Skip to main content

Who we are

The Lincoln City Centre Partnership, trading as Lincoln Business Improvement Group, a company registered in the UK No 04662323 is responsible for managing data on this website.

Lincoln Business Improvement Group is committed to maintaining the trust and confidence of visitors to our website. We do not sell or trade your personal information with other companies and businesses for marketing purposes. In this Privacy Policy, we provide detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

The types of data we collect

Image Recording

Body Worn Cameras incorporating audio recording are being used by City Centre Wardens when necessary for operational purposes.

The aim of the technology is to:
  • ensure the safety of the Wardens
  • reduce the potential number of confrontational situations experienced by Wardens
  • reduce potential escalation of incidents
  • augment opportunities for evidence capture

You have the right to see images/audio recording of yourself in accordance with the Data Protection Act and be provided with a copy of the images. To do so, please contact us using the contact details at the bottom of this page.

We will only disclose images and audio to other authorised bodies who intend to use it for the purposes stated above. Images and audio will not be released to the media for entertainment purposes or placed on the internet for public viewing.

Google Analytics

When someone visits this website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the website. This information does not identify anyone, and no personal information is passed to Google Analytics when using this website.

Contact Form

This website includes a form where you can contact us with an enquiry. We gather your name and contact details so we can contact you to respond to your question. This information is retained on our system until your enquiry is resolved to your satisfaction at which point we may ask you if you would like to keep in touch via our mailing list. You also have the option to opt-in to the mailing list on the website.

Lincoln BIG Membership

We gather and process personal information to complete our contractual obligations to member businesses in the Lincoln Business Improvement District (BID). All businesses within the BID with a rateable value of £6,000 or more are members of Lincoln BIG. Businesses under the rateable value of £6,000 or outside the Lincoln BID can also benefit from a voluntary membership.

Lincoln BIG Members’ contact details are retained in our CRM system to complete our contractual obligations to them and so that our staff can respond to any queries they may have. We retain personal and business information in our CRM for the period of membership and remove 12 months after expiry. Information about the Lincoln BIG Membership Privacy Policy is available on the membership sign-up form.

Mailing lists

We operate a number of mailing lists for both physical post and email communications on a strictly opt-in basis. You can unsubscribe at any time by clicking on the unsubscribe button on an email.

To be removed from our postal list, please contact the office on 01522 545233 or email .(JavaScript must be enabled to view this email address), and we will promptly remove your details.

About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies that we use

We use cookies for the following purposes:

  • (a) to help us to analyse the use and performance of our website and services
  • (b) to store your preferences in relation to the use of cookies more generally

The following cookies may be set whilst browsing our website:

We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google's privacy policy is available at: https://www.google.com/policies/privacy/. Google Analytics uses the following cookies: _ga – Used to distinguish users. Expires after 2 years. _gid – Used to distinguish users. Expires after 24 hours. _gat_UA-23336801-2 – Used to throttle request rate. Expiry time: session.

Our website sets exp_cookies_allowed, exp_cookies_accepted or exp_cookies_declined to track and respect your choices. Around our website we use cookies to remember where you are and to help and protect you. We use exp_last_activity so every time the page is reloaded the date and time of your last activity is available. This is used to determine form or login expiry. This is essential for logged in users to record their data and not lose it as it is being input. The expiry time 12 months. exp_last_visit Sets the date and time that the you last visited the site. Affects guests and logged in users. The expiry time is 12 months. exp_tracker Tracks the last 5 pages you viewed and is used primarily for redirection after some actions on the site ie moving back to pages. This affects guests and logged in users. This cookie expires when you leave the site. We also use exp_csrf_token. This cookie protects against Cross Site Request Forgery (CSRF). A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. It expires from your computer after one hour.

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

  • (a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
  • (b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
  • (c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
  • (d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
  • (e) https://support.apple.com/en-gb/guide/safari/sfri11471/mac (Safari); and
  • (f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

Blocking all cookies will have a negative impact upon the usability of many websites.

If you block cookies, you will not be able to use all the features on our website.

