, no system for safeguarding personal or other information is 100% secure and although we have taken steps to protect your personal information from being intercepted, accessed, used or disclosed by unauthorized persons, we cannot fully eliminate security risks associated with personal information.
Please recognize that protecting your personal information is also your responsibility. We ask you to be responsible for safeguarding the password, security questions and answers and other authentication information you use to access our Sites.
7. YOUR CHOICES
You have the right to access and correct your personal information that you share with us. We are committed to ensuring that your personal information is kept accurate and up to date. However, it is up to you to update it with any changes. You may contact us via the information in the “Contact Us” section below to request access to, or to correct, any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In responding to your request, we may seek information to verify your identity.
We will retain your personal information only for as long as is necessary for the purposes set out in this Policy. We will retain and use your personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, enforce our legal agreements and policies, and other legitimate business needs.
We will delete your personal information when it is no longer reasonably required for the uses described herein, or when you withdraw your consent or request erasure, to the extent that we are not legally required or otherwise permitted to continue to hold such data.
9. CHILDREN’S PRIVACY
Our Sites are not intended to attract children under 16. Accordingly, we do not knowingly solicit or collect personal information from anyone we know to be under 16 years of age. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove such information from our servers. No information should be submitted to or via our Services by users under the age of 16.
10. APPLICABLE LAW
11. INTERNATIONAL TRANSFERS
When you access or use our Sites, we may transfer your personal information to other countries where we conduct business. Such countries may be located outside of the country or jurisdiction where you are located and may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Sites.
12. CALIFORNIA PRIVACY RIGHTS
The following section 12 applies only to California residents. This section 12 supplements and amends the information contained in the Policy with respect to California residents. The other provisions of the Policy continue to apply except as modified in this California section.
California Consumer Privacy Act (CCPA).
These CCPA provisions (“CCPA Section”) describe our policies and practices regarding the collection, use, and disclosure of personal information we collect about you including information we obtain when you access or use our Sites or through other channels (e.g., visiting one of our properties, phone and email conversations, social media interactions or through our authorized services providers) in accordance with the California Consumer Privacy Act.
Any terms defined within the CCPA have the same meaning when utilized within this CCPA Section. The other provisions of the Policy continue to apply except as modified in this CCPA Section.
This CCPA Section does not apply to personal information we collect about you as a job applicant to, or an employee, owner, director, officer, or contractor of the Company. This CCPA Section also does not apply to personal information we collect about you as an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, non-profit, or government agency when your communications or transactions with the Company occur solely within the context of the Company conducting due diligence regarding, or providing or receiving a product or service to or from, such company, partnership, sole proprietorship, non-profit, or government agency.
IF YOU DO NOT CONSENT TO THE COLLECTION, USE, AND SHARING OF YOUR INFORMATION AS DESCRIBED IN THIS CCPA SECTION, PLEASE DO NOT PROVIDE US WITH SUCH INFORMATION.
Personal Information Categories We Collect.
Please refer to Section 1 of this Policy.
PI does not include:
• Publicly available information from government records.
• Deidentified or aggregated consumer information.
• Information excluded from the CCPA’s scope, such as certain health or medical information and other categories of information protected by different laws.
Purposes for Which We Collect Your Personal Information.
We collect your personal information for the business purposes described in section 3, above. The categories of third parties with whom we may share your personal information are listed in Section 4, above.
Sources of Personal Information.
We collect your personal information through the sources described in Sections 1 and 2.
Sharing or Disclosing Personal Information.
Your personal information is shared as described in Section 4 of this Policy.
CCPA Privacy Rights.
If you are a California resident, you have rights in relation to your personal information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the personal information, your account with us or the security of our network systems.
• Right Against Discrimination.
You have the right not to be discriminated against for exercising any of the rights described in this CCPA Section. For example, we generally will not provide you a different level or quality of goods or services if you exercise your rights under the CCPA.
• Right to Know.
You have the right to request the Company disclose the following to you as it relates to the 12-month period preceding the Company’s receipt of your verifiable consumer request (see below):
o The categories of PI we have collected about you.
o The categories of sources from which the PI was collected.
o The business or commercial purpose for collecting or selling PI.
o The categories of PI we disclosed or sold for a business purpose.
o The categories of third parties we disclosed or sold PI to, by the category of PI.
o The specific pieces of PI we collected about you.
• Right to Delete.
You have the right to request that the Company delete your PI from the records, subject to certain exceptions. Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will delete and direct any service providers to delete your PI from its records. The Company is not required to comply with your request to delete your PI if it is necessary for the Company (or its service provider) to maintain your PI in order to:
o Complete the transaction for which the PI was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between the us and you.
o Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity.
o Debug to identify and repair errors that impair existing intended functionality.
o Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
o Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
o Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
o To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with the us.
o Comply with a legal obligation.
o Otherwise use your PI, internally, in a lawful manner that is compatible with the context in which you provided the information.
• Right to Opt-Out of Selling. You have the right to opt-out of having your personal information sold; however, we do not sell your PI as that term is defined in the CCPA and we do not have actual knowledge that we have sold personal information of minors under age 16.
To assert your right to know or your right to delete your personal information, please contact us at ([email protected]
) or by toll-free phone at 833-430-2169.
We reserve the right to only respond to verifiable consumer requests. A verifiable consumer request is one made by:
a) the consumer who is the subject of the request,
b) a consumer on behalf of the consumer’s minor child, or
c) a natural person or person registered with the Secretary of State authorized to act on behalf of a consumer.
To verify your identity, we may ask you to verify personal information we already have on file for you. If we cannot verify your identity from the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes. Making a verifiable consumer request does not require you to create an account with us. Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond.
You may authorize a natural person, or a business registered with the California Secretary of State, to act on your behalf with respect to the right under this CA Addendum. When you submit a Request to Know or a Request to Delete, unless you have provided the authorized agent with a qualifying power of attorney, you must provide your authorized agent written permission (signed by you) to act on your behalf and verify the authorized agent’s identity with us. We reserve the right to deny requests from persons or businesses claiming to be authorized agents that do not submit sufficient proof of their authorization.
We may not be able to respond to your request or provide you with PI if we cannot verify your identity or authority to make the request and confirm the PI relates to you.
13. CONTACT US