General Data and Privacy Policy

Who we are

In this Privacy Policy, “We”, “Us” and “Our” means Mizen Properties Limited (registered in England & Wales under number 02244745) and its subsidiaries and affiliates. The registered offices for Mizen Properties Limited and associated companies is at No 1 Railshead Road, St Margarets, Isleworth, England, TW7 7EP. Mizen Properties Limited is acting as the data controller for the group and its affiliates.

In this Privacy Policy, “our website” means ‘http://mizen.co.uk’

We are committed to protecting your privacy and aim to be clear when we collect your information and use it only as you would reasonably expect.

How we collect personal information

We collect personal information from you directly through our website, over the phone, through surveys, and sometimes on paper forms.

Indirectly, Local Authorities, third-party intermediaries, and our representatives may provide us with your personal information so long as they are GDPR compliant.

We may collect information about the software on your computer or device (your browser version etc.) and your IP address (your connection with the internet) to improve your interaction with our website and for our records. This may happen automatically without you being aware of it.

We may use cookies (small text files which we and other website operators store on your computer or device when you visit our website) to deliver a better and more personalised interaction. They enable us to recognise you when you return to our website, store information about your preferences, and improve the way your searches are processed. They also enable us to generate statistics about the number of visitors we have and how they use our website and the internet at large. You can set your browser to reject our cookies if you wish (you should consult your browser help section for details), but this might restrict your use of our website and other websites.

What personal data we collect and why we collect it

We process personal information to enable us to provide property and land services to our clients either directly or through one of our partners and affiliates; promote the services we offer; maintain our own accounts and records; support and manage our employees.

We process information relevant to the above reasons/purposes. This may include:

  • personal details
  • family details
  • lifestyle and social circumstances
  • employment and education details
  • financial details
  • goods and services provided

We process personal information about:

  • clients
  • suppliers
  • advisers and professional consultants
  • enquirers
  • employees

Our legal basis for processing personal information

Our lawful basis for the purposes that we process personal information is for the performance of our contract with you regarding property letting, property management, property sales, and structural and defect warranty enforcement.

The law allows us to collect and use personal data if it is necessary to carry out our contractual duties so long as its use is fair, balanced and does not unduly impact your rights. In many situations, the best approach is to process personal data because of our contract with you and our legitimate interests as a land and property developer, rather than through explicit consent. However, we will ask for your consent to send you marketing emails and text messages. You can withdraw consent at any time.

We do not expect to receive or process sensitive personal data. In extreme situations, we may share your personal details with the emergency services if we believe it is in your ‘vital interests’ to do so. For example, if someone is taken ill during one of our events such as an open house or a scheduled viewing.

We may also share your personal information where we are compelled by law to do so.

We process employee personal information to meet our legal obligations as an employer.

Who we share your data with

We may share your personal data with the other companies in our group or with agents working in our behalf, which includes Mizen Design/Build, Ardrea Estates, Drylining UK, Blueprint Properties, and St Mark Homes. For more information about our group, agents, and affiliated companies, please visit our main website at ‘mizen.co.uk’ or email us directly at the contact in the bottom of this document. We share information with these companies so that they can help us to provide services, comply with our contract with you, and get to know you better. For instance, if you have an issue with your home we may share your info with our group contractors to schedule repairs.

If we run an event in partnership with another named organisation your details may need to be shared with them. We will be very clear what will happen to your personal information before you register for such an event.

You will only receive marketing emails from other companies in our group when you have given your consent to each individual company.

We do not sell your personal data to third parties and we only allow third parties to send you marketing communications if you have given your consent.

We may also give your personal data to the following third parties, for the purposes described below:

  • Our partner contractors and construction traders, for instance, to schedule repairs covered under contract or warranty.
  • Credit and debit card companies, credit reporting agencies and fraud control service providers, to process payments and (when necessary) carry out fraud controls.
  • In response to legal requirements by the government and police, such as customs and immigration authorities.
  • External service suppliers that we hire to provide services, like carrying out marketing initiatives or conducting surveys with customers on our behalf so long as they are GDPR compliant and have a legal basis for handling the data.
  • Third parties like law firms and courts, to demand compliance or the application of a contract with you.
  • Third parties, like the police and regulatory authorities, to protect our rights, property, or the safety of our customers, employees and assets.
  • Third parties to which we give data on the use of the website (but not personal data) so they know you have visited our websites.
  • When necessary in order to fulfil a legal obligation in any jurisdiction, including when said obligation is caused by an action or omission by us.

How long we retain your data

We will only keep personal information for as long as we have a valid reason for keeping it. After that, we delete or dispose of the information securely.

We keep personal information about:

  • Advice we have provided for two years irrespective of whether the contractual relationship has lapsed.
  • Complaints and feedback for two years.
  • Tenant and private buyer details for seven years after offer has been accepted and contract signed.
  • Tenant and private buyer details for two years after offer has been rejected.
  • Event applications, registrations and administration for two years after the event has taken place.
  • Surveys for three years after the survey so that data can be referenced for statistical analysis.
  • Analytics information from Google for three years and two months.
  • Employees for the duration of their employment and six years after employment ceases in accordance with the law.

What rights you have over your data

If you believe we hold your personal data, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any and all data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we store your personal information

The data that you provide us with will typically be stored and processed within the European Economic Area (“EEA”). However, some of the services we use will mean that your data may be transferred to and stored at, a destination outside the EEA. In these cases we ensure that the provider is able to operate under the EU Binding Corporate Rules arrangement. Binding Corporate Rules (“BCRs”) are company-wide data protection policies approved by European data protection authorities to facilitate intra-group transfers of personal data from the European Economic Area (“EEA”) to countries outside the EEA. BCRs are based on strict privacy principles established by European Union data protection authorities and require intensive consultation with those authorities.

By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

What data breach procedures we have in place

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff and contractors.

We provide guidance and regular data protection training to our staff.

We ensure that there are appropriate technical controls in place to protect your personal details. For example, our computer network and servers are protected and routinely monitored.

We store all personal information that you supply us with on secured servers or in secured paper files. For your protection, any payment details that you provide us with will be encrypted using SSL (Secure Sockets Layers) technology.

Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

You have a right to know what personal data we hold, who we acquired it from, how we process it, the logic involved in any automatic processing, and who we disclose it to.

You have a right to ask us not to make decisions based solely on the automatic processing of your personal information.

You have a right to ask us not to process your personal information in a way that is likely to cause unwarranted and substantial damage or distress.

You have the right to request access to any of your personal data we hold, information about how and why it is processed, and to whom it may be disclosed.

You have a right to ask us to erase your personal information.

These statutory rights are qualified by exceptions and exemptions.

To exercise any of these rights, please contact us using the address below.

You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy.

Changes to this policy

We may change this Privacy Policy from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by contacting you directly.

Contact

Please feel free to contact us with any questions, comments or queries regarding this Privacy Policy. All questions should be directed to the Data Protection Officer at the Mizen Properties Limited headquarters through mail or at akiro@mizengroup.co.uk

©2018 Mizen
1 Railshead Road, St Margarets, Old Isleworth, Middlesex TW7 7EP
Registered in England & Wales No. 02032811