Crabtree PM Limited (‘Crabtree’), Company Number 01766406 whose registered office is 15 Galena Road, Hammersmith, London, England, W6 0LT is the “Data Controller” in respect of the information gathered and processed by us. The contact details of the “Privacy Controller”, who is your contact within Crabtree are at the end of this document. Crabtree takes great care with all data but especially personal data. We are committed to ensuring this is secure and processed in a lawful manner. This Privacy Notice details what data we process and why we do this. For further information please contact our Privacy Controller who is detailed in this document. Crabtree will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary. Crabtree is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data will be held in addition to these periods depending on individual business needs. Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
How We Collect Data
Visitors to our websites
When someone visits www.crabtreeproperty.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Use of cookies
Crabtree uses cookies to collect information about visitors’ use of our website, including things like connection speed, operating system details, the time and duration visits and IP addresses. The information collected by cookies enables Crabtree to understand the use of its site, including the number of visitors it has, the pages viewed per session, any error messages that occur, etc. This in turn helps to provide visitors with a better experience. Remus Management Limited will not attempt to personally identify visitors from their IP addresses or the use of these cookies.
For further information about cookies, visit www.allaboutcookies.org. You can set your browser not to accept cookies and the website mentioned tells you how to remove cookies from your browser. However, if you select this setting you may be unable to access certain parts of our site.
Search engine
Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected.
Security and performance
Crabtree uses a third party service to help maintain the security and performance of the website. To deliver this service it processes the IP addresses of visitors to the Crabtree website.
People who call us
When you call Crabtree we collect Calling Line Identification (CLI) information. We use this information to help improve its efficiency and effectiveness. When you call Crabtree we record a selection of calls. We use this information for training and also to help us provide a better service by being able to confirm what was said.
People who email us
We use Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Direct Debit Mandate
To fulfil our contractual obligation of collection of monies we offer an option of paying by Direct Debit. For Crabtree to process this correctly we will request bank information.
Contract
Our contract will contain personal information. This is required for us to provide the contracted services.
Third Parties
We receive information from third parties in relation to providing our services. This information will be processed in accordance with GDPR.
Other Forms / Documentation
We may collect or receive information in other forms during the course of providing the services we provide.
Who We Collect Information About, What Information We Collect, What We Use If For And Any Third Party With Whom The Information Is Shared.
What we collect and process will depend on your relationship with us and may change from time to time depending on legislation and operational requirements.
Personal data held in relation to lessees, freehold home owners and clients will include the following examples:
| Category of data | Purpose for processing data | Legal basis for processing | Third party organisations |
|---|---|---|---|
| Contact Details | Communication in relation job applications | The legitimate interest of communicating with job applicants | Third Party Accreditation Agencies and third party software and technical support providers |
| Documents relating to the recruitment process such as CV and qualifications | To fulfil our requirements of the recruitment process | The legitimate business interest of finding suitable candidates | Third Party Accreditation Agencies and third party software and technical support providers. |
| Contact details of referees | To obtain a reference | The legitimate business interest of obtaining a reference | Third Party Accreditation Agencies and third party software and technical support providers. |
| Appropriate background checks | To safeguard the assets, staff and clients of the employer, background checks may be taken | With explicit consent from you | Third Party Accreditation Agencies and third party software and technical support providers. |
| CCTV images | To provide security in buildings owned or managed by the company | The legitimate business interest of providing security | Third party software and technical support providers. |
| Identify documents | To ensure the identity of the applicant | Legal obligation to ensure the identity and right to work | Third party software and technical support providers. |
Personal data held in relation to suppliers will include the following examples (it will only be personal data for sole traders and unincorporated partnerships):
| CATEGORY OF DATA | PURPOSE FOR PROCESSING DATA | LEGAL BASIS FOR PROCESSING | THIRD PARTY ORGANISATIONS WITH WHOM IT MAY BE SHARED |
|---|---|---|---|
| Contact Details | Providing services to clients and customers | The legitimate business interest of providing effective building management services | Tenants, Lessees, Clients, Third Party Accreditation Services and third party software and technical support providers. |
| Bank Details | Payment of invoices | Legal obligation to pay for services |
Personal data held in relation to tenants who do not own the leasehold or freehold will include the following examples:
| CATEGORY OF DATA | PURPOSE FOR PROCESSING DATA | LEGAL BASIS FOR PROCESSING | THIRD PARTY ORGANISATIONS WITH WHOM IT MAY BE SHARED |
|---|---|---|---|
| Contact Details | Providing services to clients and to provide a duty of care to those in managed buildings | The legitimate business interest of providing effective building management services | Contractors or suppliers of services to the relevant building or property or emergency services if required and third party software and technical support providers and Resident Tenant Associations.. |
| CCTV images | Crime and anti-social behaviour prevention | The legitimate business interest of providing security | Police and third party software and technical support providers. |
| Contact details and vehicle registration for certain buildings | To ensure parking at buildings is maintained for the residents | The legitimate business interest of providing our service | Parking management companies and third party software and technical support providers. |
How We Protect The Information
We secure electronic and manual information in the following ways
- Complex password security
- Encryption
- Role based control of access
- Locked and alarmed buildings
- Contracts with third party processors and controllers
- Following the CCTV Code of practice
How Long We Keep The Information
We will keep your Personal Information only as long as necessary for the purposes for which we collected it and to comply with applicable law.
Depending on our relationship with you, we may keep your Personal Information for a number of years after our relationship ends.
In detail:
We will keep Personal Information for as long as is necessary for the purposes for which we collect it. The precise period will depend on the purpose for which we hold your information. In addition, there are laws and regulations that apply to us which set minimum periods for retention of Personal Information.We will provide you with further information if appropriate to give you a full picture of how we collect and use your Personal Information.
Use Of Data Processors
Data processors are third parties who provide elements of our service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Group companies with whom data is shared will act as Data Processors.
Overseas Transfers
None of the information that we collect process or store as a result of this website is transferred outside of the European Economic Area (EEA). This includes information that is exchanged with any third party organisation as described above.
Your Rights
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that Remus refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.
Complaints
The details for each of these contacts are:
| SUPERVISORY AUTHORITY CONTACT DETAILS | FPS PRIVACY CONTROLLER | |
|---|---|---|
| Address | Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 |
Marlborough House 298 Regents Park Rd Finchley London N3 2UU |
| Email: | casework@ico.org.uk | privacy@crabtreeproperty.co.uk |
| Telephone: | 0303 123 1113 | 01722 328 685 |
Changes To This Privacy Notice
We keep our privacy notice under regular review. This privacy notice was last updated on 15th November 2018.