Our Policies
Table of Contents
Acceptable Use Policy
CCTV Policy
CCTV Policy Statement
- We believe that CCTV and other surveillance systems have a legitimate role to play in helping to maintain a safe and secure environment for all our staff and visitors. However, we recognise that this may raise concerns about the effect on individuals and their privacy. This policy is intended to address such concerns. Images recorded by surveillance systems are personal data which must be processed in accordance with data protection laws. We are committed to complying with our legal obligations and ensuring that the legal rights of staff, relating to their personal data, are recognised and respected.
- This policy is intended to assist staff in complying with their own legal obligations when working with personal data. In certain circumstances, misuse of information generated by CCTV or other surveillance systems could constitute a criminal offence.
Definitions
For the purposes of this policy, the following terms have the following meanings:
- CCTV: means fixed and domed cameras designed to capture and record images of individuals and property.
- Data: is information which is stored electronically, or in certain paper-based filing systems. In respect of CCTV, this generally means video images. It may also include static pictures such as printed screen shots.
- Data subjects: means all living individuals about whom we hold personal information as a result of the operation of our CCTV (or other surveillance systems).
- Personal data: means data relating to a living individual who can be identified from that data (or other data in our possession). This will include video images of identifiable individuals.
- Data controllers: are the people who, or organisations which, determine the manner in which any personal data is processed. They are responsible for establishing practices and policies to ensure compliance with the law. We are the data controller of all personal data used in our business for our own commercial purposes.
- Data users: are those of our employees whose work involves processing personal data. This will include those whose duties are to operate CCTV cameras and other surveillance systems to record, monitor, store, retrieve and delete images. Data users must protect the data they handle in accordance with this policy and our data protection policy.
- Data processors: are any person or organisation that is not a data user (or other employee of a data controller) that processes data on our behalf and in accordance with our instructions (for example, a supplier which handles data on our behalf).
- Processing: is any activity which involves the use of data. It includes obtaining, recording or holding data, or carrying out any operation on the data including organising, amending, retrieving, using, disclosing or destroying it. Processing also includes transferring personal data to third parties.
- Surveillance systems: means any devices or systems designed to monitor or record images of individuals or information relating to individuals. The term includes CCTV systems as well as automatic number plate recognition (ANPR), body worn cameras, unmanned aerial systems and any other systems that capture information of identifiable individuals or information relating to identifiable individuals.
About this policy
- We currently use CCTV cameras and other surveillance systems to view and record individuals on and around our premises. This policy outlines why we use surveillance systems, how we will use them and how we will process data recorded by CCTV cameras and other surveillance systems to ensure we are compliant with data protection law and best practice.
- We recognise that information that we hold about individuals is subject to the Data Protection Act (DPA). We are committed to complying with all our legal obligations under the DPA. The images of individuals recorded by CCTV cameras in the workplace are personal data and therefore subject to the DPA. We also seek to comply with best practice suggestions from the Information Commissioner’s Office (ICO).
- This policy covers all employees executives, directors, officers, consultants, contractors, casual workers, and agency workers and may also be relevant to visiting members of the public.
- We may amend this policy at any time without consultation. The policy will be regularly reviewed to ensure that it meets legal requirements, relevant guidance published by the ICO and industry standards.
- A breach of this policy may, in appropriate circumstances, be treated as a disciplinary matter. Following investigation, a breach of this policy may be regarded as misconduct leading to disciplinary action, up to and including dismissal.
Personnel responsible
- The Site Manager has delegated responsibility for ensuring day-to-day compliance with relevant legislation and the effective operation of this policy.
- Responsibility for keeping this policy up to date has been delegated to the Executives.
