Our Data Protection Officer is our Managing Director, Sarah Currey, who is also our Compliance Director.
We only collect basic data in order to help you sell, let, buy or rent property and closely associate services. Typically, your name and address, email and a narrative of your specific instructions. To comply with the money laundering regulations, we may be obliged to view your identity documents. We only pass your data to other trusted firms who are an adjunct to these property services.
We do not sell your data. The nature of the internet and cloud storage means that data may be processed in another country, but we have no operation outside the U.K.
We do not collect sensitive personal information, which is information relating to ethnicity, political opinions, religious beliefs, trade union membership, physical or mental health or condition, sexual life or criminal record.
The lawful basis on which we use your information:
- Processing necessary information for the performance of a contract. This will include giving contractors a tenant, landlord, buyer or seller’s details for the purpose of quoting, inspecting or completing prescribed and pre-ordered works and repairs. ALL OF OUR PREFERRED CONTRACTORS AGREE THAT THEY WILL NOT PASS YOUR DATA ON TO ANY THIRD-PARTY SOLICITATIONS OF ANY KIND. FURTHERMORE, THEY AGREE TO STORE YOUR DATA IN ACCORDANCE WITH GDPR REGULATIONS.
- You have given specific consent to the processing of your data.
- Processing is necessary for compliance with legal obligation to which we are subject.
- You have the right to be told about any information we hold about you, simply contact our Data Protection Officer.
DATA USAGE AND STORAGE – DALES AND PEAKS PROPERTY LIMITED. MARCH 2018
How we use your personal information.
This privacy notice is to let you know how we promise to look after your personal information. This includes what you tell us about yourself, what we learn by having you as a customer and the choices you give us about what marketing you want us to send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.
OUR PRIVACY PROMISE
- To keep your data safe and private
- Not to sell your data
- To give you ways to manage and review your marketing choices at any time.
How the law protects you.
As well as our Privacy Promise, your privacy is protected by law. This section explains how this works.
Data Protection law says that we are allowed to use personal information only if we have proper reason to do so. This includes sharing it outside Dales and Peaks Property Limited. The law says we must have one or more of these reasons:
- To fulfil a contract with you or
- When it is our legal duty or
- When it is our legitimate interest, or when you consent to it.
A legitimate interest is when we have a business or commercial reason to use your information. However even then it must not unfairly go against what is right and best for you. If we rely on legitimate interest, we will tell you what that is.
Where we collect personal information from:
We may collect personal information about you from inquiries you make to our business and these sources:
Data you give to us:
- When you apply for our products and services
- When you talk to us on the telephone or in the office
- When you use our website, mobile device apps, web chat
- In emails and letters
- In financial/property reviews and interviews
- In customer surveys
- If you take part in our competition or promotions
Data we collect when you use our services. This includes the amount, frequency, type, location, origin and recipients:
- Payment and transaction data is not stored by us.
- Profile and usage data. This includes the profile you create to identify yourself when you connect to our internet, mobile and telephone services. It also includes other data about how you use those services. We gather this data from devices you use to connect to those services, such as computers and mobile phones, using cookies and other internet tracking software. WE DO NOT USE THIS DATA FOR MARKETING OR RESALE.
Data from third parties we work with:
- Companies that introduce you to us
- Financial advisors
- Credit reference agencies
- Social networks
- Fraud prevention agencies
- Land agents
- Loyalty scheme operators
- Agents working on our behalf
- Government and law enforcement agencies.
Who we share your personal information with:
We may share your personal information with these organisations:
- HM Revenue & Customs, regulators and other authorities
- UK Financial Services Compensation Scheme
- Credit reference agencies
- Fraud prevention agencies
- Companies we have a joint venture or agreement to co-operate with
- Organisation that introduce you to us (web portals like Rightmove, Zoopla for example)
- Companies that we introduce you to
- Independent Financial Advisors
- Companies you ask us to share your data with
Credit reference agencies
We carry out credit and identity checks when you apply for a rental property. We may use a credit reference agency to help us with this.
We will share your personal information with CRAs and they will provide us with information about you. The date we exchange can include:
- Name, address and date of birth
- Credit application
- Details of any shared credit
- Financial situation and history
- Public information from sources such as the electoral register and Companies House.
We will use this data to:
- Assess whether you or your business is able to afford to make repayments
- Make sure what you have told us is true and correct
- Help detect and prevent financial crime
You can find out more about Credit Referencing Agencies on their websites, in the Credit Reference Agency Information Notice. This includes details about:
- Who they are
- Their role as fraud prevention agencies
- The data they hold and how they use it
- How they share personal information
- How long they can keep data
- Your data protection rights.
