At Seraph Property Management, we’re committed to respecting and protecting your privacy.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated on 15.4.2021
About Seraph Property Management
Seraph Property Management is a trading name of Seraph Estates (Cardiff) Ltd registered in England and Wales, company registration number 7791713. The registered office is Seraph Property Management, 1, St. Martin’s Row, Albany Road, Cardiff CF24 3RP and we are based in the UK.
The person responsible for all matters concerning the privacy and processing of any personal data, also known as the Data Controller, is:
Miss Celyn Evans
Seraph Estates (Cardiff) Ltd T/A Seraph Property Management
1 St.Martin’s Row
The Data Controller can be contacted at email@example.com or you can write to the above address.
How do we collect personal information about you?
We obtain personal information about you that you provide to us through our website, emails, telephone conversations, documents you provide to us or when you visit one of our branches, for example when you:
We also obtain personal information relating to you using automated technical means when you visit our website.
What type of personal information is collected?
The information we collect from you might include (but is not limited to) your name, address, email address, phone number, date of birth and financial details and any other information you choose to provide to us. During the Covid-19 pandemic, we may also be obligated to collect health data, such as whether you have symptoms of Covid-19, if you have been tested positive for Covid-19 or had any contact with anyone who has tested positive. This information is required in order to keep staff and customers safe. Please see further information relating to this at the end of this notice.
The information we collect through our website using automated technical means includes: the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, identification number, online identifier and location data. We also collect information about your website visit including which website pages are accessed, page response times and length of visits to pages.
How long do we retain your personal information?
We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information for certain prescribed periods to fulfil our statutory obligations. Outside of specific statutory obligations, we will hold your personal data on our systems for as long as is necessary for the relevant purposes for which we use it, or in accordance with any retention periods set out in any relevant contract you hold with us.
We will retain personal information (for landlord and tenant) relating to a tenancy organised by us for:
For all blocks we manage, we hold both freeholder and leaseholder information, this includes contact details such as name, address, phone number and contact number. In instances where the property is sublet we would also require tenants contact information, we collect this information on the basis that you have obtained consent to pass these on to us.
When you subscribe to our newsletter we collect your name and your email address, which will be stored in our email marketing system. We keep this information for the duration of your custom.
We need this data to be able to send you details of your block, including Annual General Meetings, service charges, improvements to the block and local news. We are processing this data with your consent. You may withdraw your consent at any time by clicking on the unsubscribe link at the bottom of the newsletter.
Your details are stored in our customer database. We require this data so that we can meet legal requirements in relation to anti-money laundering legislation and for our financial records, we keep this for the required period of seven years.
Should the property require maintenance etc we will require your address, postcode and contact telephone numbers plus any pertinent company information such as VAT number, company number and if necessary, copies of insurances, accreditations or training etc. Your details are stored in our supplier database and our accounts software.
All records are hosted in the UK, EU or in countries with EU equivalency.
In some cases, it is not possible for us to specify in advance the periods for which we will retain your personal information. In such cases, we will determine the period of retention based on the following criteria:
(a) the legal basis or legitimate interest to retain the data
(b) your personal preferences
How do we use your personal information?
We may use the information that you directly provide to us in the following ways:
We may use the information that we automatically collect using technical means through our website to:
We use MailChimp for marketing or information messages to customers. Personal data is stored within our MailChimp account in order to allow us to create distribution lists and send email campaigns. Our legal basis for this use is consent to contact you where you have opted in to marketing messages or, where you have entered into a contract with us or we have provided you with services, we may use your email address to inform you about any changes to legislation that may affect you. Our legal basis for this use is our legitimate interests, namely ensuring the legal compliance of Seraph Property Management and its customers.
We may analyse the personal information we collect directly from you and obtain using automated technical means to create a profile of your interests and preferences so that we can contact you with information relevant to you (if you have chosen to receive marketing communications from us). We may make use of additional information about you when it is available from external sources to help us do this effectively. These sources include the Land Registry Public Register.
