PRIVACY POLICY

GENERAL

City Walk Properties is committed to protecting and respecting your privacy. We are the data controller and will process your personal data in accordance with the Data Protection Act 2018, Regulation (EU) 2016/679 (the "GDPR") and the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended from time to time as well as any national laws which relate to the processing of personal data (“data protection legislation”).

​

1.2 Please read the following carefully to understand our views and practices regarding Your Data and how we will treat it.

​

This policy applies to information we collect about:

· Visitors to our website

· Customers

· Introducers

· Suppliers

1.1         We may collect and process personal data about you in the following circumstances:

1.1.1 when you complete the online contact forms on our website (https://www.citywalkproperties.co.uk/) providing us with your name, address, email address and contact number.

1.1.2 whenever you provide information to us when reporting a problem with our Site, making a complaint, making an enquiry, or contacting us for any other reason. If you contact us, we may keep a record of that correspondence.

1.1.3 when you visit our website, we will retain details such as traffic data, location data, weblogs and other communication data, and the resources that you access (see section 2.2.2 on Cookies below); and

1.1.4 whenever you disclose your information to us, or we collect information from you in any other way, through our Sites.

​

​

1. Use of Cookies

A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our website. We use cookies on this website to:

1. recognise you whenever you visit this website (this speeds up your access to the website as you do not have to log in each time);

2. obtain information about your preferences, online movements and use of the internet;

3. carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests;

4. target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests; and

5. make your online experience more efficient and enjoyable.  

2.2.3 Description of cookies

We may use the following categories of cookies on our website:

• Strictly necessary: These are cookies which are essential for certain features of our website to work. These cookies do not record identifiable personal information and we do not need your consent to place these cookies on your device. Without these cookies we will be unable to provide all or part of our services to you.

• Performance monitoring: We use these cookies to collect details on an anonymous basis about how you use our websites. This information may be used to help us improve our websites and understand how effective our adverts are. In some cases we use trusted third parties to collect this information for us but they only use the information for the purposes explained.

• Functionality: These cookies are used to provide services or remember your settings.  These cookies are aimed at enhancing your user experience by remembering your preferences. The information these cookies collect is anonymous and does not enable us to track your browsing activity on other websites.

1. We will collect details such as name, address, email address, contact number, date of birth, national insurance number and financial information in order to provide services to customers. We may also receive details of credit checks undertaken where you have supplied these to us.

1. We will share customer personal information with our employees to manage our relationship with you and we will retain customer personal data for 80 years.

1. We will use your personal data provided to comply with our contractual obligations arising from the agreements we enter into with our Customers and share the data with financial institutions who can assist in the provision of financial services to customers including product providers, lenders, banks, insurers, fund managers, platform providers and third party para-planners (including Tenet* paraplanners). 

1. We will use customer personal data for our legitimate interests including:

1. sharing personal data with Tenet* as they are responsible for the services we provide to our clients and have a legal obligation to monitor our compliance with the FSMA and Financial Conduct Authority rules. Further details regarding how Tenet will use customer personal data can be found on it’s website at https://www.tenet.co.uk/ or by contacting Tenet on 01132390011;

2. with your consent, marketing our other products and services by mail and email; and

3. with your consent, obtaining your sensitive personal data from third parties including your health, ethnic origin, or criminal prosecutions from third parties such as employers and credit reference agencies, fraud prevention agencies and other similar organisations.

4. We will not transfer any customer personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 8 of this Privacy Policy) .

*Tenet  means Tenet Group Limited, Tenet Limited, TenetConnect Limited, TenetConnect Services Limited, TenetLime Limited, its associated companies.

We will collect details such as contact names, address, email address and telephone number in order to contact you about goods and/or services we have ordered from you, to comply with our contractual obligations and to place further orders. We may share your personal data with our employees to manage our relationship with you and we will keep your personal data for as long as we require your goods and/or services subject to a maximum of [suggested retention period [six years] from the date of our last contact with you. We will not transfer your personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 8 of this Privacy Policy).

We will collect details such as contact names, address, email address and telephone number in order to contact you about goods and/or services we have ordered from you, to comply with our contractual obligations and to place further orders. We may share your personal data with our employees to manage our relationship with you and we will keep your personal data for as long as we require your goods and/or services subject to a maximum of [suggested retention period [six years] from the date of our last contact with you. We will not transfer your personal data outside the United Kingdom unless permitted to do so by data protection legislation (see section 8 of this Privacy Policy).

1.1 In accordance with data protection legislation we are required to notify you of the legal basis upon which we process your personal data. We process your personal data for the following reasons:
1.1.1 for performance of a contract we enter into with you;
1.1.2 where necessary for compliance with a legal obligation we are subject to; and
1.1.3 for our legitimate interests (as described within this policy).
1.2 We will also process your personal data including personal sensitive data  where we have obtained your explicit consent.

1.1 In addition to the third parties mentioned previously in this policy, we may disclose your personal data to third parties for the following legitimate business purposes:

1.1.1 staff members in order to facilitate the provision of services to you;

1.1.2 IT software providers that host our website and store data on our behalf;

1.1.3 Service providers who provide us with software solutions and platforms in order to carry out our business and provide services (including, without limitation, open banking services); and

1.1.4 to a prospective buyer of some or all of our business or assets, in which case personal data including Your Data will also be one of the transferred assets.The recipient of the information will be bound by confidentiality obligations. [Add any other circumstances you may need to share personal data with third parties for your own legitimate interests and where not already mentioned in sections 3, 4 and 5 above].

1.2 We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, eg in relation to ISO accreditation and the audit of our accounts.

1.3 We may disclose your personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

1.4 We will not sell or distribute your personal data to other organisations without your approval.

1. We share your personal data with external third parties in order to provide our services to you. Some of these third parties may transfer personal data outside the United Kingdom. We require such third parties to ensure that such transfers take place in accordance with data protection legislation.

2. Whenever we transfer your personal data out of the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or

• Where we use providers based in the US, we may transfer data to them if they are registered as being part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

8.3      Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the United Kingdom.

1.1  Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security where we are legally required to do so.
1.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
1.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

1.1 It is important that the personal data we hold about you is accurate and current.  Please keep us informed if the personal data we hold about you changes. 
1.2 Data protection legislation gives you certain rights in relation to your personal data.  You have the right to object to the processing of your personal data in certain circumstances and to withdraw your consent to the processing of your personal data where this has been provided.
1.3 You can also ask us to undertake the following:
1.3.1 update or amend your personal data if you feel this is inaccurate;
1.3.2 remove your personal data from our database entirely;
1.3.3 send you copies of your personal data in a commonly used format and transfer your information to another entity where you have supplied this to us, and we process this electronically with your consent or where necessary for the performance of a contract;
1.3.4 restrict the use of your personal data; and
1.3.5 provide you with access to information held about you and for this to be provided in an intelligible form.
1.4 We may request specific information from you to help us confirm your identity.  Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
1.5 Please send any requests relating to the above to our [Data Lead/Privacy Officer] at [To: Agent name: Ahmad Sabir,  Citywalk Properties Ltd
Address: The Atrium, 1 Harefield Road Uxbridge UB8 1EX,
Email address: info@citywalkproperties.co.uk
] specifying your name and the action you would like us to undertake. .