Reasons for the use of CCTV and other surveillance systems
- We currently use CCTV and other surveillance systems around our site as outlined below. We believe that such use is necessary for legitimate business purposes, including:
- to prevent crime and protect buildings and assets from damage, disruption, vandalism and other crime;
- for the personal safety of staff, visitors and other members of the public and to act as a deterrent against crime;
- to support law enforcement bodies in the prevention, detection and prosecution of crime;
- to assist in day-to-day management, including ensuring the health and safety of staff and others;
- to assist in the effective resolution of disputes which arise in the course of disciplinary or grievance proceedings; and
- to assist in the defence of any civil litigation, including employment tribunal proceedings;
- This list is not exhaustive and other purposes may be or become relevant.
Monitoring
- Camera locations are chosen to minimise viewing of spaces not relevant to the legitimate purpose of the monitoring. As far as practically possible, CCTV cameras will not focus on private homes, gardens or other areas of private property.
- Images are monitored by authorised personnel.
- Staff using surveillance systems will be given appropriate training to ensure they understand and observe the legal requirements related to the processing of relevant data.
How we will operate any CCTV and surveillance systems
- Where CCTV cameras and surveillance systems are placed in the workplace, we will ensure that signs are displayed at the entrance of the surveillance zone to alert individuals that their image may be recorded. Such signs will contain details of the organisation operating the system, the purpose for using the surveillance system and who to contact for further information, where these things are not obvious to those being monitored.
- Live feeds from CCTV cameras will only be monitored where this is reasonably necessary, for example to protect health and safety.
- We will ensure that live feeds from cameras and recorded images are only viewed by approved members of staff whose role requires them to have access to such data. This may include staff involved with disciplinary or grievance matters. Recorded images will only be viewed in designated, secure offices.
Use of data gathered by CCTV and other surveillance systems
- In order to ensure that the rights of individuals recorded by CCTV and other surveillance systems are protected, we will ensure that data gathered is stored in a way that maintains its integrity and security. This may include encrypting the data, where it is possible to do so.
- We may engage data processors to process data on our behalf. We will ensure reasonable contractual safeguards are in place to protect the security and integrity of the data.
Retention and erasure of data gathered by CCTV and other surveillance systems
- Data from CCTV cameras and other surveillance systems will not be retained indefinitely but will be permanently deleted once there is no reason to retain the recorded information. Exactly how long images will be retained for will vary according to the purpose for which they are being recorded. For example, where images are being recorded for crime prevention purposes, data will be kept long enough only for incidents to come to light.
- At the end of their useful life, all images stored in whatever format will be erased permanently and securely. Any physical matter such as tapes or discs will be disposed of as confidential waste. Any still photographs and hard copy prints will be disposed of as confidential waste.
Use of additional surveillance systems
- Prior to introducing any new surveillance system, including placing a new CCTV camera in any workplace location, we will carefully consider if they are appropriate by carrying out a privacy impact assessment (PIA).
- A PIA is intended to assist us in deciding whether new surveillance cameras are necessary and proportionate in the circumstances and whether they should be used at all or whether any limitations should be placed on their use.
- Any PIA will consider the nature of the problem that we are seeking to address at that time and whether the surveillance camera is likely to be an effective solution, or whether a better solution exists. In particular, we will consider the effect a surveillance camera will have on individuals and therefore whether its use is a proportionate response to the problem identified.
- No surveillance cameras will be placed in areas where there is an expectation of privacy (for example, in changing rooms) unless, in very exceptional circumstances, it is judged by us to be necessary to deal with very serious concerns.
Ongoing review of CCTV and other surveillance system use
We will ensure that the ongoing use of existing CCTV and other surveillance cameras in the workplace is reviewed to ensure that their use remains necessary and appropriate, and that any surveillance system is continuing to address the needs that justified its introduction.
Human Rights Act 1998
- The systems will be operated with due regard to the Human Rights Act 1998 and in particular the provisions of Article 8, conveying on an individual the qualified right to respect for his or her private and family life.
- No interest will be shown in private property and cameras will not look into such areas. In addition the use of cameras elsewhere will be proportionate to the objectives detailed in this policy.
