Our Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process your data.

We rely on the following:

Contract

To:

• Process tenancy applications

• Prepare tenancy agreements

• Manage your tenancy

• Collect rent

Legal Obligation

To:

• Comply with HMRC requirements

• Conduct Right to Rent checks

• Comply with anti-money laundering regulations

• Respond to legal claims

We may share information with HM Revenue & Customs where required by law.

Legitimate Interests

To:

• Assess affordability and suitability of tenants

• Recover unpaid rent

• Obtain professional advice

• Maintain accurate records

We ensure these interests do not override your rights.

Consent

Where required (for example, certain marketing communications). You may withdraw consent at any time.

Credit Reference Agencies

We may share your information with credit reference agencies and tenant referencing agencies to:

• Assess affordability

• Verify identity

• Detect and prevent fraud

• Recover debts

They may retain and use your data in accordance with their own privacy policies.

On joint tenancies, financial links may be created between joint tenants.

How We Use Accounting Software and Business Systems

We use secure accounting software to manage financial records and rent payments.

We may use cloud-based systems and secure document storage providers. Where data is processed outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR.

Use of WhatsApp Business

We may communicate with you using WhatsApp Business if you choose to contact us this way.

Please be aware:

• Messages are stored on WhatsApp’s servers

• WhatsApp may process data outside the UK

• You should avoid sending sensitive documents via WhatsApp where possible

If you prefer, you may contact us by email instead.

Who We Share Your Data With

We may share your data with:

• Tenant referencing agencies

• Credit reference agencies

• Fraud prevention agencies

• Contractors and maintenance providers

• Deposit protection schemes

• Legal advisers

• Accountants

• Future landlords or agents (for references)

• Regulatory authorities where legally required

We only share information necessary for the relevant purpose.

We will never sell your personal data.

How Long We Keep Your Data

We retain personal data:

• For the duration of your tenancy; and

• For up to 6 years after the tenancy ends (in line with legal limitation periods); and

• Up to 10 years where required for tax or legal purposes

Data may be retained longer where required in connection with legal proceedings.

Data Security

We implement appropriate technical and organisational measures to protect your personal data from:

• Unauthorised access

• Loss

• Misuse

• Disclosure

Access to personal data is restricted to those who have a legitimate need to know.

Your Rights Under UK GDPR

You have the right to:

• Access the personal data we hold about you

• Request correction of inaccurate data

• Request erasure of your data (where applicable)

• Request restriction of processing

• Object to processing based on legitimate interests

• Request data portability

• Withdraw consent at any time (where processing is based on consent)

We must respond to requests within one month. We may need to verify your identity before releasing information.

We do not normally charge a fee unless a request is excessive or unfounded.

Complaints

If you are unhappy with how we handle your data, please contact us first.

You also have the right to complain to the
Information Commissioner’s Office (ICO).

Website: www.ico.org.uk

Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.