All personal data collected through the Site will be collected, stored and used in accordance with all data protection legislation applicable in the UK from time to time, in particular the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any legislation that might replace GDPR in the future. For the purposes of all such legislation, we are the “data controller” in relation to all personal data that we collect. We are notified as a data controller with the UK Information Commissioner (registration number 2592347X) and should you have any queries regarding data protection (including this Policy) or wish to exercise any of your legal nights as a data subject, please contact us at email@example.com, or telephone 01509 231181.
2. What constitutes “Personal Data”?
The expression “personal data”, where used in this Policy, means any information when identified, or from which it is possible to identify, a natural person as opposed to a company or other organisation. Personal data can take many different forms: the personal data that we are most likely to process (in other words, collect, store and use) are the following:
Names, addresses (including email addresses) and contact telephone numbers;
Details of previous transactions with an individual;
Technical data such as an individual’s IP address, browser details, time zone setting and location operating system and platform and any other technology used to access our website;
Data showing how an individual uses our website;
Marketing data, in particular details of an individual’s preferences in receiving marketing communications.
We may compile and use statistical or demographic data using the personal data listed
above, but any such statistical or demographic data would not constitute personal data as it would be anonymised and would not reveal the identity of any individuals.
In “business to business” relationships the information that we collect regarding individuals with whom we deal (in particular our business contacts in other organisations) may still be “personal data” and if so will be collected and used in accordance with this Policy.
3. Information collected by the Company
3.1 We will collect personal data generated by your visit to the web site. This may include your IP Address (an IP address is a number that is automatically assigned to your computer whenever you are surfing the Internet); the type of browser, operating system and device used to access the Site; the date and time you access the Site; the pages you visit; and if you visited the Site from another website, the address of that website.
Some of this data may be stored on your computer in the form of a cookie. This information helps the web server track such things as your preferences and any data you submit while browsing the Site. For example, the cookie can store login details and information relating to our WILLIAM DAVIS LIMITED account and user preferences.
3.3 We may monitor, record, store and use any telephone, email or other communication with you. This is done partly for security purposes and partly because it provides information that we need in order to operate our business and meet the requirements of customers.
4. How do we use your Personal Data?
We may use your personal data:
4.1 to provide you with information on specific properties or developments that you have requested as well as other products, services, future developments, news, events or special offers in which you have indicated that you might be interested. We may contact you by phone, SMS, email or post in accordance with the preferences that you have indicated to us.
4.2 to send service announcements to users of our website;
4.3 to administer our site and for internal operations, including data analysis, testing, research, statistical and survey purposes; and
4.4 to measure or understand the effectiveness of advertising we serve to you and others to send relevant advertising to you and generally to manage our relationship with current, prospective and recent customers.
5. Security and Data Breaches
In accordance with Data Protection Act 1998, we follow strict security procedures in the storage and disclosure of information that you have given us. We have implemented security polices, rules and technical measures to protect the personal information that we have under our control. The security measures are designed to prevent unauthorised access, improper use and disclosure, unauthorised modification and unlawful destruction or accidental loss.
All personal data collected by us is stored on secure servers and archived once the site or development in question with which it was held is all fully sold or the purpose for which the information was being held by us has been fulfilled.
We have put in place procedures to deal with any suspected personal data breach and will notify all individuals affected as well as the Information Commissioner’s Office of a breach where we are legally required to do so. Please note that the transmission of information via the internet is not completely secure. Although we shall do our best to preserve the security of personal data we cannot guarantee the security of data transmitted to our site and any transmission is at the individual’s own risk. Once we have received an individual’s personal data we shall use effective safeguarding procedures and security measures to try to prevent any unauthorised access to it.
6. Third Parties
We may appoint suppliers, sub-contractors or agents in order to enable us to provide you with service(s) that you request. Examples of such services include following up on enquiries made by you, providing further information on products and carrying out viewings at our properties or developments. Accordingly, we may pass on your personal data to group companies or to any of our approved suppliers, sub-contractors or agents for these purposes but not for any other purpose unless permitted or required by law. We may also need to share your personal data with third party software or IT providers for the purposes of system administration, data security, data storage, data back-up, disaster recovery or IT support and maintenance.
We require all suppliers, sub-contractors or agents to respect the security of all personal data that we provide to them and to treat such data in accordance with all applicable data protection laws. We do not allow any third parties to use your personal data for their own purposes and only permit them to process it in accordance with our express instruction. In particular we shall not allow any third parties to use your personal data for marketing purposes without your express prior written consent.
7. Data Retention
If you submit your details for the purposes of enquiring about a specific property or development, the personal information we collect on the Site will be held for the period of time for which the specific property/development is on sale, plus an additional 18 months thereafter (the "Time Period").
If you ask for your details to be applied to a new property or development the Time Period will begin again.
After the Time Period has elapsed, all your personal data will be removed (unless we are legally required or entitled to keep it for some other reason); however your postcode and some demographic information (which does not identify you personally and is not therefore, personal data) may be retained. This information will be used for research purposes in an aggregated form only.
If you submit your details for any other reason, your personal information may be held for a different period of time.
8. Your Rights as a Data Subject
Under certain circumstances, you have the following rights:
to request that we provide you with a copy of the personal data that we hold about you (“Access Request”);
to request that we rectify any personal data that we hold about you (“Right to Rectification”);
to request that we erase any personal data that we hold about you (“Right to be Forgotten”);
to restrict the level of processing we carry out to your personal data (“Restriction of Processing”);
to obtain from us all personal data that we hold about you in a structured, machine readable form, and have this information transmitted to another organisation (“Data Portability”);
to object to our processing personal data in certain ways (“Right to Object”); and
to withdraw consent at any time to our processing of your personal data.
For more information on your rights as a data subject please contact our company data compliance officer at firstname.lastname@example.org
9. Improvements to our Site
We are committed to providing the best service and information possible to you. We are therefore continually seeking ways of improving and upgrading our website and reserve the right to make changes to it and the way we process information collected from it. However no such changes will affect your rights as a data subject.