- Extra MSA Staff will have clear guidelines and any inadvertent contraventions will be recorded and the reasons for the occurrence given. The scheme will be managed and audited to ensure that individuals’ privacy is not breached.
- The day-to-day management of the cameras will be the responsibility of the Site Manager who will report to a member of the senior management team.
- Only Extra MSA staff will have access to the office where the cameras are located. Designated Extra MSA staff will also have access to all recorded material retained, providing such access is in accordance with both the objectives and purposes of the scheme and is authorised by the senior management team. Dummy cameras may be used in the scheme.
Requests for disclosure
- We may share data with other group companies where we consider that this is reasonably necessary for any of the legitimate purposes.
- No images from our CCTV and other surveillance cameras will be disclosed to any other third party, without express permission being given by the Site Manager. Data will not normally be released unless satisfactory evidence that it is required for legal proceedings or under a court order has been produced.
- In other appropriate circumstances, we may allow law enforcement agencies to view or remove CCTV and other surveillance footage where this is required in the detection or prosecution of crime.
- We will maintain a record of all disclosures of CCTV or other surveillance camera footage.
- No images from will ever be posted online or disclosed to the media.
Subject access requests
- Data subjects may make a request for disclosure of their personal information and this may include CCTV and other surveillance images (data subject access request). A data subject access request is subject to the statutory conditions from time to time in place and should be made in writing.
- In order for us to locate relevant footage, any requests for copies of recorded images must include the date and time of the recording, the location where the footage was captured and, if necessary, information identifying the individual.
- We reserve the right to obscure images of third parties when disclosing data as part of a subject access request, where we consider it necessary to do so.
Complaints
- Please use the contact us page on this web site
Requests to prevent processing
- We recognise that, in rare circumstances, individuals may have a legal right to prevent processing likely to cause substantial and unwarranted damage, or to prevent automated decision making.
Competition Terms & Conditions
Competition terms and conditions – (2024-2025)
Each calendar month, Extra MSA will launch a competition on its social media pages. This will be either:
Photo competition – Extra will give away a £50 voucher to spend at either Nando’s, Pizza Express, or Starbucks. To be in with a chance of winning, users must share a picture at an Extra MSA site on either Twitter, Facebook, Threads or Instagram, tagging @ExtraServicesUK.
Review competition – Each calendar month, Extra MSA will give away a £50 voucher to spend at either Nando’s, Pizza Express, or Starbucks. To be in with a chance of winning, users must leave a review of an Extra MSA site, on Google, Tripadvisor or Facebook, and send a screenshot of their review to @ExtraServicesUK via DM. The screenshot must clearly show which platform the review was left on, and for which Extra MSA location.
T&Cs
- One entry per account, per competition per month.
- To be eligible to win the photo competition, entrants must follow Extra MSA (@ExtraServicesUK) on the channel they have entered (Twitter, Threads, Facebook or Instagram) and tag @ExtraServicesUK in the post.
- The shared content needs to be publicly viewable on a Twitter or Threads feed or Instagram grid, and by publishing, they agree to Extra MSA re-sharing that content on social media and other marketing materials.
- For the review competition, a new review needs to be posted each month to be able to be re-entered. A screenshot of each review should be shared via DM with @ExtraServicesUK.
- The winner(s) will be chosen at random and notified (via the channel they entered the competition on), during the first five working days of the following month (e.g. January winner notified in the first five working days of February).
- Winners have five working days from the day of notification to respond. If a winner does not respond during this time, Extra may select an alternative winner at its discretion and the prior winner will no longer be eligible to receive a prize.
- The competition period extends from 00:01 am on the first day of the month and finishes at 11:59 on the last day of the month.
- Winners will be notified via either Twitter, Facebook, Threads or Instagram by Extra MSA or its representatives (and may be tagged as winners publicly).
- Prizes will be awarded in the form of electronic vouchers (sent by email), and subject to the conditions put in place by the retailer in question in terms of its use.
