Data protection
privacy notice

Data protection privacy notice – Third Parties

This privacy notice is made on behalf of the companies set out below which form part of the Romulus Group. The group of companies act as ‘Controllers’ of your data.

This privacy notice explains what personal data (information) these companies (which we shall refer to as ‘we’) may hold about you, how we collect it, and how we use and may share that information. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you.

1. Who we are and who collects the information

Romulus Fulham Ltd, trading as Huddle, is a company incorporated in England under company number 10056513 and is the controller and responsible for your personal data. Our registered office is at Sandford House, 10 Maynard Close, London, SW6 2DB.

Please contact us if you have any questions about this privacy notice or the information we hold about you.

Full Name: Romulus Fulham Limited
Privacy Manager: Alexander Woolf
Email Address: romulus@romulusconstruction.com
Postal Address: Sandford House, 10 Maynard Close, London, SW6 2DB
Telephone Number: 020 7736 1214

At any time, you have the right to make a complaint to the Information Commissioners office (ICO) whose email address is www.ico.org.uk although, we would of course always appreciate the chance to deal with your concern before an approach is made to the ICO in which case, please use the contact details above.

2. The data we collect about you

The table set out below in section 5 summarises the information we collect and hold, how and why we do so, how we use it and with whom it may be shared.

Personal data means any information from which a person can be identified but does not include data, where their identity has been removed (anonymised data). We may collect, use, share and store the following personal data:

• Identity Data this includes title, first and last name marital status, date of birth and gender.
• Contact Data this includes billing and delivery address, email address and telephone numbers.
• Financial Data this includes bank account and payment card details.
• Transaction Data this includes details about payment to and from you & other details of products and services that you have purchased from us.
• Technical Data this includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plugin types and versions, operating system and platform and other technology on the device if you use to access our website.
• Profile Data this includes purchase orders made by you, and your interest and preferences.
• Usage Data this includes information about how you use our website, products, properties and services.
• Marketing and Communications data which includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We do not collect any sensitive data about you and this includes details of your race, ethnicity, religious or philosophical belief, sex life, sexual orientation, political opinions, trade union memberships, information about your health and genetic combine metric data. Neither do we collect any information about criminal convictions and offences.

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.

3. If you fail to provide your personal data

If we need to collect personal data to be able to fulfil a contract that we have with you and you fail to provide that data when requested, we may not be able to perform that contract. In that case we may have to cancel the products or service that you have ordered but we will notify you of this at the time.

4. How we collect your personal data

We will collect your personal data in a course of entering into a contract with you (whether that is a tenancy agreement, or for the provision of goods or services). We collect the personal information that you provide to us which may include you given us your Identity, Contact and Financial Data by filling in forms, a contract or by corresponding with us by post, phone, email or otherwise. This includes personal data that you provide when you enquire about a tenancy or service or you supply us with information regarding products or request marketing material to be sent to you.

As you interact with our websites, we may automatically collect technical data about your equipment, browsing, actions and patterns. We collect this personal data by using cookies and other similar technologies of which please see our cookies policy. When you access our website you can set your website to disallow cookies.

We may also receive personal data about you from various third parties and public sources such as Companies House, HMRC, Credit Reference Agencies etc.

5. How we use your personal data

We will only use your personal data when the law allows us to do so which will commonly include:

• When we need to perform a contract between you and us (such as a tenancy agreement or ordering goods from you).
• Where we have a necessary legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with legal or regulatory obligations.
• We do not generally rely on consent as a legal basis of processing your personal data except where you are an individual and, we wish to ask for your consent for us to send email marketing and communications to you of which you will have the right to opt out from receiving such communications at any time by contacting us on the details above.

 

Purpose/Activities	Type of Data	Lawful Basis for Processing
To register you as a new tenant or supplier.	Identity Contact	Performance of a contract with you.
To carry out credit reference checks against you, process and collect rental payments in respect of your tenancy to include managing payments, fees and charges and collecting and recovering monies owed to us.	Identity Contact Financial Transaction Marketing and Communications	Performance of a contract with you. Necessary for our legitimate interest (to recover debts due to us).
To manage our relationship with you which will include:

a)     Telling you about changes to
our terms or privacy policy.

b)     Asking you to leave a review

Identity

Contact

Profile

Marketing and Communications

 

Performance of a contract with you

Necessary to comply with legal obligations

Necessary for our legitimate interests (to keep our records updated and to study a pattern of our need for products/services).

Purpose to administer and protect
our business and our website
(including troubleshooting, data
analysis, testing, system maintenance,
support, reporting and hosting of data).

