Preston Baker GDPR Policy
This document outlines our Company policy in regards to the GDPR Data Protection Legislation 2018.
How We Store Our Customers’ Data And Who We Share It With
We store all of our customers’ data on a software system called RPS or Reapit. The system is a software product which we have a license to use. The data that we collect is owned by Preston Baker. Preston Baker do not sell your data to any third parties. In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, tenant deposit schemes, contractors, inventory clerks, our tenancy set-up software Goodlord and marketing service providers.
We work with other companies that may assist you in your moving process – for example lawyers that we refer to. Before passing your data on to any of these companies we will ask your permission.
If required for legal reasons we may also share your data with law enforcement agencies, courts/tribunals and government bodies. We would need to do this to comply with our legal obligations, to exercise our legal rights for the protection of our employees and customers and for the prevention, detection, investigation of crime or prosecution of offenders.
How Do We Securely Store Your Data?
Whether it is personal data, or data which is deemed as a special category, all data is stored on encrypted computer servers. The RPS data storage system that we use abides by the GDPR Policy and is password protected by all of our users.
In line with GDPR, the RPS system allows us to maintain a record of processing activities.
Any paper copies of personal or special category data is shredded at our premises if no longer needed. Where it is necessary to store paper copies of data these records are kept secure and locked away out of sight.
Our Legitimate Reasons For Processing Customer Data.
The processing of any customers’ data is necessary for the legitimate interests of Preston Baker, including:
- Supplying and selling services to our customers.
- Sending promotional communications and contacting our customers about services which are relevant.
- Complying with our legal and regulatory obligations.
- Preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
- Handling customer contacts, queries, complaints or disputes.
How Long Do We Store Data And Why?
We do not store your data for any length of time further than the time which is necessary to service you as a customer. Where we must store customers’ data In line with other legal compliance obligations, we keep it encrypted and will only use it as needed to fulfil our legal obligations or to service your needs as a customer. For example, under Anti-Money Laundering obligations we must store identification documents for any person we do business with for five years. Equally, we must store data for seven years to comply with Consumer Protection Regulations.
What Do We Use It For?
We will use your data to contact you to service your needs as a customer. We will contact you by the methods that you have opted in for. We may contact you about relevant products and services based on our knowledge of our average customers’ needs.
We will obtain your consent to be contacted at our first point of contact with you.
Data Security Breaches.
We treat security of our clients’ data as a serious matter. All data will be stored as described above. If there is a data security high level breach which is likely to result in a risk to our customers, this breach will be notified to the ICO within 72 hours and all parties effected will be contacted.
How We Obtain Consent.