Privacy Policy

Estates 17 Limited (trading as Estates 7, Estates 10 and Estates 17) is committed to safeguarding the privacy of personal data and complying with the European General Data Protection Regulation (GDPR) and any future changes in data protection legislation with which Estates 17 will be required to comply.

Estates 17 Limited is a data controller of your personal data.

Reference in this document to “we”, “us” and “our” means Estates 17 Limited and its various trading styles.

This privacy policy explains how we will collect your personal data and how we use your personal data. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

This privacy notice was last amended in May 2018.  It supersedes any earlier version.

Information we collect and hold about you

 

We will collect and process the following data about you. Most of this will be provided by you when you contact us:

 

  • Your title, full name, contact details (including, for instance, your email address, home and mobile telephone numbers);
  • Your home address and correspondence address (where this is different from your home address), and the address of the property you are considering selling/letting (if a potential vendor or landlord and if that address is different to your home address);
  • Records of how you contacted us and, if you get in touch with us online, details such as your mobile phone location data and IP address

 

For buyers, we will also collect:

 

  • Your search requirements, such as price, property type, area etc;
  • Amount of your deposit and/or proof of deposit or cash;
  • Your mortgage broker or lender’s contact details;
  • Your solicitor or conveyancer’s contact details;
  • Date of birth and length of time at current address, in order to carry out money laundering checks, or proof of ID and address in the alternative.

 

For sellers, we will also collect:

 

  • Address of the property to be sold, if that is different to your home or correspondence address;
  • Your mortgage broker or lender’s contact details (if buying onward);
  • Your solicitor or conveyancer’s contact details;
  • Date of birth and length of time at current address, in order to carry out money laundering checks, or proof of ID and address in the alternative.

 

For landlords, we will also check:

 

  • Address of the property to be let, if that is different to your home or correspondence address;
  • Property and/or HMO Licence (where applicable);
  • Gas safety certification;
  • Electrical safety certification;
  • Fire safety certification;
  • Bank account, card or payment details.

 

For tenants, we will also collect:

 

  • Your search requirements, such as price, property type, area etc;
  • Right to Rent documentation, as required by law and as set out at gov.uk/check-tenant-right-to-rent-documents
  • Bank account, card or payment details;
  • Employment details for the purposes of referencing;
  • Current and/or former landlord’s details, for the purposes of referencing.

 

As part of our referencing procedure for prospective tenants, we may also obtain information from third party sources (as applicable) such as:

 

  • Personal information about your credit history, which we obtain from Lettings Reference Agencies;
  • Your employer;
  • Your landlord;
  • Any intermediaries that you appoint to act on your behalf, for example and solicitor or accountant.

 

Lettings Reference Agencies

 

If you are a prospective tenant and have agreed to rent a property from one of our clients, as part of the application process we will perform credit, identity and referencing checks on you with one or more Lettings Reference Agencies (“LRAs”). To do this, we will supply your personal information to LRAs and they will give us information about you. This will include information from your application and about your financial situation, financial history, employment status and employers contact details, lettings history and current landlord’s contact details (if applicable), and the address and rental value of the property you are seeking to rent. LRAs will supply to us both public and shared credit, financial situation and financial history information and fraud prevention information.

We will us this information to:

  • Verify our identity and your address;
  • Assess whether you can afford to take the property;
  • Verify the accuracy of the data you have provided to us;
  • Prevent criminal activity.

 

Fraud Prevention Agencies

 

The personal information we collect from you will be shared with fraud prevention agencies, who will use it to prevent fraud and money laundering, and to verify your identity. If fraud is suspected or detected, we are obliged under UK law to report the same to the appropriate statutory and regulatory bodies.

 

The legal grounds for processing your personal data

 

We can only process your data for certain reasons (including when we share it with other organisations). We have set out these reasons below.

 

  1. Processing is necessary to perform our contract with you or for us to comply with our legal obligations:

 

  • In order to enter into a contract with you and to comply with our legal obligations, we will process your personal data, as set out below during the period of our professional relationship, including:
    • updating our records;
    • to carry out monitoring and to keep records.
  • For compliance with laws that apply to us;
  • For establishment, defence and enforcement of our legal rights;
  • For activities relating to the prevention, detection and investigation of crime;
  • To carry out identity checks, anti-money laundering checks, and checks with Fraud Prevention Agencies at various points;
  • To process information about a crime or offence and proceedings related thereto (in other words, when we know or suspect fraud);
  • To deal with requests from you to exercise your rights under data protection laws;
  • Where we share your personal information with:
    • Any party to the transaction, such as landlord, tenant, vendor, buyer, guarantor, their respective legal or financial advisers;
    • Our legal and other professional advisers;
    • Courts and to other organisations where it is necessary for the administration of justice, to protect vital interests and to protect the integrity and security of our business; and
  • Law enforcement agencies and governmental and regulatory bodies, such as:
    • HMRC;
    • The National Crime Agency
    • The Property Ombudsman;
    • The Information Commissioner’s Office

