Data Protection and Privacy Notice
In order to provide you with construction services we will collect and hold personal data about and on you. We are also required to comply with the General Data Protection Regulation (Regulation (EU) 2016/679 (the “GDPR”) and as such hereby set out details as to how we process your data and your rights.
General information about your data and your rights:
Where we collect data directly from you, we will undertake:
- In addition to those third party companies expressly detailed in this agreement, to inform you in writing of the name and contact details of the data controller for that data and their representative. For example, where we arrange a visit on your behalf with a third party, the data controller may be the third party in question.
- To inform you, where appropriate, of the contact details for any Data Protection Officer appointed by us.
- To inform you and make clear the purposes for which the data is to be processed and the legal basis for that processing. In the event that the legal basis to be relied on is that of the legitimate interests of the data controller or any third party, we will inform you as to the nature of those legitimate interests.
- To inform you of the recipients or categories of recipients of data.
- To inform you of the period for which we propose to hold the data, or where this is not possible, the criteria which we will apply to data retention.
- To remind you of your rights whereby you may:
- request access to data of which you are the data subject
- object to, or withdraw consent for, the processing of the same
- obtain rectification of inaccurate data
- prevent data processing for the purposes of direct marketing
- object to decisions being taken by automated means and to have the logic behind those decisions clearly explained
- claim compensation for damages caused by a breach of the Act
- request data erasure
Where you exercise your right to request (via email or post) access to data of which you are the data subject, we will undertake to respond to you within 30 calendar days of receipt of your request. There will be no charge for this service unless the request is manifestly unfounded or excessive in which case we reserve the right to charge a fee or refuse to respond.
You may at any time, by giving notice to us in writing, request that we cease to process your data. We will undertake to comply with any such request as soon as is reasonably practicable.
Where the legal basis for the processing of your data is to adhere to compliance with a statutory or contractual obligation, or the necessary precondition to entering into a contract, including compliance with the requirements of any Regulator, we will inform you as to:
- Whether you are legally required to provide such data, and
- The consequences of failing to provide such data
Where we obtain your data otherwise than directly from you, you will have the same or equivalent rights to those set out above.
Save in the circumstance as detailed below, we will inform you which source the data originated from and whether it came from publically accessible sources. The information to be provided will be in accordance with the following time periods, whichever shall occur first:
- As soon as practicable after obtaining the data and in any event within 1 month
- At the time of our first communication with you using the data
- When the data is first disclosed to another person
We shall not be obliged to provide you with the information:
- Where you already have this information
- Where we are subject to an obligation of professional secrecy prohibiting the disclosure of the information
- Where disclosure would render impossible or severely impair the achievement of the reasons for which the data is to be processed. In such cases, we will do what we can to protect your rights and freedoms with respect to our processing of the data
You have the right to complain in regard to any aspect of the processing of your data and any breach of the above rights to the relevant supervisory authority, who in the case of the United Kingdom is the Information Commissioners Office, whom may be contacted at:
Holding your data:
We undertake to review the data we hold on you on a regular basis to ensure compliance with data protection law. In the course of any review, we will:
- Delete any data which is trivial or transitory in nature, or which in our opinion is no longer required for the purposes set out above.
- Update the data to ensure that any errors or inaccuracies are corrected.
- Archive data as detailed below.
- Subject to the data retention periods, as detailed below, securely delete the data when it is identified that we no longer need to hold it.
We may retain and process your data for the following periods. In the event that more than one period applies to the same data, we will retain the data to the last such period to expire:
- We will hold any agreements between you and us for a period of 6 years from the termination or expiry of the agreement unless we have been notified of any claim or circumstance which might give rise to a claim under or by reference to such agreements.
- We will hold data as required by any relevant third party until the end of any limitation period imposed by that relevant third party, which in the case of HMRC shall be 7 years, unless we are notified that any period is considered “open” by HMRC in which case it will be until we are notified the period is “closed”.
- We will hold data as required for the purposes of any legal proceedings for a period of 6 years following the conclusion of any such proceedings unless a longer period is required pursuant to any court rule or enactment. Proceedings will be taken to have concluded on the expiry of any period given for appealing any final judgment or on the date of concluding any settlement staying all relevant claims if the proceedings were settled before judgement.
We will regularly review data and where in our opinion such data has ceased to be Active we will archive it and process it only as Archived Data. Any data which is deemed Archived Data will only be processed in limited circumstances.
All storage of data, whether Active Data or Archived Data will be in accordance with good practice and will be undertaken in accordance with organisational systems and procedures, which will be regularly reviewed, to maintain the security of data.
On the termination or expiry of any agreement to provide services to you and on your written request, we will, subject to our right to retain copies of data for the purposes set out above, agree to return any data you have provided to us in a structured, commonly used machine-readable format, or transfer the same to a new data controller nominated by you.
Whom we may share your data with:
In order to carry out our legitimate business and to provide you with construction services, we have entered into agreements with and will share your information with the following companies, for the purposes of Compliance, IT systems security, data management and control and auditing. Full details of these companies’ addresses and contact details are available on request.
If any provision, or part thereof, of this agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.
In the event of any change in Data Protection Law occurring after the date of this agreement which requires the adoption of revised provisions dealing with data retention or portability, the parties will use all reasonable endeavours to agree such consequential changes to this agreement as may reasonably be required to comply with the requirements of Data Protection Law (“Compliant Terms”) and incorporate the same as an amendment to this agreement.
We take your privacy very seriously and will only use your personal information and data to administer the services we have agreed to provide you with, including but not limited to any construction/maintenance agreements you have made or entered into through our firm.
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. There are different types of cookies: some are essential for the site to operate properly, whereas others are aimed at enhancing and personalizing your user experience. Cookies can help us to understand how consumers are interacting with our website, which helps us to improve our site and deliver a better service to you.
What cookies do we use?
Strictly necessary cookies
Generally, these cookies will be essential first-party session cookies. Not all first-party session cookies will fall into the strictly necessary category for the purposes of the Cookie legislation. Strictly necessary cookies will generally be used to store a unique identifier to manage and identify the user as unique to other users currently viewing the website, in order to provide a consistent and accurate service to the user.
These cookies are essential in order to enable you to move around the website and use its features, such as signing-up to receive emails from us.
These cookies generally collect information about how visitors use our website, for instance which pages visitors go to most often, and the pages that they don’t. This helps us to understand and improve the site so it is easy to use and includes helpful content. They allow us to fix bugs or glitches on the website. These cookies don’t collect information that identifies visitors, so we can’t identify you. For example, we use “Google Analytics” cookies (a web analytics service provided by Google, Inc).
These cookies allow our website to remember the choices you make as you browse the site. They provide more enhanced and personal features. The information collected is anonymised and they cannot track your browsing activity on other sites once you leave our site.