Data protection
privacy notice

Data protection privacy notice – Third Parties

This privacy notice is made on behalf of the companies set out below which form part of the Romulus Group. The group of companies act as ‘Controllers’ of your data.

This privacy notice explains what personal data (information) these companies (which we shall refer to as ‘we’) may hold about you, how we collect it, and how we use and may share that information. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you.

1. Who we are and who collects the information

Romulus Fulham Ltd, trading as Huddle, is a company incorporated in England under company number 10056513 and is the controller and responsible for your personal data. Our registered office is at Sandford House, 10 Maynard Close, London, SW6 2DB.

Please contact us if you have any questions about this privacy notice or the information we hold about you.

Full Name: Romulus Fulham Limited
Privacy Manager: Alexander Woolf
Email Address:
Postal Address: Sandford House, 10 Maynard Close, London, SW6 2DB
Telephone Number: 020 7736 1214

At any time, you have the right to make a complaint to the Information Commissioners office (ICO) whose email address is although, we would of course always appreciate the chance to deal with your concern before an approach is made to the ICO in which case, please use the contact details above.

2. The data we collect about you

The table set out below in section 5 summarises the information we collect and hold, how and why we do so, how we use it and with whom it may be shared.

Personal data means any information from which a person can be identified but does not include data, where their identity has been removed (anonymised data). We may collect, use, share and store the following personal data:

We do not collect any sensitive data about you and this includes details of your race, ethnicity, religious or philosophical belief, sex life, sexual orientation, political opinions, trade union memberships, information about your health and genetic combine metric data. Neither do we collect any information about criminal convictions and offences.

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.

3. If you fail to provide your personal data

If we need to collect personal data to be able to fulfil a contract that we have with you and you fail to provide that data when requested, we may not be able to perform that contract. In that case we may have to cancel the products or service that you have ordered but we will notify you of this at the time.

4. How we collect your personal data

We will collect your personal data in a course of entering into a contract with you (whether that is a tenancy agreement, or for the provision of goods or services). We collect the personal information that you provide to us which may include you given us your Identity, Contact and Financial Data by filling in forms, a contract or by corresponding with us by post, phone, email or otherwise. This includes personal data that you provide when you enquire about a tenancy or service or you supply us with information regarding products or request marketing material to be sent to you.

As you interact with our websites, we may automatically collect technical data about your equipment, browsing, actions and patterns. We collect this personal data by using cookies and other similar technologies of which please see our cookies policy. When you access our website you can set your website to disallow cookies.

We may also receive personal data about you from various third parties and public sources such as Companies House, HMRC, Credit Reference Agencies etc.

5. How we use your personal data

We will only use your personal data when the law allows us to do so which will commonly include:


Purpose/Activities Type of Data Lawful Basis for Processing
To register you as a new tenant or supplier. Identity


Performance of a contract with you.
To carry out credit reference
checks against you, process and
collect rental payments in respect
of your tenancy to include managing
payments, fees and charges and
collecting and recovering monies
owed to us.




Marketing and Communications

Performance of a contract with you.

Necessary for our legitimate interest (to recover debts due to us).

To manage our relationship with
you which will include:

a)     Telling you about changes to
our terms or privacy policy.

b)     Asking you to leave a review




Marketing and Communications


Performance of a contract with you

Necessary to comply with legal obligations

Necessary for our legitimate interests (to keep our records updated and to study a pattern of our need for products/services).

Purpose to administer and protect
our business and our website
(including troubleshooting, data
analysis, testing, system maintenance,
support, reporting and hosting of data).




Necessary for our legitimate interest for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of business reorganisational group restructuring exercise.

Necessary to comply with legal obligations.

To deliver relevant website
content and advertisements and
measure or understand the effectiveness
of the advertising we serve to you.





Marketing and Communications


Necessary for our legitimate interest (to study how our client use our products and services, to develop them, to grow our business and to inform our marketing strategy).


To use data analytics to improve
our website, products/services,
marketing, customer relationships
and experiences.




Necessary for our legitimate interest (define types of tenants and customers for our products and services, to keep our website updated and relevant, to develop our business to inform our marketing strategy).To make suggestions and
recommendations to you about
good or services that may be
of interest to you.






Necessary for our legitimate interest (to develop our products/services and to grow our business).


Legitimate interest means that we may use your personal data in a way that we believe is necessary to give you the best service/product and secure experience. We will consider and balance any potential impact on you and your rights in relying on a legitimate interest. If your interests are overridden by the impact of us using your personal data then unless we have your consent or otherwise are permitted by law, we will not use your personal data for such activities.


If we carry out marketing activities, we may use your Identity, Contact, Technical, Usage and Profile data to form a view on what products/services and offers may be of interest to you which will be part of our marketing strategy. Where we are required to do so, we will ask for your consent to provide you with such information and if you do not want to receive promotional offers from us, you can opt out at any time by sending an email to us or contacting us by post or, if the communication is sent by email, clicking on the opting out link.

Disclosure of Personal Data to Third Parties

We may also need to share some of the categories of personal information set out in the table with other parties. We may also have a need to share your personal data with parties set out below:



Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information as required to comply with the law. We require all third parties to respect the security of your personal data and will treat this in accordance of the law. Any third party service providers are not permitted to use your personal data for any purpose other than which they are instructed to use it for.

We will not transfer your data outside of the European economic area.

Where information may be held

Information may be held at our offices and those of our group companies, and third-party agencies, service providers, representatives and agents as described above.

6. How long we keep your information

We keep your information during and after your contract with us is concluded for a period which is no longer than necessary. The length of time we retain it is determined by several factors including the purpose for which we use that data and our obligations under other laws. Generally, we will retain your personal data for a period of 7 years after the contract comes to an end and for property related documents we will retain these for 20 years are the period of expiry.

The law permits us to keep your personal information indefinitely if this is necessary and provided we put certain protections in place.

In some circumstances you can ask us to delete your personal data (see below) but there is some basic information that we are required to keep for a period of 6 years after you no longer are in contract with us (Contact, Identity, Financial and Transacted Date) so we may not always be able to comply with your request. If we anonymise personal data we may keep this for statistics indefinitely.

7. Your rights

Under the data protection law you have a number of important rights. In summary, those include rights to:



For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:



[If you would like to unsubscribe from any [email newsletter] you can also click on the ‘unsubscribe’ button at the bottom of the [email newsletter]. It may take up to [insert figure] days for this to take place.]

8. Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

9. How to complain

We hope that we can resolve any query or concern you raise about our use of your information but your rights to complain to us and the ICO are set out in section 7 above.

10. Changes to this privacy notice

This privacy notice was published on 21 November 2018. We may change this privacy notice from time to time. This will be posted on our website (

    Flex and grow with us
    Fill in the form below
    and we'll get back to you