 

  1. Legitimate Interests:

 

The UK’s data protection laws allow the use of personal data where its processing is legitimate and isn’t outweighed by the interests, rights and freedoms of data subjects. We will use your data for the following legitimate interests:

 

  • To adhere to guidance and best practice under the regimes of governmental and regulatory bodies, such as:
    • HMRC;
    • The Property Ombudsman
    • The Information Commissioner’s Office
  • For management and audit of our business operations, including accounting;
  • To carry out searches at CRAs and FPAs as required;
  • To carry out monitoring and to keep records;
  • For market research and analysis and developing statistics; and
  • Where we share your personal data with
    • Other organisations and businesses who provide services to us, such as IT software and maintenance providers, document storage providers, maintenance contractors, and suppliers of other back office functions;
    • Buyers and their professional representatives as part of any restructuring or sale of the business or assets; and
    • Market research organisations who help us develop and improve our services.

 

  1. Processing with your consent:

 

There may be circumstances where we need to obtain your consent, such as:

 

  • When you request that we share your personal information with someone else and consent to that; and
  • To keep you informed about our services.

 

  1. Processing for a substantial public interest such as:

 

  • Processing that we need to do to fulfil our legal obligations and regulatory requirements.

 

How and when can you withdraw your consent?

 

For processing that is based upon your consent, you have the right to withdraw your consent. You can do this by contacting us using the details on our website, by calling us on 020 8520 9300, or by emailing us at info@estates17.co.uk.

Is your personal data transferred outside the UK or EEA?

The data that we collect from you may be transferred to, and stored at, a destination outside the UK or European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

What should you do if your personal information changes?

 

You should tell us without delay so that we can update our records. You can do this by:

 

  • writing to us at 40 Orford Road, Walthamstow, London E17 9NJ;
  • visiting one of our offices;
  • calling us on 020 8520 9300;
  • emailing us at info@estates17.co.uk.

 

Do you have to supply your personal data to us?

 

We are unable to enter into a business relationship with you without having personal information about you. Your personal information is required:

  • before you can enter into the relevant contract with ourselves or one of our clients;
  • during the life of that contract; and
  • it is required by laws that apply to us.

Do we do any monitoring involving processing of your personal information?

Monitoring means any listening to, recording of, or taking and keeping any records (as the case may be) of calls, emails, text messages, social media messages and other communications.

Some of our monitoring may be to comply with regulatory rules, procedures relevant to the business, to prevent or detect crime, to have a record of what we have discussed with you and actions agreed with you, to protect you and provide security for you (such as in relation to fraud risks), and for quality and staff training purposes.

For how long is your personal information retained by us?

We will keep information for a reasonable amount of time in order to perform our business and professional roles, and/or to comply with any legal and/or statutory duty imposed upon us.

We only keep your information for as long as necessary. We generally keep personal information for 7 years after last contact with you. However, we reserve the right to keep information for longer if we feel that this is in our legitimate interests.

What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. These include:

  • The right to be informed about the processing of your personal information;
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
  • The right to object to processing of your personal information;
  • The right to restrict processing of your personal information;
  • The right to have your personal information erased (“the right to be forgotten”);
  • The right to request access to your personal information and to obtain information about how we process it;
  • The right to move, copy or transfer your personal information (“data portability”);

If you wish to exercise any of these rights against the CRAs or FPAs, you should contact them separately.

How to get a copy of your personal information (Data Subject Access Request)

You can obtain a copy of your personal information held by contacting us. You can do this by:

  • writing to us at 40 Orford Road, Walthamstow, London E17 9NJ;
  • visiting one of our offices;
  • calling us on 020 8520 9300;
  • emailing us at info@estates17.co.uk.

We’ll need address verification and identification documents for each individual making a Data Subject Access Request.

Original or certified documents which are acceptable include:

  • Utility bill (dated within the last three months) (mobile phone bills are not accepted)
  • Council Tax bill (for the current financial year)
  • Bank statement (dated within the last three months)
  • Mortgage statement from a recognized lender for the current year
  • Driving licence, which shows your current address
  • Passport

We can accept photocopies of ID, but these must be certified and stamped either by a solicitor, licensed conveyancer or independent financial adviser. It has to be clear that the ID has been certified by one of these people, providing their name and business address.

We’ll deal with your request as quickly as possible, but in no more than 30 calendar days from receipt of all required identification.

We hope that we will be able to answer any questions or concerns that you have. You have the right at any time to raise your concern with the Information Commissioner’s Office at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (www.ico.org.uk).