Overview

At Robert Carter Property Management LTD we value your privacy and know how important it is to you that your data is handled confidentially. We would, therefore, like to assure you that we comply with all the statutory requirements for data privacy and data security. This statement explains the nature, scope and purpose of the data At Robert Carter Property Management collects and stores from you, through our interactions with you and how we use the data supplied.

In accordance with the requirements of the General Data Protection Regulations (GDPR), you have various rights; these include the right to file an objection against the data we hold. More information on this is given in the ‘Your Rights’ section of this statement.

Please ensure that you read this document carefully. If you have any queries, please contact us at Datacontroller@robertcarter.com

Why we collect, hold, and process your information?

To manage your development we need to collect, hold and process personal information such as names, addresses, telephone numbers and email addresses of property owners, in some circumstances their relatives, sub tenants, contractors and other contacts with whom we must deal with in order to carry out our management duties.

This information will be provided to us by you or by other parties we deal with for the proper performance of management obligations, such as solicitors, contractors, your neighbours and the managing agents who previously managed your site.

During our marketing activities we will collect names, addresses, telephone numbers and email addresses when you provide it to us in the course of making an enquiry about our services. These will be used to contact you in circumstances where we reasonably believe you have an interest in engaging our services.

How we will use your information

All data that RCPM collects will be processed lawfully, fairly and in a transparent manner. It will only be used to administer your account for specific and legitimate purposes, and only information that is relevant and limited to what is necessary will be collected. This means that RCPM must not store any personal data beyond what is strictly required. All information you provide will be given voluntarily and only used with your consent. The data that is held will be accurate to our knowledge and where necessary and with your consent, updated to reflect changing circumstances.

Data Protection Principles

Under GDPR, all personal data acquired and held by us must be processed according to a set of main principles. In accordance with these principles, we will ensure that:

  • We are lawful, compliant, transparent, and accountable in all our processing.
  • The data we collect is for the purposes specific to our contracts and business.
  • That the only data we collect is necessary for the purposes of processing.
  • The data we hold is accurate and up to date wherever possible. Any amendments will be amended or destroyed without delay.
  • We will not hold data for longer than is necessary.
  • The way in which we process data ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage.

Types of Data Held

We obtain and hold information about you in order to carry out effective and efficient processes pertaining to our contracts. The data is stored both electronically and manually on the Company premises only. Manual records are stored in locked premises. When the premises are not attended, the site has added security measures by way of a security alarm.

The data we hold is specifically:

  • Full names
  • Addresses
  • Email addresses
  • Contact phone numbers
  • Access Details
  • Management Information

Sharing of your Personal Information

We may share your personal information in the following ways:

  • If required to do so for legal and regulatory compliance.
  • Preventing or detecting financial crime.
  • Complaints handling or improving customer service.
  • Via solicitor or other professional involvement in the sale or purchase of properties.
  • To a third party as part of a sale of the business and assets to the third party. However, steps will be taken to ensure that your privacy rights continue to be protected and that the data is used in accordance with our Privacy Statement.
  • In an emergency, we may be required to give your contact details out to a contractor to contact you. We will always try and contact you beforehand.
  • As part of our process for collecting development/company funds, where there has been no contact made by you to advise why no payment has been made, we may pass your details on to a Debt Collecting Agency. The agency we use has undergone checks to ensure they are GDPR compliant and will not share your details further. When required to do so we enlist the expertise of external solicitors for legal advice. Your data may be passed on to them to give them a better understanding of specific legal situations.
  • There may be instances where we share data with the Freeholder, Residential Management Company and Directors of a development. We will query the use of the data to ensure the reason is a ‘Legitimate Interest’ before giving information and to ensure they have adequate protection in place to store your data.
  • Should we lose management of a site we will give all information we hold to the new Managing Agents to ensure they can manage the development from the moment they take control.

Other than the points listed above we will not disclose your personal information without your permission. We do not sell your information to third parties and your personal data is treated with the up most care.

Data Security

Personal data shall be processed in a manner that ensures appropriate security of the personal data provided, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. Our security measures undergo continuous improvement in accordance with technological development. Personal data is held on PC’s, security protected and with external data security agencies.

Your Rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of that personal data
  • that anything inaccurate in your personal data is corrected immediately

You can also:

  • raise an objection about how your personal data is processed
  • request that your personal data is erased if there is no longer a justification for it
  • ask that the processing of your personal data is restricted in certain circumstances

If you have any of these requests, get in contact with our Privacy Team.

How long do we hold Personal Data for?

We will keep your personal information for as long as your Residential Management Company (RMC) is a client of RCPM.

However, should the RMC not continue as a client of RCPM we may keep your personal information for a period of up to seven years for one of these reasons:

*To respond to any questions or complaints from the new managing agents;

*To maintain records according to legal requirements and documented business

needs.

We may keep your personal information for longer than seven years if we cannot delete it for legal, regulatory or technical reasons. In these circumstances we will make sure that your privacy is protected and only use it for legal or regulatory purposes.

Please note under HMRC regulations all financial records must be kept for a minimum of six years. For RCPM to comply with this regulation all personal data held by RCPM will be held for a minimum of seven years after which a review will take place to determine as to whether RCPM will delete or archive any or all data held.

Data Protection Complaints

If you wish to raise a complaint in regards to the way we have handled your data or you have a concern with your data please raise this with our Data Controller using the contact details within this Privacy Statement.

If we are unable to come back to you with a satisfactory response you can raise your concerns with the Supervisory Authority (ICO). This can be done via the following methods:

Email: – casework@ico.org.uk

Phone: – 0303 123 1113

Post:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

We hope that you find this Privacy Statement useful. We believe it to be an honest and transparent view to what information we hold on you and how we use it.

How to Contact US

Should you have any comments please direct these to the Data Controller whose contact details are listed in this Privacy Statement.

Changes to this Policy

We keep this privacy policy under review and we will place any updates on this web page.

This privacy policy was updated on 20th August 2020.