Global Privacy Policy

CBRE Group, Inc., together with its subsidiaries (collectively, "CBRE", "we", "us", or "our"), recognizes the importance of protecting user privacy. That’s why our Global Privacy Policy is designed to help them understand how we collect, use, and protect the personal data they provide to us, as well as the tools that enable them to make informed decisions when navigating our international public websites (collectively, the "Website"). We also outline how they can contact us to inquire about our privacy practices.

1. Acceptance Through Use

In this Global Privacy Policy, we describe how CBRE collects, uses, and discloses certain personal data obtained through this Website. Please note that using this Website implies that you understand and accept the terms of this Global Privacy Policy. This Global Privacy Policy is incorporated into and forms part of the Terms and Conditions governing the general use of our Website.

This Global Privacy Policy will be continuously reviewed in light of new technologies, business practices, and our clients’ needs. The Global Privacy Policy may be modified as we update and diversify our products and services. We reserve the right to change, modify, add, or remove, at our discretion, parts of this Global Privacy Policy at any time. Visitors are encouraged to periodically review this Global Privacy Policy for any updates. We will attempt to publish changes to the Global Privacy Policy before they take effect. If we make a material change to this Global Privacy Policy, we will announce it through this medium, by email, or via a notice on our Website’s homepage.

Continuing to use our Website after these conditions have been modified implies acceptance of such changes.

2. Types of Information We Collect

On this Website, there are several areas (including links to other CBRE websites) where personal data and other information may be sent to us. The types of personal data we may obtain or that users may choose to provide us with include, but are not limited to, the following:

  • Contact information (e.g., name, postal or email address, and phone number)
  • Professional data (e.g., job title, department, and company name)
  • Account information
  • Subscription data
  • Username and password
  • Payment account information
  • User-provided content (e.g., work history and academic background, comments, responses to questions)
  • Unique mobile device identifier
  • Geolocation data
  • Information about the use of our websites. For more information, please see our Cookie Policy.

3. How We Use User Data

Communications with Users – Offers and Services They Have Expressed Interest In:

When users visit this Website or conduct transactions on it, we may ask them to register or provide us with their personal data and account information. If they do so, we may use it to contact them regarding offers or services they have expressed interest in. CBRE has a legitimate interest in using the personal data we collect from users if they apply for a job or enter into a contractual business relationship with CBRE. When we have relied on a user’s consent to process their data, if they indicate they do not want us to use their data to contact them again (via the opt-out procedure described below), we will respect their decision.

Communications with Users – Newsletters and Marketing Purposes:

To keep our users informed about the latest news, products, and services from our company, in compliance with applicable legislation, we may send emails and marketing communications to the email address they provide when registering on the Website or requesting information from us. Please note that we sometimes send marketing communications to promote third-party products and services (e.g., those of our business partners) in addition to our own. When a user has subscribed to any of our mailing lists, newsletters, or other promotional offers and later decides they no longer wish to receive them, they can unsubscribe by following the instructions included in every email we send (or by using the opt-out procedure described below).

Other Uses:

We may also use the personal data we obtain about users to:

We may also use the information in other ways if we provide specific notice about it at the time of collection.

4. User Data Provided by Third Parties

Third-Party Links:

It may happen that, while using our Website, certain links or promotions are clicked that allow the purchase of products or use of services from our partners. Some of these partners may share with us the data provided to them. By clicking on a link or promotion on our Website, we are authorized to receive and use any data (except credit card information) provided to our partners, under the same conditions that would apply if that information were provided directly to us. However, we are not responsible for any other website, its Privacy Policy, or how it uses user data. We strongly recommend that users read their Privacy Policies to understand how they handle personal data.

Use by Third Parties:

It may also happen that the user shares their data with other websites or entities, such as those that create professional commercial lists, to receive special offers and promotions from their affiliates. These websites or entities may share user data with us. Whether a third party shares user data with us and to what extent will depend on the agreement we reach with them and their respective Privacy Policies. CBRE is not responsible if a partner or another website or entity collects, uses, or shares user data and thereby violates its own Privacy Policy or applicable legislation, and thus assumes no obligation in this regard.

Commercial Data:

We may acquire commercial data from third parties and add it to our user database to more effectively target advertising and deliver offers to users that we believe may interest them. We may also associate such commercial data with personally identifiable information they have provided to us.

5. Personal Data We Share

Providers:

We may share users’ personal data with companies that provide our services (e.g., customer service or technical support) as authorized agents. All these companies agree to use users’ data solely for the specified purposes. All providers must implement and maintain reasonable and appropriate security procedures and practices suited to the nature of the users’ information, to protect their personal data from unauthorized access, destruction, use, modification, or disclosure. Since we operate internationally, we may transfer users’ information to countries or jurisdictions that do not have the same level of data protection as exists in their country. If this occurs, we (or the providers, as applicable) will implement the measures required by applicable law to ensure the protection of their information. More information on international transfers of users’ personal data is provided below.

