Privacy Policy

Privacy Policy

In light of the new EU General Data Protection Regulation 2016/679 (GDPR), which will take effect on 25 May 2018, we set out below certain information about the data we process in order to communicate with you.

Hines Associates Limited, whose registered office is at 42 Carlyle Square, London, SW3 6HA (Hines), is the controller of your data which means that we are responsible for how your data are collected and used. We respect your privacy and will protect any of your personal data that we process. All personal data are processed in accordance with applicable data protection laws.

The types of data we collect

We collect certain personal data about you. “Personal data” is data that can be used to identify you or that we can otherwise link to you using information we may already hold.

We collect personal data that you voluntarily provide to us, for example when you communicate with us via email or other channels. The data we collect includes your name, the name of your employer, postal address, contact phone numbers, e-mail address and job title.

How we use the data we collect and store

We use the personal data we collect for communication purposes, including:

  • To send you information relating to our recent transactions for clients;
  • To send you invitations to events;
  • To communicate with you as part of our contract (in the case of intermediaries and business suppliers);
  • To maintain our list of business contacts.
  • We do not sell, hire out, distribute or otherwise make your personal data available to any third party. However, we may share information with our suppliers for the purposes listed below.

Our basis for using your personal data

When processing personal data for the purposes explained in this notice, we do so for the purposes of delivering our contracted services to you or for maintaining our business relationship with you. In addition, where we may provide you with details of other services which we believe may be of interest to you, we rely on our legitimate interests in maintaining business relationships and/or communicating with you as an existing client for similar services, about our service offerings. We consider that our legitimate interests abide by the law and the legal rights and freedoms of our client and business contacts.

How we may share the data we collect; international transfers

Only the people who need to process personal data for the purposes mentioned above have access to your personal data.

At present we do not transfer any of your personal data outside of the EEA. In the event that any changes occur to our processes requiring such a transfer, we will notify you through updating this privacy policy.

Any transfer of data outside the EU/EEA will be made in line with data protection laws.

How long we will keep your personal data

Your personal data will be saved for the specified purposes mentioned above for as long as you are a business contact of ours. We will give you the opportunity to unsubscribe if you no longer wish to receive communications and invitations from us. If you choose to unsubscribe, we will cease to send you such communication and invitations as mentioned above.

Security measures to keep your personal data safe

Hines acknowledges that the information you provide may be confidential and will maintain the confidentiality of and protect your information in accordance with its normal procedures and all applicable laws. We employ appropriate technical and organisational security measures to help protect your personal data against loss and to guard against access by unauthorised persons.

Your choices and rights

We welcome your inquiries and comments. You have the right to know what personal data we process about you and may request a copy. You are also entitled to have incorrect personal data about you corrected and you may in some cases ask us to delete your personal data. You can also object to certain personal data about you being processed and request that processing of your personal data be limited. Please note that the limitation or deletion of your personal data may mean we will be unable to provide the communications and invitations described above. You also have the right to receive your personal data in a machine-readable format and have the data transferred to another party responsible for data processing.

If you are dissatisfied with how we process your personal data, you are entitled to report this to the Office of the Information Commissioner (ICO) which is the UK regulator for the processing of personal data.

How to contact us

If you have any questions about how we process your personal data, please feel free to contact us at

Revisions to this policy

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes.


If you no longer wish to receive further marketing communication and invitations from Hines, you can unsubscribe by contacting