Privacy Statement #

This privacy statement sets out how CityFibre Holdings Ltd, CityFibre Limited and Entanet International Limited (referred to in this statement as CityFibre / we / us) use and protect any personal data that you give us when you use this website or that we hold in connection with any of our products, services or offerings.

This privacy statement applies to users of our websites, customer contacts, supplier contacts and residential householders whose personal data is collected or used when you are accessing or using our websites or interacting with us.

We are part of the CityFibre Group of companies. CityFibre Holdings Ltd is our corporate function and CityFibre Limited and Entanet International Limited are our operational companies. To the extent that they are joint controllers, their respective responsibilities for data protection compliance are set out in this privacy statement.

We are committed to ensuring that your privacy is protected. We also want to ensure you are properly informed about how your information is used and that you receive certain information that we are required to give you by law, which is why provide this privacy statement.

We may change this statement from time to time by updating this page. You should check this page from time to time to ensure that you are aware of and understand any changes.

The information we collect

We may collect, store and use personal data including:

Information about your device and about your visits to and use of the website including IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation;
Information provided when you register with us, subscribe to our website services and email notifications, or that you may send us via our website, email address or our business premises, for example when you make an enquiry;
For business contacts at our existing and prospective customers, partners and suppliers / third party service providers, basic contact details such as name, address, telephone number, email address, Skype / messenger service details, LinkedIn profile details, job title, function and other information, such as details contained in commercial bid documentation, Program name or code identifier and other Program-related details;
For residential householders, basic contact details such as name, address, telephone number, email address and details contained in wayleave access documentation;
Information that you may provide to our sales representatives, customer service team, trusted partners (as defined below) and third party service providers, for example, when they attend premises to carry out installations, when you contact us for pre or post-sales support, or at corporate events.

We may also obtain some information relating to you from trusted third parties such as our wholesale channel partners, our installation partners, our service provider partners and also providers of lead generation services. We carry out due diligence and have contracts in place with such third parties to ensure they have obtained your information lawfully and can pass it on to us to use.

Using your information

Your personal data will be used for the purposes stated in this statement or such other purposes as we may notify you of from time to time, for example, on other parts of the website or in other relevant documentation.

Your personal data may be required by us from time to time in order to provide you with the best possible service and experience when using our website or our products or services, or to assess which products or services may best suit your needs or those of your business.

Specifically, information held about you may be used by us for the following reasons:

To ensure that content from our website is presented in the most effective manner for you and for your device and to gain insights into how website users are using our website and to improve user experience;*
To ensure the efficient and effective running of our services;
To monitor and analyse network build performance and to benchmark our business processes and performance data;*
To provide you with information (including information about network updates), products or services or take actions that you request;
To provide you with promotional material which we feel may interest you (subject to the appropriate marketing permissions) – see ‘Marketing to business contacts’ below;*
To provide you with promotional material which we feel may interest you by email, phone or mail about new products, special offers, network updates, local events or other information (subject to the appropriate marketing permissions) – see ‘Marketing to business and consumer contacts’ below;*
To provide third parties with statistical information about our web users (for example Google Analytics);*
To allow you to participate in interactive features of our products and services (such as the availability checker), when you choose to do so;
To notify you about changes to our products and services;
For sales and lead generation, including for organising and attending corporate events and for marketing planning;*
To undertake segmentation and demographical analysis to predict areas of demand;*
To perform our obligations arising from or related to any contracts entered into between your business and us, and for effective customer account management, partner management and supply chain management, including performance monitoring and management;*
To perform our obligations arising from any contracts between us and your service provider to deliver the connectivity requirements you have signed up to;
To maintain risk and compliance records, and carry out compliance monitoring, incident management and investigations of relevant suppliers and third party service providers;
For internal administration, governance and recordkeeping and for business analytics, financial and accounts management and reporting purposes;*
To help us prevent, detect and investigate fraud;*
To meet our legal obligations or to bring or defend legal claims;
To maintain the security of our websites, services, systems and assets, as well as to detect and investigate activities that may be illegal or prohibited;*

In more legal terms, we process your personal data where you have consented to this or where this is necessary to provide services or take actions that you have requested, to perform our legal and regulatory obligations or for the purposes of our legitimate interests. We have legitimate interests in those uses of personal data indicated with a “*” above.

