Our commitment to you
Littlejohns Property Managers (“We”) are committed to protecting and respecting your privacy. Below are the guidelines we adhere to for protecting your personal data. Please read these very carefully.
For the purpose of General Data Protection Regulation (GDPR), the data controller is Littlejohns Property Managers, having a place of business at 115 Lauriston Place Edinburgh EH3 9JG.
Information we may collect from you
We may ask you to provide information that will enable us to provide services to you, enhance your site visit, respond to requests for information, support our customer relationship, assist you with technical support issues or follow up with you after your visit.
We may ask for your name, address, email address, telephone number, occupation, credit card information and other bank details and other information that is necessary to process your application, provide requested services or register you for or subscribe you to services or offers.
In particular, we may collect and process the following data about you:
• If you contact us or make enquiries, we may keep a record of that correspondence
• We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them
• Details of transactions you carry out through our site and of the fulfilment of your property transactions as landlord or tenant; and/or
• Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data
Who has access to your information?
We will not sell your information to third parties or share your personal data for marketing purposes.
You have a choice about whether or not you wish to receive information from us. We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. If you no longer wish to receive email communication about our services then you are able to unsubscribe.
How you can access and update your information
You have the right to ask for a copy of the information we hold about you. We will provide this information to you electronically within a 30-day period, please note that for substantial or excessive enquiries this may invoke a small admin fee and may take up to 60 days for substantial enquiries.
You can find out more about you rights as a data subject at the Information Commissioner’s Office (https://ico.org.uk/) (ICO) website.
IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service.
They enable us:
• To estimate our audience size and usage pattern
• To store information about your preferences; this allows us to customise our site according to your individual interests
• To speed up your searches
• To recognise you when you return to our site
Where we store your personal data
Where personal data is stored on paper it will be kept in a secure place where unauthorised personnel cannot access it. Employees will ensure that no personal data is left where unauthorised personnel can access it. When the personal data is no longer required it will be disposed of by the employee so as to ensure its destruction. If the personal data requires to be retained on a physical file then the employee should ensure it is properly secured within the file, (e.g. stapled, or bound in any other secure manner within the file) which is then stored in accordance with our storage provisions.
If you would like to take your complaint further, you are also able to complain directly to the ICO who will contact us on your behalf.
A data breach can occur at any point when handling personal data and we have reporting duties in the event of a data breach or potential breach occurring. Breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach require to be reported externally to the ICO.
We take the security of data very seriously and in the unlikely event of a breach will take the following steps:
1: As soon as the breach or potential breach has occurred, and in any event no later than six (6) hours after it has occurred, the data breach must be recorded in writing of (i) what is the breach, (ii) how it occurred and (iii) what the likely impact of that breach is on any data subject(s).
2: We must seek to contain the breach by whatever means available.
3: We must consider whether the breach is one which requires to be reported to the ICO.
4: Notify third parties in accordance with the terms of any applicable data sharing agreements.
Reporting to the ICO
We are required to report any breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach, to the ICO within 72 hours of the breach occurring. The DPO must also consider whether it is appropriate to notify those data subjects affected by the breach.
Data Protection Officer
The Data Protection Officer in this instance is Littlejohns Property Managers and we have the responsibility and oversight over compliance under the data protection laws.
Archiving, retention and destruction of data
We cannot store and retain personal data indefinitely. We must ensure that personal data is only retained for the period necessary. We shall ensure that all personal data is archived and destroyed timeously and at the point that we no longer need to retain that personal data in accordance with the periods specified.
Review of this Privacy Notice
We keep this Privacy Notice under regular review, This Privacy Notice was last updated on 24th May 2018.