Privacy Policy
At Rash & Rash we respect the privacy of our clients and visitors to our websites. This policy is concerned with how we collect information, what we do with it and what controls you have.
Your Privacy
We take our duty to process your personal data very seriously and we will never sell or rent your personal information to other organisations.
This policy explains how we collect, manage, use and protect your personal data.
We may change this document from time to time to reflect the latest view of what we do with your information. Please check back frequently; you will be able to see if any amendments have been made by the date it was last updated.
Please see below for more information on how and why we use your personal details:
Who are we?
In this policy, references to Rash &Rash, or to ‘we’ or ‘.
What personal data we collect and how we use it
What we need
Rash & Rash is what’s known as a ‘data controller’ of personal information provided to us. We obtain basic personal data (like your name, postal address, telephone number and email address) that you provide to us through our website, emails, phone conversations, documents you provide to us or when you visit one of our branches, for example when you:
Enquire about specific properties for sale or for rent
Ask us to value your property
Register for our email newsletters
Participate in one of our surveys
Interact with us on our social media sites
If you are buying or selling property with us, we are required to collect further information from you to satisfy the Money Laundering Regulations 2017, this will be to allow us to prove your identity and your address. We will be very clear with you that we wished to collect such information, our reason for doing so and we would only do so with your specific consent and permission.
Any credit / debit card payments taken by Rash & Rash are processed over either a cloud-based system or using a card machine. In both systems the information is not retained by Rash & Rash. Any paper receipts which are produced do not show full account details and are disposed of securely, once processed. Cloud based receipts are generated through the system and are sent to the relevant party via email.
Why we need it
We collect your personal data in connection with specific activities such as property updates, communicating with vendors regarding the marketing of their homes, communicating with vendors and purchasers regarding an ongoing property transaction, newsletter requests, feedback, competition entries, information you provide in public forums on our sites and applications.
The information is either needed to fulfil your request or to enable us to provide you with a more personalised service. You don’t have to disclose any of this information to browse our sites. However, if you choose to withhold requested information, we may not be able to provide you with certain services.
Our marketing
Sometimes, with your consent, we will process your personal data to provide you with information about our properties or services that you have requested or are expecting.
On other occasions, we may process personal data when we need to do so to fulfil a contract (for example if you are selling your property with us and we are providing you with feedback following viewings), or where we are required to do so by law or other regulatory bodies.
Rash & Rash also process your data when it is in our legitimate interests to do this and when these interests do not override your rights. Those legitimate interests include providing you with information on our services, newsletter requests, feedback, competitions and those of other carefully selected organisations. Please see the section on ‘Legitimate Interest’ for further details.
How we obtain your details
We will also hold information about your details so that we can respect your preferences for being contacted by us.
We collect your personal information a number of ways:
When you provide it to us directly.
When you provide permission to other organisations to share it with us (including Facebook or Twitter).
When we collect it as you use our websites or apps.
When you have given it to a third party and you have provided permission to pass your information on to us.
From publicly available sources (where possible) to keep your information up to date (e.g. the Post Office’s National Change of Address database).
We combine the information from these sources with the information you provide to us directly.
From time to time we may pay for the contact details of people who might be interested in hearing from us in future. Before we purchase contact information, we always check the wording used when your information was originally collected, to make sure that we only contact people who have actively expressed an interest in receiving information from third parties.
When providing permission for 3rd party organisations to share your data you should check their Privacy Policies carefully to understand fully how they will process your data.
Anything else?
All the personal data we process is processed by our staff in the UK. Data will remain resident in the UK for the purposes of IT hosting and maintenance.
On occasion, some of our 3rd parties hold data outside the European Economic Area (EEA). Where this takes place, the relevant company adhere to the EU-U.S. Privacy Shield framework, which ensures that personal data can be transferred outside the EU in compliance with the GDPR’s data transfer requirements.
If you would like to change the way you hear from us or no longer wish to receive direct marketing communication from us then use the update preferences / unsubscribe section of any email communication or use the contact form on our ‘Contact Us’ page.
Legitimate interests
We have a number of lawful reasons that mean we can use (or ‘process’) your personal information. One lawful reason is something called ‘legitimate interests’. Broadly speaking Legitimate Interests means we can process your personal information if:
We have a genuine and legitimate reason
and
We are not harming any of your rights and interests.