We consider the risk to your rights of data protection is not excessive or overly intrusive, and is overridden by our legitimate interests. We have also implemented protections for your rights by ensuring proper retention periods and security controls, and your other rights under this privacy notice (if applicable).

*You can object to processing on this basis at any time by contacting us using the contact details below. See also “Your rights” regarding your right to object below.

Visiting our premises in person

When you sign in we will process your personal data for the purpose of site security and fire safety. The legal basis for this processing is that it is necessary for compliance with a legal obligation to which we are subject.

We will store personal data relating to your visit for 12 months, or longer if required in relation to a legal claim. We will share your personal data with other third parties only to the extent that the disclosure is reasonably necessary for the purposes of investigating incidents occurring on our premises.

Queries and complaints

We collect information when:

You contact us to ask for information
You bring a complaint to us, including about our build projects
We are looking at a complaint and need more information to resolve a query
You ask us to review any decision we’ve made

We will normally let you know what types of information we are asking for and why. For example this may include:

Your name
Your contact details
Information you tell us about your complaint or query

We use this information to:

Provide you with information
Refer back to the information if you contact us again
Investigate and make decisions on complaints
Respond to complaints about our work
Bring and defend legal claims or investigations by regulators or enforcement agencies
Monitor and assess the quality of complaint handling and service provision by our teams
Report on trends and statistics
Learn more about our users and what their needs are
Ask you about our service in the form of a customer satisfaction survey

Responding to surveys

We may from time to time ask residents to complete an optional survey if you make a complaint or in relation to other aspects of our operations, such as our door knocking activities. When you respond to any surveys we will collect and analyse the responses you give us to help us improve our service or for compatible purposes.

Resident surveys will generally be anonymous unless you include any additional information from which you can be identified in the optional comments sections, in which case your information will be used in accordance with this Privacy Statement, including to respond to any specific issues that you have raised. Otherwise, personal data contained in surveys will be erased or deidentified at the earliest opportunity.

We may also from time to time ask our partners and suppliers to complete surveys. When you respond to any surveys we will collect and analyse the responses you give us to help us improve our service or for compatible purposes, such as analysing and monitoring network build performance and benchmarking our business processes and performance data.

We may use third party services to conduct surveys such as Survey Monkey and others. We may need to pass your contact details on to them so that they can share information about the survey with you but CityFibre will typically be the controller of your personal data and this Privacy Statement will apply. The survey instructions will also provide further information about use of your data. CityFibre will put in place contracts that require those third parties to protect your data.

Marketing to business and consumer contacts

As a wholesale fibre network infrastructure provider, we may periodically send promotional information to business and consumer contacts by email, phone or mail about new products, special offers, network updates, build updates local events or other information from us, our affiliate companies (including our sister companies CityFibre Metro Networks Limited and Entanet International Limited) or our approved third party internet service provider partners which we think you may find interesting and relevant, using the contact details which you have provided.

In practice, you will usually either expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes.

Please follow the “unsubscribe” or opt-out process in any of our communications or email info@cityfibre.com at any time with “Unsubscribe” in the subject line if you do not wish to receive such information.

Third Party Services and Websites

We may, from time to time, engage the services of other parties for the provision of services related to payment handling, delivery of purchased items or services, search engine facilities, hosting and IT services, advertising and marketing and network activities (such as installation, testing, repair, upgrade or removal). The providers of such services may be granted access to certain personal data to the extent strictly necessary for them to perform the services that we request. Any personal data that is processed by third parties must be processed in accordance with data protection laws and subject to contractual obligations, including regarding security and confidentiality.

Where our website contains links to other websites, we are not responsible for the privacy policies or practices of such third party websites.

