Oops! Sorry!!


This site doesn't support Internet Explorer. Please use a modern browser like Chrome, Firefox or Edge.

DCS Personal Fitness
CCTV Policy

At DCS Personal Fitness we believe that CCTV plays a legitimate role in helping to maintain a safe and secure environment for the trainer, their clients and potential customers and contractors. Images recorded by CCTV are Personal Data and as such must be processed in accordance with data protection laws. We are committed to complying with our legal obligations in order to appropriately handle and protect Personal Data and ensure that the legal rights of the trainer, their clients and potential customers and contractors relating to their Personal Data, are recognised and respected.

This policy is intended to enable the trainer, their clients and potential customers and contractors to understand how the DCS Personal Fitness uses CCTV, those individuals responsible for CCTV use, the rights individuals may have in relation to CCTV, who has access to CCTV images and how individuals can raise any queries or concerns they may have.

1.0 Definitions

For the purposes of this policy, the following terms have the following meanings:

CCTV: means cameras, devices or systems including fixed CCTV and any other systems that capture information of identifiable individuals or information relating to identifiable individuals.

CCTV Data: means any Data in respect of CCTV, e.g. video images, static pictures, etc.

Data: means any information which is stored electronically or in paper-based filing systems.

Data Subject: means any individuals who can be identified directly or indirectly from CCTV Data (or other Data in our possession). Data Subjects include the trainer, their clients and potential customers and members of the public.

Data Controller: is the organisation or authority which, determines how and for what purpose the Personal Data are processed. When operating CCTV, the owner of DCS Personal Fitness (Daniel Stone) is the relevant Data Controller and is responsible for ensuring compliance with the Data Protection Laws.

CCTV user: is Daniel Stone whose work involves processing CCTV Data. This will include those whose duties are to operate CCTV to record, monitor, store, retrieve and delete images. Data users must protect the CCTV Data they handle in accordance with this policy.

Data Protection Laws: means:

a) General Data Protection Regulation 2018 (the “GDPR”) and any equivalent or implementing legislation;

b) all other applicable laws, regulations or court judgements relating to the processing of personal data, data privacy, electronic communications, marketing and/or data security;

Processing: is any activity which involves the use of CCTV Data, whether or not by automated means. It includes collecting, obtaining, recording or holding CCTV Data, or carrying out any operation or set of operations on the CCTV Data including organising, structuring, amending, retrieving, using, disclosing or erasing or destroying it. Processing also includes transferring CCTV Data to third parties.

Site: means DCS Personal Fitness, 4 Commonview, Old Common Road Chorleywood, Herts WD3 5LW.

2.0 About this policy

2.1: We currently use CCTV to view and record individuals at our Site, 24 hours per day, 7 days per week. This policy sets out why we use CCTV, how we will use CCTV and how we will process any CCTV Data recorded by CCTV to ensure that we are compliant with Data Protection Law.

2.2: The images of individuals recorded by CCTV are Personal Data and therefore subject to the Data Protection Laws. DCS Personal Fitness (Daniel Stone) is the Data Controller of all CCTV Data captured at the Site.

2.3: This policy covers the trainer, their clients and potential customers and contractors and may also be relevant to members of the public visiting the Site.

3.0 Staff responsible

Daniel Stone, Owner of DCS Personal Fitness has overall responsibility for ensuring compliance with Data Protection Laws and the effective operation of this policy. Day-to-day operational responsibility for CCTV and the storage of CCTV Data recorded is the responsibility of the Duty Security Controller. Should you have any queries on the use of CCTV or surveillance systems by us please contact Daniel Stone.

4.0 Why we use CCTV

4.1: We currently use CCTV on the Site as outlined below. We believe that such use is necessary for the following legitimate business purposes:

(a) to prevent or detect crime and protect buildings and assets from damage, disruption, theft, vandalism and other crime; (b) for the personal safety of trainers, their clients and potential customers and contractors and to act as a deterrent against crime; (c) for health and safety compliance of those using the gym and accessing the building safely (d) to support law enforcement bodies in the prevention, detection and prosecution of crime; and (e) We may implement or use CCTV for purposes other than those specified above which we will notify you of from time to time.

5.0 Monitoring

5.1: The locations of the CCTV are chosen to minimise the viewing of spaces/individuals which are not relevant to the legitimate purpose of the monitoring as specified above.

5.2: CCTV records sound.

5.3: A live feed from the CCTV is only accessible via Daniel Stone and images are only revisited in the event of an incident or if a request is made.