Manage Cookies

What is the legal basis for processing personal data?

We process your data to fulfil our legal obligations in completing contracts, to serve our membership and deal with their enquiries swiftly and professionally.

We seek your opt-in consent to contact you via email or physical post as part of our mailing lists.

Data sharing

We do not sell or trade your personal information with other companies and businesses for marketing purposes. We may occasionally share your details with suppliers and sub-contractors for the performance of any contract we enter into with you. Where data is shared with a supplier, protections are in place to ensure that your information is processed safely and the supplier complies with GDPR.

Lincoln BIG Members are given the option for their business information and contact details to be shared with partner organisations including Shop Lincoln and Visit Lincoln for business promotion via a relevant website.

How will the information be used?

The information you provide is used to assess whether we can enter into a contract with you, carry out our contractual obligations to you and provide you with our products and services. We use your information to improve our service to you, deal with any potential legal queries relating to our services and to provide you with marketing communications with your permission.

How long will the data be stored?

Lincoln BIG Member information will be stored for the length of their membership and will be removed 12 months after expiry.

Contact form information will be stored only until the enquiry has been completed.

What are your rights?

Data protection legislation includes the following rights for individuals which Lincoln BIG will fully comply with;

  • The right to be informed.
  • The right of access.
  • The right to rectification.
  • The right to erasure.
  • The right to restrict processing.
  • The right to data portability.
  • The right to object and,
  • The right not to be subject to automated decision-making.

If you would like us to cease processing your data, contact us using the details below.

How to make a complaint

If you have any concerns about the way we control and process your personal data, then please contact us on 01522 545233, or email us at .(JavaScript must be enabled to view this email address) and we would be glad to assist in any way we can.

Lincoln City Centre Partnership Ltd is registered with the Information Commissioners Office (Registration Number: Z7874505). If you want to make a complaint about the way we have processed your personal information, you have the right to complain to the Information Commissioners Office. For more information, please see www.ico.org.uk/concerns.

How to contact us

For more information about our privacy policy you can email us at .(JavaScript must be enabled to view this email address) or write to us:

The Data Controller,

Lincoln BIG

BS1, The Terrace

Grantham Street

Lincoln LN2 1BD

 

Wi-Fi data collection- Footfall counters Lincoln City Centre privacy notice

This page explains how and why City of Lincoln Council and Lincoln BIG collects Wi-Fi connection data from mobile devices in Lincoln City Centre at the following venues.

Lincoln BIG- controlled

  • Castle Square
  • High Street (junction of Corporation Street)
  • High Street (outside Boots)
  • City Square

 

City of Lincoln Council- controlled

  • Sincil Street
  • High Street (outside Magistrate Court)
  • High Street (near Sibthorpe Street)

Wi-Fi data is used to provide us with detailed visitor footfall information helping us to primarily understand how busy the high street with view to monitor recovery post covid and the allocation of future funding needs.

It is not used to identify specific individuals or monitor browsing activity.

In summary, we are collecting data on how many mobile devices are counted by each footfall sensor, identifying them by a pseudonymised version of their MAC address.

We are trying to understand patterns of movement throughout the high street and how many visitors are seen daily.

We are not collecting data on browsing activity, cookies, phone numbers or whether any Wi-Fi services are used.

However, if you would like to opt-out, you can do this by turning off Wi-Fi on your device, turning your device off or putting your device into airplane mode.

What Wi-Fi connection data is

When a device such as a smartphone or tablet has Wi-Fi enabled, the device will continually search for a Wi-Fi network to connect to. When searching for a Wi-Fi network, the device sends out a probing request which contains an identifying number specific to that device known as a Media Access Control (MAC) address. This is what we mean by 'Wi-Fi connection data'.

How we collect it

When searching for WiFi networks to connect to the mobile device sends out a probe request. Our footfall sensors capture’s the probe request logs the MAC address, time and date the capture occurred and by which sensor. This data is then encrypted and sent to our footfall monitoring system.

How we make sure we cannot identify people

We will not be able to identify any individuals from the data collected. We have designed the process to identify patterns and to avoid identifying individuals. We are trying to understand how visitors as a whole use the high street.