Disclosures

To other companies in our corporate group for the purposes of internal administration, governance and recordkeeping, business analytics, financial and account management and reporting purposes;
To other companies that provide essential support to our network, such as (where relevant) our network integrators and resellers, our approved third party internet service provider, data centres and mobile operators / “fibre to the home” providers, such as Vodafone and other internet service providers, and our broadcasting partners, including Entanet, our wholesale channel partner (“trusted partners”);
To authorised third parties providing a service on our behalf or in connection with our business, including our insurers and professional advisors, marketing services partners, survey partners, technology and hosting providers;
To the extent that we are required to do so by law, including by regulators, courts or law enforcement agencies;
In connection with any legal proceedings or prospective legal proceedings;
In order to establish, exercise or defend our legal rights;
For the purposes of fraud prevention and reducing credit risk;
To the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information, or as otherwise set out in this privacy statement.

Security of your personal information

We are committed to ensuring that your information is secure. We have put in place appropriate technical and organisational measures to safeguard and secure your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access.

You are responsible for keeping your password and user details for any restricted areas of our websites confidential and for implementing your own security measures to protect your information, network and devices. We will not ask you for your password (except when you log in to the website).

How we use cookies

We use cookies in a number of ways on our website, which include improving user experience of our website or online services and remembering information about your preferences. You have choices about how you want cookies to be used. For further information about how we use cookies and how to update your preferences, see our Cookies Policy.

Retaining your personal data

We will retain your personal data for as long as we are obliged, under relevant legislation and regulation, or otherwise for no longer than it is necessary for our lawful purposes. We securely erase it once no longer needed.

The retention period of your personal data may need to be extended where we require this to bring or defend legal claims. We may also retain data for longer periods for statistical purposes, and if so we will anonymise or pseudonymise this.

Privacy Statement – Residents and Wayleave Access Information

This privacy statement sets out how CityFibre Metro Networks Limited, CityFibre Holdings Limited and CityFibre Limited (referred to in this statement as CityFibre / we / us) use and protect your personal data. It applies specifically to residential householders whose information is shared with us by councils and local authorities (“authorities”) so that we can carry out build work for our network.

We are part of the CityFibre Group of companies. CityFibre Metro Networks Ltd is our infrastructure function, CityFibre Holdings Limited is our corporate function and CityFibre Limited is our operational company. To the extent that they are joint controllers, their respective responsibilities for data protection compliance are set out in this privacy statement.

We are committed to ensuring that your privacy is protected. We also want to ensure you are properly informed about how your information is used and that you receive certain information that we are required to give you by law, which is why we provide this privacy statement.

The information we collect:

We may collect, store and use personal data including:

• Your address, which is disclosed by your authority to us so that we can facilitate multi dwelling unit wayleaves in areas where our fibre to the home build is taking place; and
• Information that you may provide to our customer service team, trusted partners and third party service providers, for example, when they attend premises to carry out installations or when you contact us to report a concern.

A wayleave is a contractual agreement between a landowner and a telecommunications provider, where the landowner grants the network provider a licence with the right to access property, to install and/or maintain electronic communications equipment. For further information about wayleaves, see: https://www.gov.uk/guidance/gu....

Using your information

We collect and securely store information about individuals for legitimate business purposes and in accordance with applicable data protection laws (including the General Data Protection Regulation (GDPR)) or the relevant national legislation.

Your personal data will be used for the purposes stated in this statement or such other purposes as we may notify you of from time to time, for example, on our website or in other relevant documentation.

Specifically, information held about you may be used by us for the following reasons:
• To facilitate multi dwelling unit and single dwelling unit wayleaves (which are contractual arrangements that fulfil certain legal and regulatory requirements), including to keep you informed about build issues that may affect your property;
• To provide you with information (including information about network updates), products or services or take actions that you request, including to handle any queries and complaints (see https://www.cityfibre.com/priv... for further information);
• To maintain risk and compliance records, and carry out compliance monitoring, incident management and investigations of relevant suppliers and third party service providers;
• For internal administration, governance and recordkeeping and for business analytics, financial and accounts management and reporting purposes;*
• To help us prevent, detect and investigate fraud;*
• To meet our legal obligations or to bring or defend legal claims;
• To maintain the security of our services, systems and assets, as well as to detect and investigate activities that may be illegal or prohibited;*

In more legal terms, we process your personal data where you have consented to this (and you can withdraw consent at any time) or where this is necessary to perform a contract, provide services or take actions that you have requested, to perform our legal and regulatory obligations or for the purposes of our legitimate interests (as indicated with a “*” above). We consider the risk to your rights of data protection is not excessive or overly intrusive, and is overridden by our legitimate interests. We have also implemented protections for your rights by ensuring proper retention periods and security controls, and your other rights under this statement (if applicable).
*You can object to processing on this basis at any time by contacting us using the contact details below.

