Privacy Policy
General
This privacy statement sets out how Exchange Residential Limited complies with General Data Protection Regulations (GDPR) implemented on 25 May 2018.
It explains in detail the types of personal data we may collect about you when you interact with us, plus how we’ll store, handle and keep the data safe.
Any changes to these policies will be posted on www.exchangeresidential.com
You can access this privacy statement via our homepage. www.exchangeresidential.com is committed to respecting your privacy.
We have structured our website so that, in general, you can visit www.exchangeresidential.com on the web without identifying yourself or revealing any personal information. Once you choose to provide us with any information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
About Exchange Residential
Exchange Residential is a company registered at 1 Maling Court, Union Street, Newcastle upon Tyne, NE2 1BP. Company number 4920184. Exchange Residential is a part of Adderstone Group.
Throughout this notice, ‘we’ and ‘us’ means Exchange Residential and companies which are part of the Adderstone Group.
On what legal basis are we operating?
The law on data protection sets out a number of reasons for which a company may collect and process personal data, including:
Consent
In specific situations, we can collect and process your data with your consent. For example, when you tick a box to receive email newsletters.
Contractual obligations
In some circumstances, we need your personal data to comply with our contractual obligations.
For example, if you sign up to live in a residential property with us we will require details to carry out relevant credit reference checks or pass them to external agencies that provide us with this service.
Or you require maintenance where your details may be provided to a third party
Or your details will be provided to the local authority for council tax purposes.
Please refer to your tenancy agreement for a full list of contractual obligations.
Legal compliance
If the law requires us to, we may need to collect and process your data.
For example, we may pass on details of people whom we believe are involved in fraud or other criminal activity to the police or other law enforcement agencies.
Legitimate interest
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights. For example, we will use your lettings or sales history to make available personalised offers.
We will also use your email address details to send you marketing information by email, telling you about offers and incentives that we think might interest you.
When do we collect your personal data?
When you visit any of our websites and submit your details via an enquiry form, or lettings platform i.e. Rightmove.
When you complete a booking form or sign up to a tenancy agreement with Exchange Residential Limited.
When you complete a legal agreement or sign up to letting a commercial property from Adderstone Group or one of its member businesses.
When you purchase a property from Adderstone Group or one of its member businesses.
When you engage with us on social media.
When you contact us by any means with queries, complaints etc.
When you ask us to email you information about a service we provide.
When you choose to complete any surveys we send you.
When you’ve given a third party permission to share with us the information they hold about you.
What sort of personal data do we collect?
If you let or purchase a property from Exchange Residential or an Adderstone Group company: your name, date of birth, address, email and telephone number will be collected, as will encrypted bank details, if required.
Copies of documents you provide to prove your age or identity where the law requires this. (including your passport and driver’s licence). This will include details of your full name, address, date of birth and facial image. If you provide a passport, the data will also include your place of birth, gender and nationality.
Information gathered by the use of cookies in your web browser. Learn more about how we use cookies and similar technologies in our T&C and Cookie Policies.
Personal details which help us to recommend future properties of interest to let and for sale. It is always your choice whether you share such details with us.
How and why do we use your personal data?
To enable you to have the best possible customer experience such as to offer you promotions and services that are most likely to interest you. The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.
If you wish to change how we use your data, you can request this, or unsubscribe to communications at any time.
If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services or information you’ve asked for.
Here’s how we’ll use your data and why:
To complete any bookings that you make by using our websites or in our offices.
To respond to your queries, requests and complaints. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service.
With your consent, we will use your personal data and details of your purchases or lettings to keep you informed by email, text and telephone about relevant services including special offers, discounts, promotions, events and so on.
In the case of letting or purchasing a property from us, to run the relevant credit checks directly and through third parties.
To send you survey requests to help improve our services. We have a legitimate interest to do so as this helps make our products or services more relevant to you.
You are free to opt out of hearing from us by any of these channels at any time.
How we protect your data
We know how much data security matters. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We secure access to transactional areas of our websites and apps using ‘https’ technology.
Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption.
We regularly monitor our system for possible vulnerabilities and attacks.
How long will we keep your personal data for?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
An example of customer data retention periods:
Legal
We’ll keep personal data an appropriate length so as to comply with our legal and contractual obligations.
Who do we share your data with?
We sometimes share your personal data with trusted third parties. For example, partner businesses within the Adderstone Group, IT support, to enable us to deal with maintenance, to help us personalise our offers to you and so on.
We provide only the information they need to perform their specific services.
We work closely with them to ensure that your privacy is respected and protected at all times.
Examples of the kind of third parties we work with are:
IT companies who support our website and other business systems.
Direct marketing companies who help us manage our electronic communications with you.
Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Notice for details.
We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
We may, from time to time, expand, reduce or sell businesses or properties owned by Adderstone Group and this may involve the transfer of divisions or the whole business to new owners. It may also involve the transfer of tenants to a new owner or landlord. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
What rights do you have over your data?
You have the right to request:
Access to the personal data we hold about you, free of charge in most cases.
The correction of your personal data when incorrect, out of date or incomplete.
For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.
That we stop using your personal data for direct marketing.
You have the right ask for your information to be amended or to request a copy of any information about you that Exchange Residential holds at any time, and also to have that information corrected if it is inaccurate. To ask for your information, please contact Exchange Residential, 1 Maling Court, Union Street, Newcastle upon Tyne, NE2 1BP, or email lets@exchangeresidential.com
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
How you can stop the use of your personal data for direct marketing
Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from that particular division.
Write to Exchange Residential, 1 Maling Court, Union Street, Newcastle upon Tyne, NE2 1BP
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
Contacting the regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk/concerns
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
If you live outside the UK, by providing your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf. Of course, you still have the right to ask us not to process your data in certain ways, and if you do so, we will respect your wishes.
Sometimes we’ll need to transfer your personal data between countries to enable us to supply the goods or services you’ve requested. In the ordinary course of business, we may transfer your personal data from your country of residence to ourselves and to third parties located in the UK.
By dealing with us, you are giving your consent to this overseas use, transfer and disclosure of your personal data outside your country of residence for our ordinary business purposes.
This may occur because our information technology storage facilities and servers are located outside your country of residence, and could include storage of your personal data on servers in the UK.
Viruses, hacking and other offences
You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack.
By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately. We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any material posted on it, or on any website linked to it.
Other websites
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How we use cookies
A cookie is a piece of text which asks permission to be placed on your computer’s hard drive.
Once you agree, your browser adds that text in a small file. A cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. For example, when you visit an electronic store, a cookie makes it easier to shop, by allowing you to place things into a shopping basket; the basket itself is not the cookie, the cookie is placed on your hard drive and keeps track of your basket versus others in use at the same time.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Denial of a traffic log cookie should not prevent you from using one of these sites.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. This practice is strictly in force. We know that people have concerns about cookies, but we believe that the benefit we both gain from their proper use is worthwhile.
You may set your web browser (Microsoft Internet Explorer, Safari or Firefox) to notify you of cookie placement requests or decline cookies completely. You can delete the files that contain cookies – those files are stored as part of your internet browser.
Any questions?
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions that haven’t been covered, write to us at Exchange Residential, 1 Maling Court, Union Street, Newcastle upon Tyne, NE2 1BP or email lets@exchangeresidential.com
It’s likely that we’ll need to update this Privacy Notice from time to time. We’ll notify you of any significant changes, but you’re welcome to come back and check it whenever you wish.
Last Updated 23.05.2018