5.4: Any staff using CCTV will be given training to ensure that they understand and observe the legal requirements relating to the processing of any Data gathered.

6.0 How we operate CCTV

Where CCTV is in use at our Site, we will ensure that signs are displayed at the point of entrance of the surveillance zone to alert trainer, their clients and potential customers and contractors that their image may be recorded. We will ensure that live feeds from the CCTV are only viewed by Daniel Stone. Recorded images will only ever be viewed in a secure and restricted area by Daniel Stone.

7.0 How we use the Data

7.1: In order to ensure that the rights of individuals recorded by our CCTV are protected, we will ensure that CCTV Data gathered from such systems is stored in a way that maintains its integrity and security. This is currently on a hard drive.

7.2: We will ensure that any CCTV Data is only used for the purposes specified in section 4.1 above. We will not use CCTV Data for another purpose unless permitted by current Data Protection Laws.

7.3: Where we engage Data Processors to process Data on our behalf, we will ensure contractual safeguards are in place to protect the security and integrity of the Data.

8.0 Retention and erasure of Data

8.1: Data recorded by our CCTV will be stored locally on servers at our Site. We will not retain this Data indefinitely but will permanently delete it once there is no reason to retain the recorded information. Exactly how long the Data will be retained for will vary according to the purpose for which it was recorded. For example, where images are being recorded for crime prevention purposes, CCTV Data will be kept only for as long as it takes to establish that a crime has been committed or where we are using the CCTV Data for staff disciplinary purposes, the images will be kept until the process is completed. In all other cases, recorded images will be kept for no longer than 90 days before being overwritten and permanently deleted.

9.0 Ongoing review of our use of CCTV

9.1: We will periodically review our ongoing use of existing CCTV at our Site to ensure that its use remains necessary and appropriate and in compliance with Data Protection Laws.

9.2: We will also carry out checks to ensure that this policy is being followed by Daniel Stone.

10.0 Rights of Data Subjects

10.1 As CCTV Data will identify individuals, it will be considered Personal Data under applicable Data Protection Laws. Under Data Protection Laws, Data Subjects have certain rights in relation to the Personal Data concerning them. These are as follows:

(a) the right to access a copy of that Personal Data and the following information (this may include CCTV Data captured by our CCTV):

(i) the purpose of the processing; (ii) the types of Personal Data concerned; (iii) to whom the Personal Data has or will be disclosed; and

(iv) the envisaged period that the Personal Data will be stored, or if not possible, the criteria used to decide that period;

(b) the right to request any inaccurate Personal Data that we hold concerning them is rectified, this includes having incomplete Personal Data completed;

(c) the right to request the Personal Data we hold concerning them is erased without undue delay, where it is no longer necessary for us to retain it in relation to the purposes it was collected;

(d) the right to request restriction of our processing of Personal Data in certain circumstances; and

(e) the right to lodge a complaint with the Information Commissioner’s Office, if the Data Subject considers that our processing of the Personal Data relating to him or her infringes Data Protection Laws.

11.0 Service providers

11.1 In order to operate CCTV at our Site we appoint service providers to provide us with maintenance services (Currently Securi-Smart Ltd) related to that CCTV. Such service providers act only on our instructions and on our behalf for the purposes listed in section 4.1 above. We require these service providers by contract to safeguard the privacy and security of Personal Data they process on our behalf.

12.0 Requests of disclosure by third parties

12.1: No images from our CCTV cameras will be disclosed to any third party without express permission being given by The General Manager Data will only be disclosed to a third party in accordance with Data Protection Laws.

12.2: In other appropriate circumstances, we may allow law enforcement agencies to view or remove CCTV footage where this is required in the detection or prosecution of crime.

13.0 Complaints

13.1: If any DCS Personal Fitness user has questions about this policy or any concerns about our use of CCTV, then they should speak to Daniel Stone in the first instance. ([email protected] / 07392847325)

13.2: I hope you don’t have any reason to complain, and I will always try to resolve any issues you have, but you always have the right to make a complaint at any time to the ICO about how I deal with your personal information or your rights in relation to your personal information.

You can make a compliant in writing to the ICO, Wycliffe House, Water Lane, Wilmslow, SK9 5AF, United Kingdom or you can go to https://ico.org.uk/make-a-complaint/.

Schedule 1 – Sites

Camera No.
1 of 1

Camera Location
DCS Personal Fitness above mirrors on far wall.

GET IN TOUCH NOW