Sharing your wayleave agreement and information

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy statement. We may also disclose your personal data:
• To other companies in our corporate group for the purposes of internal administration, governance and recordkeeping, business analytics, financial and account management and reporting purposes;
• To other companies that provide essential support to our network (such as installation, testing, repair, upgrade or removal), and companies that provide hosting, IT and CRM services and systems to us;
• To other trusted persons, as set out in our wider Privacy Statement.

Any personal data that is processed by third parties must be processed in accordance with data protection laws and subject to contractual obligations, including regarding security and confidentiality.

International data transfers

Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information as set out in this privacy statement, in particular to provide you with our products or services. Currently this is only within the UK.

Some of our trusted partners and third party service providers who have access to your personal data may be located or transfer or host data outside the UK and/or the European Economic Area (EEA). If this is the case, we will ensure your personal data is processed under strict organisational and contractual controls.

In these circumstances, we will ensure your personal data is processed under strict organisational and contractual controls, specifically using the International Data Transfer Agreement as well as the International Data Transfer Addendum. For more information about these control, please visit the ‘International transfers’ section of the ICO website: https://ico.org.uk or contact us using the contact details below.

Retaining your personal data and wayleave

We will retain your personal data for as long as we are obliged, under relevant legislation and regulation, or otherwise for no longer than it is necessary for our lawful purposes. Wayleave access information is retained for the duration of the build being carried out by our wayleave and multi-dwelling unit teams and relevant contractors, which is typically five to 10 years.
The retention period of your personal data may need to be extended where we require this to bring or defend legal claims.

Your rights

You have the following rights regarding your information (each of which is subject to various exceptions and limitations):

Rights	What does this mean?
1. The right to be informed	You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this privacy statement.
2. The right of access	You have the right to obtain access to your information (if we are processing it), and other certain other information (similar to that provided in this privacy statement). This is so you are aware and can check that we are using your information in accordance with data protection law.
3. The right to rectification	You are entitled to have your information corrected if it is inaccurate or incomplete.
4. The right to erasure	This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5. The right to restrict processing	You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability	You have rights to obtain and reuse your personal data for your own purposes across different services. Eg, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between one provider’s IT systems and another’s safely and securely, without affecting its usability. However, we consider this right would only have very limited application in respect of the type of data that we would typically hold.
7. The right to object	You have the right to object to certain types of processing that is based on legitimate interests. Where you object, we may continue to process your information where we can show compelling legitimate grounds for the processing which override your rights and interests or where we need to use your information to bring or defend legal claims. However, if you object to direct marketing, we will stop this as soon as possible (although there may sometimes be a short delay while your request is processed).

To make a request to exercise any of your rights in relation to your information, please contact:

Attention: Company Secretary

CityFibre Holdings Limited

15 Bedford Street, London, WC2E 9HE

dataprocessing@cityfibre.com

To find out more about these rights, visit the UK Information Commissioner’s Office (ICO) website: www.ico.org.uk

If you are not satisfied with our response to your request or believe our processing of your information does not comply with data protection law, you can make a complaint to the ICO: https://ico.org.uk/concerns/.

Contact

If you have any questions about this privacy statement or our treatment of your personal data, please contact us:

Attention: Company Secretary

CityFibre Holdings Limited / CityFibre Limited

15 Bedford Street, London, WC2E 9HE

dataprocessing@cityfibre.com

This statement was last updated on 15th June 2023

Read our Cookie Policy here.

CityFibre lays enough full fibre to stretch ten times the length of the River C…

CityFibre brings full fibre broadband to Lincoln residents as rollout moves int…