- The decision of Extra MSA and its representatives will be final, and no correspondence will be entered into regarding the allocation of prizes.
- The competitions are open to residents of the United Kingdom aged 18 years or over. Extra MSA reserves the right to request proof of age at its discretion.
- Extra MSA reserves the right to cancel or modify the competitions at any stage, without warning.
- Extra MSA reserves the right to amend these Terms and Conditions or cancel the Prize Draw (or any part of it) without notice if required by law or due to reasons beyond our reasonable control. We also reserve the right to cancel the Prize Draw or amend these Terms and Conditions for a specific reason where it’s reasonable or valid to do so.
- We reserve the right to void or remove an entry or withdraw a prize without notice, particularly if it is believed the entrant has not adhered to the terms and conditions or has otherwise not acted in the spirit of the competition.
- This competition is run by Extra MSA and its partners and is in no way aligned with either Twitter, Facebook, Threads or Instagram. As such, those organisations hold no responsibility in relation to the competition.
- Extra MSA will not be liable (to the extent permitted by law) for any loss or damage arising out of organising or holding this Prize Draw or as a result of your participation in the Prize Draw.
- By entering, you agree that the company’s decision is final in all cases of dispute or query.
Cookie Policy
Essential website cookies:
Name: | TERMLY_API_CACHE |
Purpose: | Used to store visitor’s consent result in order to improve performance of the consent banner. |
Provider: | extraservices.co.uk |
Service: | Termly View Service Privacy Policy |
Type: | html_local_storage |
Expires in: | 1 year |
Name: | csrf_token |
Purpose: | Helps prevent Cross-Site Request Forgery (CSRF) attacks using Javascript. |
Provider: | extraservices.co.uk |
Service: | Django View Service Privacy Policy |
Type: | http_cookie |
Expires in: | 30 days |
Analytics and customization cookies:
These cookies collect information that is used either in aggregate form to help us understand how our Website is being used or how effective our marketing campaigns are, or to help us customize our Website for you.
Name: | _ga |
Purpose: | Records a particular ID used to come up with data about website usage by the user |
Provider: | .extraservices.co.uk |
Service: | Google Analytics View Service Privacy Policy |
Type: | http_cookie |
Expires in: | 1 year 1 month 4 days |
Name: | _ga_# |
Purpose: | Used to distinguish individual users by means of designation of a randomly generated number as client identifier, which allows calculation of visits and sessions |
Provider: | .extraservices.co.uk |
Service: | Google Analytics View Service Privacy Policy |
Type: | http_cookie |
Expires in: | 1 year 1 month 4 days |
Name: | mc |
Purpose: | Used by quantserve to record unique numbers that identify your browser and interaction history. It expires in 5 years |
Provider: | .quantserve.com |
Service: | Quantcast Measurement Service View Service Privacy Policy |
Type: | server_cookie |
Expires in: | 1 year 1 month |
Advertising cookies:
These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.
