Our commitment to you
Elite Property Solutions (Scotland) Limited are committed to protecting and respecting your privacy. Below are the guidelines we adhere to for protecting your personal data.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
For the purpose of General Data Protection Regulation (GDPR), the data controller is Elite Property Solutions (Scotland) Limited, located at 115 Lauriston Place, Edinburgh EH3 9JG.
Information we may collect from you
We may ask you to provide information that will enable us to provide a service to you, respond to requests for information, support our customer relationship, or follow up with you after your enquiry.
We will ask for your name, email address and telephone number to enable us to reply to your enquiry.
In particular, we may collect and process the following data about you:
- If you contact us or make enquiries, we may keep a record of that correspondence
- Details of your project (for a limited period)
Who has access to your information?
We will not sell your information to third parties or share your personal data for marketing purposes.
How you can access and update your information?
The accuracy of your information is important to us. We are working on ways to make it easier for you to review and correct information that we hold about you. In the meantime, if you change email address or any of the other information we hold is inaccurate or out of date, please email us at email@example.com or write to Elite Property Solutions (Scotland) Limited, 115 Lauriston Place, Edinburgh, EH3 9JG. Alternatively, you can telephone 0131 272 2789.
You have the right to ask for a copy of the information we hold about you. We will provide this information to you within a 30-day period.
You can find out more about you rights as a data subject at the Information Commissioner’s Office (https://ico.org.uk/) (ICO) website.
Where we store your personal data?
Where personal data is stored on paper it will be kept in a secure place where unauthorised personnel cannot access it. Employees will ensure that no personal data is left where unauthorised personnel can access it. When the personal data is no longer required it will be disposed of by the employee so as to ensure its destruction. If the personal data requires to be retained on a physical file then the employee should ensure it is properly secured within the file, (e.g. stapled, or bound in any other secure manner within the file) which is then stored in accordance with our storage provisions.
Under the GDPR (2018) you have the right to complain about the way we process your data. You can complain to us directly by email firstname.lastname@example.org and mark your email for the attention of the Data Protection Officer. If you would like to take your complaint further, you are also able to complain directly to the ICO who will contact us on your behalf.
A data breach can occur at any point when handling personal data and we have reporting duties in the event of a data breach or potential breach occurring. Breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach require to be reported externally to the ICO.
We take the security of data very seriously and in the unlikely event of a breach will take the following steps:
1: As soon as the breach or potential breach has occurred, and in any event no later than six (6) hours after it has occurred, the data breach must be recorded in writing of (i) what is the breach, (ii) how it occurred and (iii) what the likely impact of that breach is on any data subject(s).
2: We must seek to contain the breach by whatever means available.
3: We must consider whether the breach is one which requires to be reported to the ICO.
4: Notify third parties in accordance with the terms of any applicable data sharing agreements.
Reporting to the ICO
We are required to report any breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach, to the ICO within 72 hours of the breach occurring. The DPO must also consider whether it is appropriate to notify those data subjects affected by the breach.
Data Protection Officer
The Data Protection Officer is Elite Property Solutions (Scotland) limited.
Archiving, retention and destruction of data
We must ensure that personal data is only retained for the period necessary. We shall ensure that all personal data is archived and destroyed timeously and at the point that we no longer need to retain that personal data in accordance with the periods specified.
Review of this Privacy Notice
We keep this Privacy Notice under regular review, This Privacy Notice was last updated on 24th May 2018.