Identity

Contact

Technical

Necessary for our legitimate interest for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of business reorganisational group restructuring exercise.

Necessary to comply with legal obligations.

To deliver relevant website
content and advertisements and
measure or understand the effectiveness
of the advertising we serve to you.

Identity

Contact

Profile

Usage

Marketing and Communications

Technical

Necessary for our legitimate interest (to study how our client use our products and services, to develop them, to grow our business and to inform our marketing strategy).

 

To use data analytics to improve
our website, products/services,
marketing, customer relationships
and experiences.

Technical

Usage

 

Necessary for our legitimate interest (define types of tenants and customers for our products and services, to keep our website updated and relevant, to develop our business to inform our marketing strategy).To make suggestions and
recommendations to you about
good or services that may be
of interest to you.

Identity

Contact

Technical

Usage

Profile

Necessary for our legitimate interest (to develop our products/services and to grow our business).

 

Legitimate interest means that we may use your personal data in a way that we believe is necessary to give you the best service/product and secure experience. We will consider and balance any potential impact on you and your rights in relying on a legitimate interest. If your interests are overridden by the impact of us using your personal data then unless we have your consent or otherwise are permitted by law, we will not use your personal data for such activities.

Marketing

If we carry out marketing activities, we may use your Identity, Contact, Technical, Usage and Profile data to form a view on what products/services and offers may be of interest to you which will be part of our marketing strategy. Where we are required to do so, we will ask for your consent to provide you with such information and if you do not want to receive promotional offers from us, you can opt out at any time by sending an email to us or contacting us by post or, if the communication is sent by email, clicking on the opting out link.

Disclosure of Personal Data to Third Parties

We may also need to share some of the categories of personal information set out in the table with other parties. We may also have a need to share your personal data with parties set out below:

 

• service providers who provide IT, system administration services and facilities management;
• professional advisers, (including those acting as processors or joint controllers) including lawyers, bankers, accountants and insurers based in the United Kingdom who provide legal, banking, accounting, insurance and other consultancy services.
• potential purchasers of some or all of our business or on a re-structuring;
• HM Revenue & customs, regulators courts and other authorities based in the United Kingdom.
• Royal Mail and any printers to print postal marketing messages;
• credit reference agencies;
• external contractors; and
• Companies that form part of the Romulus Group as identified at section 1 above.

 

Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information as required to comply with the law. We require all third parties to respect the security of your personal data and will treat this in accordance of the law. Any third party service providers are not permitted to use your personal data for any purpose other than which they are instructed to use it for.

We will not transfer your data outside of the European economic area.

Where information may be held

Information may be held at our offices and those of our group companies, and third-party agencies, service providers, representatives and agents as described above.

6. How long we keep your information

We keep your information during and after your contract with us is concluded for a period which is no longer than necessary. The length of time we retain it is determined by several factors including the purpose for which we use that data and our obligations under other laws. Generally, we will retain your personal data for a period of 7 years after the contract comes to an end and for property related documents we will retain these for 20 years are the period of expiry.

The law permits us to keep your personal information indefinitely if this is necessary and provided we put certain protections in place.

In some circumstances you can ask us to delete your personal data (see below) but there is some basic information that we are required to keep for a period of 6 years after you no longer are in contract with us (Contact, Identity, Financial and Transacted Date) so we may not always be able to comply with your request. If we anonymise personal data we may keep this for statistics indefinitely.

7. Your rights

Under the data protection law you have a number of important rights. In summary, those include rights to:

 

• fair processing of information and transparency over how we use your use personal information;
• access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address;
• require us to correct any mistakes in your information which we hold;
• require the erasure of personal information concerning you in certain situations;
• receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
• object at any time to processing of personal information concerning you for direct marketing;
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
• object in certain other situations to our continued processing of your personal information; and
• otherwise restrict our processing of your personal information in certain circumstances.

 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

 

• email, call or write to us at the contact details set out at number 11 below;
• let us have enough information to identify you;
• let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
• let us know the information to which your request relates.

 

[If you would like to unsubscribe from any [email newsletter] you can also click on the ‘unsubscribe’ button at the bottom of the [email newsletter]. It may take up to [insert figure] days for this to take place.]

8. Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

9. How to complain

We hope that we can resolve any query or concern you raise about our use of your information but your rights to complain to us and the ICO are set out in section 7 above.

10. Changes to this privacy notice

This privacy notice was published on 21 November 2018. We may change this privacy notice from time to time. This will be posted on our website (www.huddle.london/privacy)