top of page

​

PRIVACY POLICY

 

Contents

 

1.         Introduction

2.         Data

3.         Processing of personal data

4.         Data sharing

5.         Data storage and security

6.         Breaches

7.         Data subject rights

8.         Archiving, retention and destruction of data

9.         Appendix (Fair Processing Notice)

​

 

 

1.         Introduction

Peter & Julie Wood (“I” or “We” or 'Us') am committed to ensuring the secure and safe management of data held by us in relation to customers, and other individuals. I, or any other third-party that I contract with in fulfilment of my landlord obligations, have a responsibility to ensure compliance with the terms of this policy, and to manage individuals’ data in accordance with the procedures outlined in this policy and documentation referred to herein.

 

I need to gather and use certain information about individuals. These can include customers (tenants) and other individuals that I have a contractual relationship with. I manage a significant amount of data, from a variety of sources. This data contains “personal data”.

 

This policy sets out my duties in processing that data, and the purpose of this policy is to set out the procedures for the management of such data.

 

2.         Data

I hold a variety of data relating to individuals, including customers (also referred to as “data subjects”) which is known as personal data. The personal data held and processed by me is detailed within the “fair processing notice” (FPN) in the  Appendix.

 

Personal data is that from which a living individual can be identified either by that data alone, or in conjunction with other data held by me.

 

3.         Processing of personal data

I am permitted to process personal data on behalf of data subjects provided I am doing so on one of the following grounds:

  • processing is necessary for the performance of a contract between the data subject and I, or for entering into a contract with the data subject;

  • processing is necessary for my compliance with a legal obligation;

  • processing is necessary to protect the vital interests of the data subject or another person;

  • processing is necessary for the purposes of legitimate interests.

  • processing with the consent of the data subject

​

I have produced a fair processing notice (FPN) which I am required to provide to all customers whose personal data is held by me. That FPN will be provided to the customer from the outset of processing their personal data - see Appendix.

​

4.         Data Sharing

We do not share your data with any 3rd parties for their own purposes; marketing or otherwise.

In order to carry out our contractual obligations and our legitimate interests, we will need to share your data with 3rd parties from time to time. These are the only circumstances in which we will share your data.

For example: 

  • Deposit holder organisations

  • Maintenance contractors

  • Utilities companies

 

We may be required to disclose personal data to the Police or other law enforcement agencies.

 

5.         Data storage and security

All personal data held by me will be stored securely, whether electronically or in paper format.

 

Paper storage

If personal data is stored on paper it will be kept in a secure place where unauthorised personnel cannot access it. When the personal data is no longer required it will be disposed of.

 

Electronic storage

Personal data stored electronically will be protected from unauthorised use and access.

 

6.         Breaches

A data breach can occur at any point when handling personal data and I have reporting duties in the event of a data breach or potential breach occurring. Breaches which pose a risk to the rights and freedoms of the data subjects who are subject of the breach require to be reported externally.

 

Reporting to the ICO

I am required to report any breaches which pose a risk to the rights and freedoms of the data subjects who are subject of the breach to the ICO within 72 hours of becoming aware of the breach occurring. I must also consider whether it is appropriate to notify those data subjects affected by the breach.

 

 

7.         Data subject rights

Certain rights are provided to data subjects under the GDPR.

  • To view the personal data held about them, whether in written or electronic form.

  • To request a restriction of processing their data

  • A right to be forgotten

  • A right to object to my processing of their data

  • A right to have your details amended if they are out of date or incorrect

 

Subject access requests

If you would like to have a copy of your data or to request that your data be amended please put your request in writing to petewood10@gmail.com.

Data subjects are permitted to view their data held by me upon making a request to do so (a subject access request). Upon receipt of a request by a data subject, I will respond to the subject access request within one month of the date of receipt of the request.

 

Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so, unless we believe we have a legitimate overriding reason to continue processing your personal data.

 

 

8.         Archiving, retention and destruction of data

We will keep your personal data only as long as it is necessary and at the end of that period your data will be deleted. See FPN appendix for specific time periods.

 

Contacting the Regulator

If you are unhappy with how your data has been handled you can raise this with the Regulator by calling 0303 123 1113

 

 

Appendix - GDPR Fair Processing Notice

 

(How I use your personal information)

​

This notice explains what information I collect, when I collect it and how I use this. During the course of my activities, I will process personal data (which may be held on paper, electronically, or otherwise) about you and I recognise the need to treat it in an appropriate and lawful manner. The purpose of this notice is to make you aware of how I will handle your information.

 

Who am I?

