
This Policy has been approved and authorised by:
NAME: Daniel Reese
POSITION: Company Secretary
REVIEW DATE: April 2019
SIGNATURE: Daniel Reese
Date of Implementation: 31st Match 2018
ICO Registration No: Z2056063
CONTENTS
1. Introduction
2. Definitions
3. Data Protection Principles
4. Lawful, Fair, and Transparent Data Processing
5. Processing for Specified, Explicit and Legitimate Purposes
6. Adequate, Relevant and Limited Data Processing
7. Accuracy of Data and Keeping Data UpToDate
8. Timely Processing
9. Secure Processing
10. Accountability
11. Privacy Impact Assessments
12. The Rights of Data Subjects
13. Keeping Data Subjects Informed
14. Data Subject Access
15. Rectification of Personal Data
16. Erasure of Personal Data
17. Restriction of Personal Data Processing
18. Data Portability
19. Objections to Personal Data Processing
20. Automated Decision-Making
21. Profiling
22. Personal Data
23. Data Protection Measures
24. Organisational Measures
25. Data Breach Notification
Customers | Any information that a user of the website provides to us, through our “Contact” page, or through emailing us relating to any person who can be directly or indirectly identified from that information. |
Data Subjects | Any person we obtain personal information from, including property sellers, buyers, landlords, applicants and tenants. |
Data Controller | a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. |
GDPR | The General Data Protection Regulations |
ICO | Information Commissioners Office |
Personal Data | Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. |
The Company/We/Us/Our | Abbeymove Limited of 252 Hoe Street, Walthamstow, London E17 3AX |
4. Lawful, Fair, and Transparent Data Processing
4.1 GDPR requires that personal data is processed lawfully, fairly, and transparently, without adversely affecting the rights of the data subject. To ensure we are compliant we will only process data where:
a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
b) It is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
c) It is necessary for compliance with a legal obligation to which the controller is subject;
d) It is necessary to protect the vital interests of the data subject or of another natural person;
e) It is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
f) It is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data.