Gold Rose Homes Ltd. Data Protection Policy

1. Introduction

Gold Rose Homes Ltd. (hereinafter referred to as "the Company") is committed to protecting and respecting your privacy. This Data Protection Policy outlines our approach to data protection and describes how we collect, use, and protect personal data in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

2. Scope

This policy applies to all personal data processed by the Company, including data related to clients' rental agreements. This includes, but is not limited to, the collection, storage, use, and sharing of personal data such as names, addresses, ages, bank statements, photographic IDs, and references.

3. Data Controller

Gold Rose Homes Ltd. is the Data Controller for the personal data that we process. Our contact details are as follows:

Email: contact@goldrosehomes.co.uk

Address: Christopher Hutchinson of Gold Rose Homes, London, England, W1W 5PF

4. Principles of Data Protection

The Company is committed to processing personal data in accordance with its responsibilities under the GDPR. To ensure compliance, we adhere to the following principles:

Lawfulness, Fairness, and Transparency: Personal data shall be processed lawfully, fairly, and in a transparent manner.

Purpose Limitation: Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Data Minimisation: Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

Accuracy: Personal data shall be accurate and, where necessary, kept up to date.

Storage Limitation: Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

Integrity and Confidentiality: Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.

5. Legal Basis for Processing

We will only process personal data where we have a lawful basis to do so. The lawful bases for processing include:

Consent: The individual has given clear consent for us to process their personal data for a specific purpose.

Contract: The processing is necessary for a contract we have with the individual, or because they have asked us to take specific steps before entering into a contract.

Legal obligation: The processing is necessary for us to comply with the law.

Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, provided that the interests and fundamental rights of the data subject do not override those interests.

6. Data Subject Rights

Data subjects have the following rights regarding their personal data:

Right to be Informed: Individuals have the right to be informed about the collection and use of their personal data.

Right of Access: Individuals have the right to access their personal data and supplementary information.

Right to Rectification: Individuals have the right to have inaccurate personal data rectified or completed if it is incomplete.

Right to Erasure: Individuals have the right to have personal data erased in certain circumstances.

Right to Restrict Processing: Individuals have the right to request the restriction or suppression of their personal data in certain circumstances.

Right to Data Portability: Individuals have the right to obtain and reuse their personal data for their own purposes across different services.

Right to Object: Individuals have the right to object to the processing of their personal data in certain circumstances.

7. Data Security

We take the security of personal data seriously and implement appropriate technical and organisational measures to protect against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include, but are not limited to:

Secure physical storage of documents.

Use of encrypted systems and networks.

Regular data protection training for staff.

Access controls to ensure only authorised personnel can access personal data.

8. Data Retention

We will only retain personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will regularly review our retention periods to ensure they comply with our obligations under the GDPR and the Data Protection Act 2018.

9. Data Breaches

In the event of a data breach, we have a robust incident response plan to ensure timely and effective action. We will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of a breach where it is likely to result in a risk to the rights and freedoms of individuals. We will also inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms.

10. Changes to This Policy

We may update this Data Protection Policy from time to time in order to reflect changes in our practices or for other operational, legal, or regulatory reasons. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

11. Contact Us

If you have any questions or concerns about this Data Protection Policy or our data protection practices, please contact us at:

Email: contact@goldrosehomes.co.uk

Address: Gold Rose Homes Ltd, London, England, W1W 5PF

This policy was last updated on 10/06/2024.

Gold Rose Homes Ltd. is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our services, then you can be assured that it will only be used in accordance with this privacy statement.