We may also use any of your personal information that we collect from you directly and additional information about you from external sources where necessary to detect and reduce fraud and credit risk. These sources include Credit Risk Agencies, the Land Registry Public Register and Companies House Public Register. Our legal basis for this use of your personal information is our legitimate interests in preventing our business being subject to fraud or credit risk. Where a credit check is completed (this would not be carried out without your express permission to do so) this is a “soft” search and does not leave a footprint on your credit file, only you will be able to see that a search has been undertaken. A credit check is only usually undertaken for applicant tenants of rental properties and would not apply to Landlords, Vendors or Purchasers.
Who has access to information?
We will not sell or rent your information to third parties. We may pass your information to third party service providers, including but not limited to:
Business partners, suppliers and sub-contractors working on our behalf for the purposes of completing tasks and providing services to you.
Your personal data, including name, address, contact details and preferences will be shared with:
When we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and otherwise use your information in accordance with applicable data protection law.
We may disclose your personal information to any member of our group of companies. This means our subsidiaries, our ultimate holding company and all its subsidiaries insofar as reasonably necessary for the purposes set out in this policy.
We may disclose your personal information to our insurers and /or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
In addition to the specific disclosures set out in this section, we may disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person, or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative out-of-court procedure.
This Policy seeks to ensure that the Close Circuit Television (CCTV) system used by Seraph Property Management is operated in compliance with the law relating to data protection (currently the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA 2018”))
We seek to ensure compliance with privacy law and take into account best practice as set out in codes of practice issued by the Information Commissioner. We, therefore, use CCTV only where it is necessary in pursuit of a legitimate aim.
We use CCTV in order to:
CCTV images will not be retained for longer than necessary, taking into account the purposes for which they are being processed. Data storage is automatically managed by the CCTV digital records which overwrite historical data in chronological order to produce an approximate 28-day rotation in data retention. All retained CCTV images will be stored securely.
Third-party requests for access will usually only be considered in line with the GDPR and DPA 2018 in the following categories:
In this section we have summarised the rights that you have under data protection law. Some of the rights are complex, applying only in certain circumstances and subject to certain exceptions, and in the interests of keeping this policy concise, not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
You have the right:
To exercise any of these rights, please contact us at firstname.lastname@example.org or Seraph Property Management, 1, St. Martin’s Row, Albany Road, Cardiff CF24 3RP
In addition, you can exercise your right to object to direct marketing at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
If you consider that our processing of your personal information infringes data protection laws, you have the right to lodge a complaint to a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. More information about lodging a complaint with the Information Commissioner’s Office (the relevant UK supervisory authority) can be found at https://ico.org.uk/concerns/.
Security precautions in place to protect your information
We take appropriate technical and organisational precautions to secure your personal information and prevent its loss, misuse or alteration. All information you provide to us is stored on our secure servers. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
The transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and for this reason we cannot guarantee the security of data sent between us over the internet.
Website and Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Social Media Policy
You may interact with employees or representatives of Seraph Property Management Sales and Lettings speaking on behalf of Seraph Property Management Sales and Lettings on Twitter, Facebook and other social media. When interacting on those platforms you are subject to the terms and conditions of those platforms as well as any privacy policies of those platforms.
Should you choose to interact with Seraph Property Management Sales and Lettings on these platforms,
Should we use your material in this way, Seraph Property Management will not misrepresent or change the meaning of your material, though we may edit for brevity or clarity.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
Under government guidance and for the business to continue to operate, measures have been put in place to ensure the organisation is covid-secure. This notice describes how we may use your information to protect you and others during the COVID-19 outbreak.
We may seek to collect and process information from you, which is above and beyond what would ordinarily be collected. This is necessary to ensure your safety and well-being, however we will ensure that this will be limited to what is proportionate and necessary for us, in accordance with Government guidance, to manage and contain the virus and enable us to effectively keep people safe, put contingency plans into place to safeguard those who are vulnerable and to aid business continuity.
We will collect health data in relation to covid-19. We will only keep your information for as long as it is necessary, as a minimum the information outlined in this privacy notice will be kept for the duration of the COVID-19 response. When the information is no longer needed for this purpose, it will be securely deleted.
You can obtain further information about data protection laws by visiting the Information Commissioner’s Office website at www.ico.org.uk.