Sanderson Green LLP (company number OC340341) (“we”) are committed to respecting and protecting your privacy.
This policy should be read in conjunction with the following policies which also apply to your use of our Website:
We have a Data Manager who is responsible for matters relating to privacy and data protection. The Data Manager can be reached at firstname.lastname@example.org or 13 Market Place, Caistor, Market Rasen LN7 6TW.
About Sanderson Green LLP
Sanderson Green LLP is limited liability partnership of George Sanderson, Sally Sanderson and Masons (Louth) Limited whose office is at 13 Market Place, Caistor, Market Rasen LN7 6TW.
What type of personal information is collected?
We are the controller and are responsible for your personal data.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
• Identity Data includes name, title, date of birth and gender.
• Contact Data includes residential address, email address and telephone numbers.
• Financial Data includes bank account and payment card details.
• Transaction Data includes details about payments to and from you and other details of services we have provided to you.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, identification number, online identifier, location data and other technology on the devices you use to access this Website.
• Profile Data includes your password, your interests, preferences, feedback and survey responses.
• Usage Data includes information about how you use our website, and services.
• Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
How do we collect personal information about you?
We obtain personal information about you that you provide to us through our website, emails, phone conversations, documents you provide to us or when you visit one of our branches, for example when you:
● Enquire about specific properties for sale or for rent
● Ask us to value your property
● Ask us to provide property management services
● Ask us to provide property and farm business advice
● Ask us to consider a loan application for AMC
● Register for our email newsletters
● Participate in one of our surveys
● Interact with us on our website and/or social media sites
● Create an account on our website
Third party links
This Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.
How long do we retain your personal information?
We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information for certain prescribed periods to fulfil our statutory obligations. Outside of specific statutory obligations, we will hold your personal data on our systems for as long as is necessary for the relevant purposes for which we use it, or in accordance with any retention periods set out in any relevant contract you hold with us.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We will retain [insert relevant personal information category or categories] for a minimum period of three weeks following 25th May 2018, and for a maximum period of ten years in accordance with RICS and FCA regulatory requirements. In some cases it is not possible for us to specify in advance the periods for which we will retain your personal information. In such cases, we will determine the period of retention based on the regulatory requirements of the RICS and the FCA.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
How do we use your personal information?
We may use the information that you directly provide to us in the following ways:
● We may use your name, address and contact details for the purpose of carrying out our obligations arising from any contracts entered into by you and us such as providing you with products and services you have requested, visiting and arranging viewings of your property. Our legal basis for this use is that it is necessary for the performance of a contract to which you are party.
● We may use your name, email address and postal address to provide you with information, you have requested from us, respond to enquiries or requests from you, communicate with you in relation to those enquiries or requests and arranging visits to your property by our staff. Our legal basis for this use is our legitimate interests, namely carrying out activities in the course of our business in response to customer enquiries or requests.
● We may use your name, email address and postal address to provide you with information regarding similar goods and services to those you have already enquired about or purchased. Our legal basis for this use is our legitimate interests, namely the ongoing marketing of our goods and services to individuals with whom we have an existing relationship in connection with our goods and services and/or who have expressed an interest in those goods and services;
● Where you have entered into a contract with us or we have provided you with services, we may use your name, email address, postal address or phone number to ask for your feedback about the services we have provided to you. Our legal basis for this use is our legitimate interests, namely evaluating and where necessary improving the quality of our service provision with a view to promoting the success of our business and positive customer relationships.
● Where you are a party to an existing contract with us or regularly enter into contracts with us for our goods and services, we may use your name, email address, postal address or phone number to notify you of changes to the terms and conditions of our services. Our legal basis for this use is our legitimate interests, namely the administration and management of our business contracts and relationships.
● We may use your name, email address and postal address to send you marketing communications, if you have chosen to receive these. These may include information about properties for rent or for sale, the current property market, promotions or offers. Our legal basis for this use is consent.
● We may use your contact details to verify your identity where necessary. Our legal basis for this use is compliance with a legal obligation to which we are subject our legitimate interests, namely ensuring the security of our systems, network and information and those of third parties.
We may use the information that we automatically collect using technical means through our website to:
● Measure or understand the effectiveness of our own advertising activity. Our legal basis for this use is our legitimate interests, namely improving the relevancy of our advertising.
● Measure or understand the effectiveness of our marketing emails. That derives from out contact list held on our websites, Jupix software, CRM database and paper files. Our legal basis for this use is consent.
We may analyse the personal information we collect directly from you and obtain using automated technical means to create a profile of your interests and preferences so that we can contact you with information relevant to you (if you have chosen to receive marketing communications from us). We may make use of additional information about you when it is available from external sources to help us do this effectively. These sources include AMC( Part of Lloyds Bank) and social media such as Facebook and Instagram.
We may also use any of your personal information that we collect from you directly and additional information about you from external sources where necessary to detect and reduce fraud and credit risk. This use of your personal information is in our legitimate interests in preventing our business being subject to fraud or credit risk.
Who has access to information?
We will not sell or rent your information to third parties.
We may pass your information to third party service providers, including but not limited to business partners, suppliers and sub-contractors working on our behalf for the purposes of completing tasks and providing services to you. These are suppliers and contractors that provide services for our clients such as maintenance contractors, EPC surveyors, subcontractors providing professional services to our clients by this firm. Should you require further details please contact us.
When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and otherwise use your information in accordance with applicable data protection law.
We may disclose your personal information to our insurers and /or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
In addition to the specific disclosures set out in this section, we may disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person, or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative out-of-court procedure.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We do not transfer your personal data outside the European Economic Area (EEA).
In this section we have summarised the rights that you have under data protection law. Some of the rights are complex, applying only in certain circumstances and subject to certain exceptions, and in the interests of keeping this policy concise, not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
You have the right:
● To object to us processing your personal information for marketing purposes. If you object, we will stop processing your personal information for this purpose. When we collect your data, you can choose whether or not you wish to receive marketing communications from us. If you wish to stop receiving marketing communications, you can opt out at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
● To request access the information we hold about you and certain information about our processing of it and your rights in relation to it.
● In certain circumstances, to obtain erasure (deletion or removal) of the personal information we hold about you, subject to certain exceptions.
● To request rectification of the information we hold about you where it is inaccurate or incomplete.
● In certain circumstances, to restrict our processing of your personal information or object to us processing it If you object, we will stop processing your personal information unless certain exceptions apply.
● Where our legal basis for processing your personal information is your consent or the performance of a contract and we process it by automated means, to be provided with the personal information we hold about you in structured, commonly used and machine readable format and to transmit the information to another controller.
● To not be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly affecting you, subject to certain exceptions.
● Where our processing of your personal information is based on your consent, to withdraw that consent at any time. If you withdraw your consent, we will stop the relevant processing, but it will not affect the lawfulness of our processing before the withdrawal.
● To request the transfer of your personal data to you or a third party.
To exercise any of these rights, email us at email@example.com or 13 Market Place, Caistor, Market Rasen LN7 6TW. In addition, you can exercise your right to object to direct marketing at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Security precautions in place to protect your information
We take appropriate technical and organisational precautions to secure your personal information and prevent its loss, misuse or alteration. All information you provide to us is stored on our secure servers. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
The transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and for this reason we cannot guarantee the security of data sent between us over the internet.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We keep this Policy under regular review. This Policy was last updated on 24th Sep 2019
We may change this privacy notice from time to time. If so, we will notify you by email or website update or otherwise of material changes.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
You can obtain further information about data protection laws by visiting the Information Commissioner's Office website at www.ico.org.uk.