Please read the ‘Legitimate Interest’ section for more information.
Sharing your information
We only disclose information to third parties or individuals when obliged to by law, for purposes of national security, taxation and criminal investigations and the following:
If you have agreed that we may do so.
When we use other companies to provide services on our behalf, e.g. processing, communicating with clients regarding properties or services, sending mail and emails, sending appointment confirmations via text message, customer reviews, analysis and assessment, when using auditors/advisors or processing credit/debit card payments. We work closely with all our 3rd party providers to ensure we have carried out our due diligence and that they are working within the guidelines provided by the GDPR.
(Please note that this sharing of Your Information does not entitle such third parties to send you marketing or promotional messages: it is shared for the purpose of ensuring we can adequately fulfil our responsibilities to you, and as otherwise set out in this Privacy Policy).
If we receive a complaint about any content you have posted or transmitted to or from one of our sites, to enforce or apply our Terms & Conditions or if we believe that we need to do so to protect and defend the rights, property or personal safety of Rash & Rash, our websites or our visitors and for other lawful purposes.
If we merge with another organisation to form a new entity, information may be transferred to the new entity.
We may disclose aggregate statistics about our site visitors, supporters, customers and sales to describe our services and operations to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics won’t include any personally identifying information.
Accuracy of data
All data is confirmed at the point of collection. Should your information change at any time, please notify us by either updating your preferences on an email communication or by filling out a contact form on our Contact Us page.
Email Preference Service
Please note that we are unable to cross reference our ongoing database with the Email Preference Service, therefore should you sign up to the EPS whilst already registered on our database, please be aware that this will not automatically remove your details from our system. Please use the update preferences / unsubscribe feature in any email communication, fill in the contact form on our Contact Us page.
Retaining your information
We hold your information only as long as necessary for each purpose we use it, below are examples of some of our retentions to give you an idea of how long we hold your information for.
– Basic personal information after registering with us looking for property / considering selling your home.
We will hold this information with the intention of processing it under the ‘Legitimate Interest’ basis, for the purposes of direct marketing to keep you informed of any services that may be of interest to you for a period of 10 years. This is based on what we’ve always known to be the average period that someone would move home again. In recent years we have seen this average increase to over 20 years, however, we do not feel that is an accurate balance under the definition of ‘Legitimate Interest’.
– Personal information relating to the purchase / sale of a property
This will be held securely for a period of 7 years in line with The Property Ombudsman’s current guidance
– When purchasing / selling a property with us, personal information proving your name and address which will be held securely for a period of 5 years in line with the Money Laundering Regulations 2017.
– Any personal information held pertaining to a survey carried out by us will be held securely for a period of 6 years in line with the Royal Institute of Chartered Surveyors (RICS) guidelines.
If you decide to request that we have no further contact with you, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we don’t accidentally duplicate information.
How do we protect your data?
All data is held securely on our systems which are designed and maintained following industry best practise for storing and securing personal information.
Portable devices, such as laptops, are encrypted and all of our client software packages are password protected.
What are your rights?
A new data protection law, starting in May 2018, gives everyone a number of very important rights. These are:
Transparency over how we use your personal information (right to be informed).
Request a copy of the information we hold about you, which will be provided to you within one month (right of access).
Update or amend the information we hold about you if it is wrong (right of rectification).
Ask us to stop using your information (right to restrict processing).
Ask us to remove your personal information from our records (right to be ‘forgotten’).
Object to the processing of your information for marketing purposes (right to object).
Obtain and reuse your personal data for your own purposes (right to data portability).
Not be subject to a decision when it is based on automated processing (automated decision making and profiling).
If you would like to know more about your rights under the data protection law see the Information Commissioners Office website.
Remember, you can change the way you hear from us, withdraw your permission for us to process your personal data or exercise any of your above rights at any time by using the update preferences / unsubscribe section of any email communication or use the contact form on our ‘Contact Us’ page.
How to contact us
If you wish to talk through anything in our privacy policy, find out more about your rights or obtain a copy of the information we hold about you, please contact our data protection team through our contact us page who will be happy to help. If you wish to raise a complaint on how we have handled your personal data, you can contact our data protection officer who will investigate the matter. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the Information Commissioner’s Office (ICO).