Name: | __qca |
Purpose: | These cookies are associated with a B2B marketing platform, formerly known as Bizo, which is now owned by LinkedIn, the business networking platform. This sub-domain is connected with LinkedIn's marketing services that enable website owners to gain insight into types of users on their site based on LinkedIn profile data, to improve targeting. |
Provider: | extraservices.co.uk |
Service: | LinkedIn View Service Privacy Policy |
Type: | html_local_storage |
Expires in: | persistent |
Name: | IDE |
Purpose: | Used to measure the conversion rate of ads presented to the user. Expires in 1.5 years. |
Provider: | .doubleclick.net |
Service: | DoubleClick View Service Privacy Policy |
Type: | server_cookie |
Expires in: | 1 year 11 months 29 days |
Name: | _gcl_au |
Purpose: | Used by Google AdSense for experimenting with advertisement efficiency across websites using their services. |
Provider: | .extraservices.co.uk |
Service: | Google AdSense View Service Privacy Policy |
Type: | http_cookie |
Expires in: | 2 months 29 days |
Name: | landing |
Purpose: | Used to track user interactions with online advertisements |
Provider: | pagead2.googlesyndication.com |
Service: | DoubleClick View Service Privacy Policy |
Type: | pixel_tracker |
Expires in: | session |
Name: | test_cookie |
Purpose: | A session cookie used to check if the user’s browser supports cookies. |
Provider: | .doubleclick.net |
Service: | DoubleClick View Service Privacy Policy |
Type: | server_cookie |
Expires in: | 15 minutes |
Name: | __qca |
Purpose: | These cookies are associated with a B2B marketing platform, formerly known as Bizo, which is now owned by LinkedIn, the business networking platform. This sub-domain is connected with LinkedIn's marketing services that enable website owners to gain insight into types of users on their site based on LinkedIn profile data, to improve targeting. |
Provider: | .extraservices.co.uk |
Service: | LinkedIn View Service Privacy Policy |
Type: | http_cookie |
Expires in: | 1 year 26 days |
Unclassified cookies:
These are cookies that have not yet been categorized. We are in the process of classifying these cookies with the help of their providers.
Name: | qcSes |
Provider: | extraservices.co.uk |
Type: | html_session_storage |
Expires in: | session |
Name: | receive-cookie-deprecation |
Provider: | .doubleclick.net |
Type: | server_cookie |
Expires in: | 5 months 27 days |
Name: | elementor |
Provider: | extraservices.co.uk |
Type: | html_local_storage |
Expires in: | persistent |
- Digital Advertising Alliance
- Digital Advertising Alliance of Canada
- European Interactive Digital Advertising Alliance
Disclaimer
Modern Slavery Policy
Introduction
Extra MSA Property (“The Group”) is committed to continuously improving its high standards to combat slavery and human trafficking in its business and supply chain, and in acting ethically and with integrity in its business relationships.
This statement is made pursuant to section 54 of the Modern Slavery Act 2015. It constitutes The Groups slavery and human trafficking statement for the financial year ended 31 December 2018. It covers the activities of The Group and its wholly-owned subsidiaries.
Our organisation
The Group is a property investment group which owns and develops Motorway Service Area’s (“MSA’s”) in the UK.
Our supply chain
The Group uses a wide range of suppliers who supply goods for sale, provide services and support our operations.
Policies
The Group has a number of policies which aim to minimise the risk of modern slavery in our supply chain. These include:
- Whistleblowing Policy which encourages staff to report any concerns including any related to modern slavery/trafficking and child and forced labour.
Risk Assessment
The Group considers the highest risk part of its supply chain is within the construction subcontractors.
The Group employ the vast majority of all operational site staff including night security guards, field, office and reactive maintenance staff. The Group has procedures in place designed to prevent human trafficking or slavery within our employee base. These include but are not limited to reference checks, checks on original right to work documents and checks that bank account details provided for the payment of salary match the name of the employee. Where discrepancies arise, further investigation is carried out to ensure the employee is not subject to modern slavery.
Our Next Steps
Over the coming year we aim to put a number of steps in place to ensure that our business and our supply chains are free from modern slavery. These are the steps we intend to take:
- Review our supplier contracts to ensure that our suppliers must specifically declare modern slavery is absent from their business and supply chains as part of their contract with us.
- Develop a supplier Code of Practice that we expect all of our suppliers to sign up to.
- Develop a Working with Suppliers and Partners Policy which sets out internal requirements for buying goods and services.
- Develop a Responsible Procurement Policy covering issues of human rights, child and forced labour and modern slavery, which all UK suppliers are required to comply with.
- Develop our training to ensure all of those involved in purchasing goods and services are aware of the risks of modern slavery and are able to account for this in their dealings with suppliers.
Approval
This statement has been approved by the Executives of The Group.