1. What personal data is essential for the effective running of our business?
As a local single office estate agent that deals with sales and lettings we collect personal data from lettings applicants, sales applicants, landlords and vendors. This information includes names, addresses, phone numbers email addresses & postal addresses.
We also require information regarding people’s financial status relating to credit searches for letting applicants and mortgage information for sales applicants.
Also as part of ongoing anti money laundering, anti-fraud, the proceeds of crime act we collect personal identification documents such as photographic ID and proof of residency.
2. How do we collect this data?
We use several methods of obtaining this information. 1, face to face. 2, telephone. 3, email.
3. How do we store this data?
We store information both electronically and physically. Electronic data is stored on an encrypted secure server and all terminals that can access this server require multiple passwords to access it. Passwords are personalised for each user and not shared. Once this data had been used for its intended purpose it is deleted.
Physical data is stored in clearly labelled files and kept in a locked filing cabinet, the keys of which are also secured in a separate location and are inconspicuously labelled. Once the data has been used for its intended purpose it is labelled and dead filed in a secure place for a period of 5 years or until it is deemed unnecessary to keep it.
4. Do we share any personal data we collect with any 3rd parties?
We occasionally share personal data with 3rd parties but only if it is of benefit to the individual and only once consent is obtained to do so by the individual.
Personal information is not shared unless the individual fully understands who it is being shared with, the reasons for it being shared and have explicitly agreed for their information to be shared.
5. If so, to who and why and do we make this clear/gain consent from the individual?
We may share details with 3rd parties for the purpose of detecting/preventing fraud, money laundering and other criminal activity such as terrorism.
We may also see it necessary to share details to other trusted businesses which are relevant to the needs of the individual and that would benefit the individual. We only share details with 3rd parties once we have made it clear to the individual why we intent to share their details, how this benefits them and they have given us explicit consent to do so.