All data collected is automatically depersonalised, using a one-way pseudonymisation process to ensure we are unable to identify any individual. This happens immediately after the data is first collected.

Pseudonymisation is the process of distinguishing individuals in a dataset by using a unique identifier that does not reveal their 'real world' identity. This is a way of protecting people's privacy in accordance with the Information Commissioner's Anonymisation Code of Practice.

Legal basis for using this information

Under privacy and data protection legislation, the Council is only allowed to use personal information if we have a proper reason or 'legal basis' to do so. In the case of Wi-Fi connection data, our 'legal ground' for processing this data is:

  • Our statutory and public functions
    • to undertake activities to promote and encourage safe, integrated, efficient and economic facilities and services.

Length of time we keep Wi-Fi connection data

We will retain any data collected in line with our data retention policies. This means that we will not hold information for longer than is necessary for the purposes we obtained it for. Depersonalised Wi-Fi connection data will be held for two years after the last time the device was recorded.

Keeping information secure

We take the privacy of our visitors very seriously. A range of policies, processes and technical measures are in place to control and safeguard access to, and use of, Wi-Fi connection data.

Each MAC address is automatically depersonalised (pseudonymised) and encrypted to prevent the identification of the original MAC address and associated device. At no time do we have access to a device's original MAC address.

All access is governed through industry standard authentication methods. Access is limited to a restricted group of users – only those whose access to the data is necessary for their role.

Our encryption keys are held securely in an industry standard computer program for secrets and key management, and we use an industry standard one-way hashing algorithm. All data is encrypted at rest and when in transit.

Sharing information

Individual depersonalised device Wi-Fi connection data is accessible only to a controlled group of Council employees and Proximity Futures (the council’s suppliers of the technology. Aggregated data developed by combining depersonalised data from many devices may be shared with other Council departments and external partners. Aggregated data will include counts of numbers of devices, rather than data containing pseudonymised MAC addresses.

We understand that there may be scenarios where the data could be useful to the police and other organisations that uses summarised footfall data. These types of requests will be dealt with on a strictly case-by-case basis to ensure that any disclosure is lawful.

We would only be able to disclose pseudonymised data, as we do not hold the original MAC address.

Your information rights

Please also refer to the guidance above on how to choose not to provide your device's Wi-Fi connection data.

In order to realise some of the benefits of collecting this data, it is important that visit patterns are understood over time. This means that we have to preserve our hashing key to maintain continuity of the pseudonymised data. It would therefore technically be possible to align the same MAC address to the same pseudonym. However, the only way we can determine a specific pseudonym is for the MAC address to be provided to us, as we do not retain the MAC address itself.

The rights under Articles 15 to 20 of the General Data Protection Regulation (GDPR) do not apply as we are not in a position to identify a specific individual, unless the individual provides additional information to enable identification. Only providing a MAC address does not establish a definite link between that individual and the pseudonymised visit information.

Even if we could associate a particular visit with a pseudonymised MAC address, we cannot assume the same individual was in possession of the same device during every visit. It would not be practical or proportionate to establish who was carrying the phone at each point in time.

This means that we are unable to provide data in response to any requests to access the Wi-Fi data generated by your device.

If you want to know more about your rights relating to your data or you have a query or complaint regarding the way, we have handled your data please contact our Data Protection Officer using the details below.

Data Protection Officer

The Data Controller, Lincoln BIG, BS1, The Terrace, Grantham Street, Lincoln LN2 1BD

Regarding the counters owned and controlled by City of Lincoln Council, the data collected is shared with Lincoln BIG (see above for venues). Please contact 

Data Protection Officer

City of Lincoln Council, City Hall, Beaumont Fee, LN1 1DD, email: dpo@lincoln.gov.uk 
Telephone: 01522 881 188


However, if you remain unhappy, then you have a right to complain to the Information Commissioner at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 
Telephone 0303 123 1113 (local rate) email casework@ico.org.uk

Sign up for the latest news

Hear about the latest news, events and city information in our newsletter