Legally Related Entities:

In the event of a merger of CBRE or a transfer of our assets, Website, or operations, CBRE may disclose or transfer users’ personal data in the context of such a transaction. If such a transfer occurs, CBRE will notify users by email or through a prominent notice on our Website for 30 days of any change in CBRE’s ownership that involves a transfer of control over their personal data. Additionally, we may share users’ personal data with CBRE affiliates to provide or offer them services.

Disclosure Required by Law:

We will also disclose users’ personal data when required by law, such as in response to a court order, subpoena, or any other legal obligation, as well as in response to legal requests from public authorities, such as compliance with law enforcement or national security requirements, or in special cases where we have reason to believe it is necessary to disclose their personal data to identify, contact, or take legal action against someone who may be harming or interfering (intentionally or unintentionally) with our rights or property.

Bankruptcy:

It should also be noted that courts of equity (courts specific to Anglo-Saxon law that apply the principle of equity as opposed to courts of law), such as U.S. bankruptcy courts (United States Bankruptcy Courts), may, under certain circumstances, have the authority to authorize the sharing or transfer of users’ personal data to third parties without their permission.

6. International Data Transfers

Consent for Processing in the United States and Elsewhere Through Website Registration.

CBRE is an international company. We may store and process users’ personal data in countries different from the one where the information was originally collected, such as the United States and other locations that may have less stringent data protection laws than the country where the information was initially provided, or transfer it to recipients located there. By providing us with their personal data, the user indicates they are fully aware of the transfer of such data to the United States and other countries or territories and its processing there, and consents to this.

When we transfer users’ data to countries different from the one where it was originally collected, we will protect it as described in this Global Privacy Notice or as otherwise indicated at the time the data is collected (e.g., through a specific program privacy notice). Additionally, when making such transfers, we will comply with all applicable data protection laws. In particular, CBRE’s U.S. subsidiaries are certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. Furthermore, CBRE has entered into EU Standard Contractual Clauses regarding personal data collected in the European Economic Area and transferred to CBRE in the United States and elsewhere.

If you do not agree with your personal data being transferred or used as described, we kindly ask that you do not register on our Website or use it.

Privacy Shield Certification:

CBRE complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework established by the U.S. Department of Commerce, regarding personal data collected by CBRE affiliates or business clients located in the European Economic Area and/or Switzerland and transferred to CBRE, Inc. and its fully owned U.S.-based subsidiaries, including CBRE Global Investors LLC, CBRE GCS Inc. (Puerto Rico employees), CBRE Clarion Securities, LLC, CBRE Security Services, Inc., CBRE Capital Markets of Texas, LP, CBRE HMF, Inc., CBRE Multifamily Capital, Inc., CBRE Capital Markets, Inc., Trammell Crow Company LLC, and CBRE Technical Services, LLC in the United States ("CBRE U.S."). This Global Privacy Policy complements any data protection notices that Clients and Client contacts may have received. CBRE has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability. If there is any conflict between the terms of this Global Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will take precedence. For more information about the Privacy Shield program and to view our certification, visit https://www.privacyshield.gov/. CBRE is subject to the investigative powers of the Federal Trade Commission regarding compliance with Privacy Shield requirements.

Independent Recourse for Privacy Shield Complaints

In compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles, CBRE commits to resolving complaints regarding our collection or use of personal data. Individuals in the EU with inquiries or complaints about our Privacy Shield policy should first contact CBRE at: PrivacyAdministrator@cbre.com

CBRE has further committed to referring unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive a timely acknowledgment of your complaint from us or if you believe we have not resolved your complaint satisfactorily, please contact www.jamsadr.com or visit this page for more information or to file a complaint. JAMS services are provided at no cost to users. Under certain conditions, users may initiate binding arbitration regarding unresolved Privacy Shield compliance complaints not addressed by JAMS. For more information on binding arbitration, visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

7. Security

CBRE uses all means at its disposal to safeguard the security of users’ personal data and their preferences regarding its intended use. We use SSL (Secure Socket Layers) technology to protect the transmission of sensitive data. We store your personal data on a secure server and use procedures designed to protect it from unauthorized access, destruction, use, modification, or disclosure.

While we will adopt commercially reasonable security precautions (and require our third-party providers to do the same) to protect personal data obtained through and stored on the Website, the open nature of the internet prevents us from guaranteeing that personal data stored on our servers, transmitted to a user, or received from them will not be subject to unauthorized access. Therefore, we disclaim all liability for theft, loss, unauthorized access, damage, or interception of any data or communication. By using the Website, the user certifies that they understand and assume these risks.

