Who are we?
We are Paul Bryan Chartered Surveyors
145a Connaught Avenue, Frinton on Sea, Essex CO13 9AH
What do we do?
We have been appointed by the party within your lease who is responsible for appointing a managing agent to manage the common areas of your development.
What is our role under the General Data Protection Regulation (GDPR)?
We consider ourselves to be the Data Processor and Controller acting on behalf of the party within your lease who is responsible for appointing a managing agent. Both the Data Controller and the Data Processor are subject to the Office of Information Commissioner, the Supervisor Authority.
• ICO (Information Commissioners Office), Wycliffe House, Water Lane, Wilmslow, Cheshire, Sk9 5AF
• Tel: 0303 123 1113 | firstname.lastname@example.org | www.ico.org.uk
Where did we get your data?
Originally your data may have been received from your solicitor on purchase. Subsequently any data received by us was through the Data Controller or directly from you or another Data Processor for the purposes described below. When you bought your property we wrote an introduction letter and we retained any details provided to us in response to that letter and have updated whatever new information has been provided to us.
What is the purpose of processing your data:
Your property is subject to a lease to which you, the Data Subject and the party within your lease responsible for placing management are party to. We have been appointed by the party within your lease responsible for placing management to administer the covenants of that lease. This involves maintaining accounts, general administration and dealing with common area matters and placing works orders with contractors where we may need to forward your contact details.
What is the lawful basis for this processing:
• Processing is necessary for the performance of a contract to which the Data Subject is party (Article 6 GDPR (1)b).
• Processing is necessary for compliance with a legal obligation to which the Data Controller is subject (Article 6 GDPR(1)c). In this instance the party within your lease responsible for placing management may be required by the Companies Act 2006 to maintain adequate accounting records and a list of members past and present.
Failure to comply would be a breach of covenant under the terms of the lease which may result in legal action.
Where is this data stored?
This data is stored in a computer based schedule of flat owners’ correspondence addresses in Microsoft Word for the purpose of printing addresses on correspondence and contacting by telephone where necessary and is accessed by password.
Who is this data shared with?
This data is shared only when Leaseholders names are evident when we send service charge documentation to accountants at the end of the service charge year.
How long will the data be stored?
Your data will be maintained by us for as long as our appointment exists or for as long you retain your property or for as long as may be required by Statute.
What if you sell the property?
Where the lessor is a Company, there is still an obligation on the Data Controller to maintain adequate accounting records and a list of past and present members. However, if you sell the property only your name, address and transaction details are necessary to satisfy this requirement. All other contact details are erased. Where the lessor is an individual all details will be erased on the completion of the sale.
What are your rights?
• You have a right to be informed
• You may request a copy of your data stored
• You may request correct to any erroneous data
• You may request deletion of data, if not in violation of statutory or contractual requirements
• You may request a restriction on processing
• You may lodge a complaint to the controller or object to processing
• You may lodge a complaint to the Supervisor Authority
• You may withdraw consent if processing originally required consent
What happens in the event of a Data Breach?
In the case of a data breach, the Data Controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the Supervisory Authority and Data Subject, if the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
Where can you find more information?
A copy of your data and this statement is available by emailing our office at email@example.com. and we will provide the information promptly. Information is also available on our website www.paulbryansurveyors.co.uk
© Paul Bryan Chartered Surveyors | Telephone: 01255 670826 |