Peter & Julie Wood (“I” or “me”) take the issue of security and data protection very seriously and strictly adhere to guidelines published in the [Data Protection Act of 1998] and the General Data Protection Regulation (EU) 2016/679 which is applicable from the 25 May 2018, together with any domestic laws subsequently enacted.

 

I am notified as a data controller with the Information Commissioner's Office (ICO) under registration application number A8332335 and I am the data controller of any personal data that you provide to me.

 

Any questions relating to this notice and my privacy practices should be sent to petewood10@gmail.com

 

How I collect information from you and what information I collect

I collect information about you:

  • when you become a tenant, request services/repairs, enter into a tenancy agreement with myself howsoever arising or otherwise provide me with your personal details;

  • from your use of my online services, whether to report any tenancy related issues, make a complaint or otherwise;

  • from your arrangements to make payment to me (such as bank details, payment card numbers, employment details, benefit entitlement and any other income and expenditure related information).

 

I collect the following information about you:

  • Name;

  • Address;

  • Telephone number;

  • email address,

  • Bank account details (only when necessary e.g. to provide reimbursement of costs you may incur on my behalf)

 

I receive the following information from third parties:

  • payments made by you to me;

  • complaints or other communications regarding behaviour or other alleged breaches of the terms of your contract with me, including information obtained from Police Scotland;

  • reports as to the conduct or condition of your tenancy, including references from previous tenancies, and complaints of anti-social behaviour.

  • Credit reference search data (your consent will be sought before any credit reference search is undertaken)

  • Tenant contact information if a Letting Agent is used to source tenants

 

Why I need this information about you and how it will be used

I need your information and will use your information:

 

  • to undertake and perform my obligations and duties to you in accordance with the terms of my contract with you;

  • to enable me to supply you with the services and information which you have requested;

  • to enable me to respond to your repair request, or any complaints made;

  • to analyse and collect so that I can administer, support and improve and develop my business and the services I offer;

  • to contact you in order to send you details of any changes to my suppliers which may affect you;

  • for all other purposes consistent with the proper performance of my operations and business; and

  • to contact you for your views on my products and services. 

 

Sharing of your information

We do not share your data with any 3rd parties for their own purposes; marketing or otherwise.

In order to carry out our contractual obligations and our legitimate interests, we will need to share your data with 3rd parties from time to time. These are the only circumstances in which we will share your data.

 

  • if I instruct repair, maintenance, or certification works, your information may be disclosed to any contractor;

  • if I am investigating a complaint, information may be disclosed to Police Scotland, local authority departments, the Scottish Fire & Rescue Service and others involved in any complaint, whether investigating the complaint or otherwise;

  • if I am updating tenancy details, your information may be disclosed to third parties (such as utility companies and the local authority);

  • if I am investigating payments made or otherwise, your information may be disclosed to payment processors, the local authority and the Department for Work & Pensions;

  • for the purposes of facilitating the transfer of your deposit to a Deposit Holder company as required under Scottish law;

  • for the purposes of taxes, your information may be disclosed to HMRC;

 

Unless required to do so by law, I will not otherwise share, sell or distribute any of the information you provide to me without your consent.

 

Transfers outside the UK and Europe

Your information will only be stored within the UK and the European Economic Area. (EEA).

 

Security

When you give me information I take steps to make sure that your personal information is kept secure and safe as detailed in the Privacy Policy.

 

How long I will keep your information

I review my data retention periods regularly and will only hold your personal data for as long as is necessary. Normally this is a maximum of one year after the tenancy has ended. This is necessary to facilitate subsequent reference requests, resolve any outstanding utility bill issues, facilitate deposit refunds etc.

 

Your rights

You have the right at any time to:

 

  • ask for a copy of the information about you held by me in my records;

  • require me to correct any inaccuracies in your information;

  • make a request to me to delete what personal data of yours I hold; and

  • object to receiving any marketing communications from me.

 

If you would like to exercise any of your rights above please contact me at petewood10@gmail.com.

 

Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so, unless we believe we have a legitimate overriding reason to continue processing your personal data.

 

Complaints

Should you wish to complain about the use of your information, I would ask that you contact me to resolve this matter in the first instance. You also have the right to complain to the ICO in relation to my use of your information.  The ICO’s contact details are noted below:

 

The Information Commissioner’s Office – Scotland

45 Melville Street, Edinburgh, EH3 7HL

Telephone: 0131 244 9001

email: scotland@ico.org.uk

 

The accuracy of your information is important to me - please help me keep my records

updated by informing me of any changes to your email address and other contact details.

​

​

​

How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

​

Links to other websites

Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and this privacy statement does not govern such sites. You should exercise caution and look at the privacy statement applicable to the website in question.

​

​

Privacy & Cookies

bottom of page