Privacy notice for clients and other recipients of our services
We are committed to protecting and respecting your privacy. This privacy notice (Notice) explains how Daniel Watney LLP (DW, we, our, us) collects, uses and shares your personal data, and your rights in relation to the personal data we hold.
Updating the Notice
We may modify this Notice at any time. We will endeavour to update you to any significant changes to this Notice. This Notice was last updated in April 2021.
Data controller and contact details
DW is the data controller of your personal data.
If you have any questions about this Notice, or if you would like to exercise any of your legal rights in respect of your personal data, please contact us using the following details:
How we collect your information
- From the information you provide to us when you meet with one of our employees or representatives;
- When you communicate with us by post, telephone, fax, email or other forms of electronic communication (for example when you make enquiries or appoint us to provide our services);
- When you enter into a tenancy agreement in respect to one of the residential or commercial properties that we manage;
- If a third party provides information to about your activities in connection to one of our properties (for example, if we conduct background checks on you as part of your application to be a tenant or a client);
- When you book or make arrangements to attend one of our events (for example, a seminar or presentation on our premises);
- When you or your employer enters into a business contract with us and your personal data is exchanged as part of entering the contract or in the performance of that contract;
- when you register to use our Wi-Fi at our premises and on our CCTV systems when you visit our premises; and
- through cookies and online identifiers when you browse our website.
The types of information we collect
We may collect and process the following personal information about you:
- Information concerning your engagement with us, including records of communications between you and us and your attendance at our events;
- Information about you gained from tenant background checks including your previous property history, financial checks, your right to rent (including passport and visa details), and other Doc Ref: Client Privacy Notice - May 2021 references. This data will include your name, title, gender, age, date of birth, contact details, previous addresses, financial details and occupation;
- Information on the condition of one of our properties that may be related to how you have treated the property;
- Your opinion and feedback in relation to any surveys or questionnaires that you complete, such as feedback on our events.
- your name, business role, contact details and payment details where you are a client;
- your interests, opinions and marketing preferences (where you have provided this information);
- technical information gained from your use of our website, including your internet protocol (IP) address, cookie identifier, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your website visit (such as which pages you visited, how you navigated to our website, and how long you spent browsing our website) and engagement with our direct marketing emails (such as whether the email was opened and if you opened hyperlinks within the email); and
- personal information provided by you in other correspondence with us.
Special category data (e.g. data concerning health and disability). When you provide us with sensitive details, for example in relation to dietary or specific access requirements, we will only process this information with your explicit consent.
Covid-19. If you, or someone on your behalf, informs us that you have had Covid-19 symptoms and that you have recently visited our premises or had contact with our staff, we will use this information in accordance with government guidelines. In addition, we will keep lists of visitors to our premises to assist the NHS Track and Trace system in accordance with government advice. We will process this information in accordance with our legal obligation to provide a safe environment for staff and visitors and for public health reasons where we are required to report information to government authorities.
How we use your information, our legal basis for using your information and who we share your information with
Where we have a contractual relationship with you
We will process your personal data because it is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract. In this respect, we use your personal data for the following:
- to carry out our obligations arising from any contracts entered into between you and us (or you and our clients) and to provide you with the services that you request from us; and
- to interact with you before you enter into a contract with us or our clients, such as when you express your interest in our services or a property which we manage on behalf of a client.
In this respect we will provide your data to our subcontractors as necessary whom we engage to assist us in conducting our operations, such as our IT providers, suppliers and contractors, event organisers, payment providers and any third-party booking agents. This includes agencies we use to conduct our background checks on potential clients and tenants.
We also process your personal data because it is necessary for our or a third party's legitimate interests. Our legitimate interests include the commercial operation of DW. In this respect, we may use your personal data for the following:
- to enable you to attend our events (for example, for administering access);
- to advertise and market our services and events (unless it is required or appropriate to gain your consent);
- capturing images on our CCTV system at our premises for security purposes; and
- to analyse and improve the services we provide, including improving our website, processing feedback and conducting market research.
In this respect, we will provide your data to third parties who assist us in conducting our operations such as our IT providers, event organisers, security providers, payment providers and any third-party booking agents. In addition, for the purposes outlined above, we will also share your data with organisations we use for our marketing operations and visitor surveys and analysis.
We process your personal data for our compliance with our legal obligations including for tax and reporting requirements, to comply with our anti-money laundering requirements, and to report crimes and serious incidents. In this respect and if required, we will share your data with HMRC, the police and other competent authorities.
We also process your personal data where we have your specific consent to do so (for example, where we have sought and obtained your consent to send you direct marketing by email or to set cookies via our website for advertising purposes). If you have given your consent and you wish to withdraw it, please contact us using the contact details set out above or click the “unsubscribe” link in the emails we send. Please also see the section above on special category data in respect of our use of consent to process health and disability data.
Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of our services.
International transfers of data outside of the United Kingdom
We may be required to transfer personal data to Europe, for example, if a provider of our IT services hosts data on a server in Europe. Such transfers of personal data are based on the adequacy decision made by the United Kingdom in respect of EEA countries’ data protection safeguards.
If we need to transfer data outside of the EEA; for example it is required for work purposes then we may rely on the derogations available under GDPR such as the transfer is occasional and necessary for the performance of a contract with you, or for the performance of a contract that is in your interests.
How long your information is kept
We will retain your personal data for as long as is required for legal purposes and our legitimate business purposes after the termination of our relationship with you. In particular:
- in relation to personal data relating to any services we have provided, we will retain that data indefinitely after that transaction has concluded in case:
- any legal claims arise out of the provision of those services; or
- where a record of this information is likely to be helpful in assisting us in providing services to your business in the future.
- we will retain your details on our marketing database until you inform us that you no longer wish to receive our marketing communications. However, where you do unsubscribe from our marketing communications, we will keep your details on a suppression list to ensure that we do not send you information you have asked not to receive.
Under the UK GDPR you have the following rights in relation to our processing of your personal data:
- to obtain access to, and copies of, the personal data that we hold about you;
- to require us to correct the personal data we hold about you if it is incorrect;
- to require us to erase your personal data in certain circumstances;
- to require us to restrict our data processing activities in certain circumstances (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
- to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for transmitting that personal data to another data controller;
- to object, on grounds relating to your situation, to any of our processing activities where you feel this has a disproportionate impact on your rights; and
- to complain about the processing of your data to the relevant supervisory authority (for example, in the UK this is the Information Commissioner’s Office (ICO). The ICO does request that you first try and resolve the issue with us.
Please note that not all of the above rights are absolute, and we may be entitled to refuse your requests where exceptions apply.