We may need to confirm your identity before we provide products or services to you or your business. Once you have become a customer of ours, we will also share your personal information as needed to help detect fraud, money laundering risks. We use Fraud Prevention Agencies to help us with this.
Both Fraud Prevention Agencies and us can only use your personal information if we have proper reason to do so. It must be needed either for us to obey the law or for a “legitimate interest”.
A legitimate interest I when we have a business or commercial reason to use your information. This must not unfairly go against what is right and best for you.
We will use the information to:
- Confirm identities- acceptable form of
- Help prevent fraud and money laundering
The information we use. These are some of the kinds of personal information that we use.
- Date of birth
- Residential address
- History of where you have lived
- Contact details, such as email addresses and phone numbers
- Employment details
How this can affect you:
If we or an FPA decide there is a risk of fraud, we may stop activity on the accounts or block access to them. FPAs will also keep a record of the risk that you or your business may pose.
This may result in other organisations refusing to provide you with products or services, or to employ you.
Data transfers out of the EEA.
FPAs may send personal information to countries outside the European Economic Area (“EEA”). When they do, there will be a contract in place to make sure the recipient protects the data to the same standard as the EEA. This may include following international framework for making data sharing secure.
Sending data outside of the EEA.
We will only send your data outside the European Economic Area (“EEA”) to
- Following your instructions
- Comply with legal duty.
If we do transfer information to our agents or advisors outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We will use one of these safeguards:
- Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA. Read more on the European Commission Justice website.
- Put in place a contract with the recipient that means that they must protect it to the same standards as the EEA… Rad more on the European Commission Justice website.
- Transfer it to organisations that are part of the Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries. It makes sure those standards are similar to what is used within the EEA. You can find out more about data protection on the European Commission Justice website.
If you choose not to give personal information.
- We may need to collect personal information by law or under the terms of a contract we have with you.
- If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services requested. Any data collection that is optional would be made clear at the point of collection.
We may use your personal information to tell you about the relevant products and offers. This is what we mean when we talk about “ marketing”.
The personal information we have for you is made up of what you tell us. We study this to form a view on what we think you may want or need or what may be of interest to you. This is how we decide which product, services and offers may be relevant for you.
We can only use your personal information to send you marketing messages if we have either your consent or a “legitimate interest”. That is when we have a business or commercial reason to use your information. It must not unfairly go against what is right and best for you. You can ask us to stop sending you marketing messages by contacting us at any time.
Whatever you choose, you will still receive statements and other important information such as changes to your existing products or services.
We may ask you to confirm or update your choices, if you take out any new products or services with us in the future. We will also ask you to do this if there are changes in the law, regulation or the structure of our business.
If you change your mind you can update your choices by contacting us. We will keep your personal information for as long as you are a customer, we may keep your data for up to 5 years for one of these reasons:
- To respond to questions or complaints
- To show that we treated you fairly
- To maintain records according to rules that apply to us.
We may keep your data longer than 5 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes.
How to get a copy of your personal information:
You can access your personal information we hold by contacting Dales and Peaks Property Limited, 2 Old Brick Works Lane, Chesterfield S41 7JD.
Letting us know if your personal information is incorrect.
You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us if you want to do this.
If you do, we will take reasonable steps to check its accuracy and correct it.
What if you want us to stop using your personal information?
You have the right to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it. This is known as the “right to object” and the “right to erasure” or the “right to be forgotten”.
There may be legal or other official reasons why we need to keep or use your data, but please tell us if you think that we should not be using it.
We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways whilst it is restricted.
You can ask us to restrict the use of your personal information if:
- It is not accurate
- It has been used unlawfully but don’t want us to delete it.
- If not relevant any more, but you want us to keep it for use in legal claims
- You have already asked us to stop using your data, but you are waiting for us to tell you if we are allowed to keep on using it.
If you want to object to how we your data or ask us to delete it or restrict how we use it, please contact us.
How to withdraw your consent:
You can withdraw your consent at any time. Please contact us if you want to do so.
If you withdraw your consent, we may not be able to provide certain products or services to you. If this is so, we will tell you.
How to complain:
Please let us know if you are unhappy with how we have used your personal information. You can contact us at the address above. You also have the right to complain to the Information Commissioner’s Office (“ICO”). Please refer to their website how to report a concern. Their web site is ICO.org.uk.
Future formats for sharing data:
The Data Privacy laws will change on 25th May 2018. From that date you will have the right to get your personal information from us in a format that can be easily re-used.
You can also ask us to pass on your personal information in this format to other organisations.
We are fully committed to working within our industry to improve the way your data is shared.