8. Your Rights

Opt-Out Procedure - Marketing Communications:

You have the right to ask us not to process your personal data for marketing purposes. If you wish to stop receiving any of our commercial communications or withdraw your consent for us to contact you by email, fax, or phone, please contact us through one of the following channels: (i) by email, following the opt-out or unsubscribe instructions included in the body of our commercial emails or by sending an email to Spain.gdpr@cbre.com including a copy of the received email with the word "Remove" in the subject line; or (ii) by postal mail addressed to CBRE REAL ESTATE, S.A., Paseo de la Castellana 202, 8th floor, 28046 Madrid.

If you are in Europe, the Middle East, or Africa, you may also send us an email at PrivacyAdministratorEMEA@cbre.com.

If you are in Asia or the Pacific, you may also send us an email at PrivacyAdministratorAPAC@cbre.com.

Access Rights:

If you are in the European Economic Area and wish to access, update, delete, or port your personal data, or object to its processing, please click here. Send a written request to Spain.gdpr@cbre.com

Request for Access to Users’ Personal Data and Other Rights:

Users may request that CBRE allow them to review what personal data we hold about them, as well as access, delete, or port it.

A user’s decision not to receive our newsletters or promotional and commercial communications will not: (a) prevent us from contacting them, by email or otherwise, regarding our current or past relationship, nor (b) prevent us, or even our employees, contractors, agents, and other representatives, from accessing and reviewing their personal data during the maintenance and improvement of the Website.

Independent Recourse for Privacy Shield Complaints:

We have included information above regarding the independent recourse for Privacy Shield complaints

Contact Us

Feel free to contact us if you have any questions or concerns about this Global Privacy Policy or your use of the Website, or if you wish for us not to use your personal data for our direct marketing purposes. Our standard business practice is to retain all communications from Website visitors to provide them with better service.

You can contact us by sending an email to spain.gdpr@cbre.com or writing to CBRE REAL ESTATE, S.A., Paseo de la Castellana 202, 8th floor, 28046 Madrid.

Visitors from Europe, the Middle East, or Africa:

If you are in Europe, the Middle East, or Africa, you may also send us an email to PrivacyAdministratorEMEA@cbre.com or write to us at St. Martins Court, 10 Paternoster Row, London EC4M 7HP (United Kingdom), Attn: EMEA Data Privacy Director.

Visitors from Asia or the Pacific:

If you are in Asia or the Pacific, you may also send us an email to PrivacyAdministratorAPAC@cbre.com, Attn: APAC Data Privacy Director.

Contact CBRE

CBRE REAL ESTATE, S.A, informs you that the personal data provided will be incorporated into its databases, and based on its legitimate interest, it will process your contact data for the purpose of maintaining relationships of any kind, providing and offering its products and services. The collected data is stored in accordance with the confidentiality and security measures legally established. Likewise, CBRE REAL ESTATE, S.A. informs you that the provided data may be transferred to third-party companies offering goods and services similar to those offered here. By signing this form, you consent to CBRE sending you information of interest about the products and services of CBRE REAL ESTATE, S.A. and CBRE VALUATION ADVISORY, S.A. You can exercise your rights of access, cancellation, opposition, rectification, deletion, restriction of processing, data portability, and not to be subject to automated individual decisions, including profiling, via the email address spain.gdpr@cbre.com, in person at the offices of CBRE REAL ESTATE, S.A, or by written communication, accompanied by a copy of the corresponding national identity document, addressed to CBRE REAL ESTATE, S.A, Paseo de la Castellana 202, 8th floor, 28046 Madrid. For more information, feel free to consult our privacy policy: /en/privacy-policy/

Thank you for contacting CBRE
We will respond to you as soon as possible.
Go to the homepage
Contact us if you are looking for advertise your office or coworking space

CBRE REAL ESTATE, S.A, informs you that the personal data provided will be incorporated into its databases, and based on its legitimate interest, it will process your contact data for the purpose of maintaining relationships of any kind, providing and offering its products and services. The collected data is stored in accordance with the confidentiality and security measures legally established. Likewise, CBRE REAL ESTATE, S.A. informs you that the provided data may be transferred to third-party companies offering goods and services similar to those offered here. By signing this form, you consent to CBRE sending you information of interest about the products and services of CBRE REAL ESTATE, S.A. and CBRE VALUATION ADVISORY, S.A. You can exercise your rights of access, cancellation, opposition, rectification, deletion, restriction of processing, data portability, and not to be subject to automated individual decisions, including profiling, via the email address spain.gdpr@cbre.com, in person at the offices of CBRE REAL ESTATE, S.A, or by written communication, accompanied by a copy of the corresponding national identity document, addressed to CBRE REAL ESTATE, S.A, Paseo de la Castellana 202, 8th floor, 28046 Madrid. For more information, feel free to consult our privacy policy: /en/privacy-policy/

Thank you for contacting CBRE
We will respond to you as soon as possible.
Go to the homepage