Award Winning House Builder | Inland Homes plc

Privacy Notice

PRIVACY NOTICE

HOW WE USE YOUR PERSONAL INFORMATION

IDENTITY AND CONTACT DETAILS OF CONTROLLER

Inland Homes is a controller of personal information for the purposes of the General Data Protection Regulation (‘GDPR’)1 . Our contact details for data protection purposes are as follows:

Inland Homes, Decimal Place, Chiltern Avenue, Amersham, Bucks, HP6 5FG. e-mail: info@inlandplc.com

PURPOSE OF THIS PRIVACY NOTICE

This Privacy Notice tells you what to expect when Inland Homes processes personal information. It applies to information about customers, owners of properties built by Inland Homes and other service users. It tells you the purposes for which we may process your personal information and the legal basis for the processing (‘processing’ includes us just keeping your personal information).

WHY DO WE COLLECT AND STORE PERSONAL INFORMATION?

Inland Homes needs to collect, process and store personal information about you in order to operate as a home builder and deliver efficient and effective services.

LEGAL BASIS FOR PROCESSING

We often have two main legal bases for processing personal data. Firstly, where it is necessary for the purposes of the legitimate interests pursued by Inland Homes or by a third party to process your information. We can do that so long as we do not interfere with your fundamental rights or freedoms.

Secondly, because we are under a legal obligation or an obligation under a contract to process/disclose the
information.

The other reasons we can rely upon to process your personal information under GDPR are as follows: 

  • where we have your express consent (i.e. agreement) to us processing your personal information.
  • Under the GDPR, consent is a legal basis for processing personal information. You can withdraw your consent at any time. This is explained further below in the section entitled ‘Your rights under GDPR’;
  • where we need to protect the vital interests (i.e. the health and safety) of you or another person;
  • some personal information is treated as more sensitive (for example information about health, sexuality, ethnic background and others – see footnote below for a full list2). The legal basis for processing these special categories of personal information is more limited. To lawfully process special categories of personal data, we must identify a lawful basis for the processing and meet a separate condition for the processing. 

The basis we can use these are: 

  • With your express consent;
  • Where we need to protect the vital interests (i.e. the health and safety) of you or another
  • person;
  • Where you have already made your personal information public;
  • Where we or another person needs to bring or defend legal claims; and/or
  • Substantial public interest grounds.

1 By this we mean the Regulation as supplemented and amended by the Data Protection Act 2018
2 Special categories of personal data is defined within the GDPR and covers racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a person's sex life or sexual orientation

INFORMATION WE MAY HOLD ABOUT YOU AND HOW WE USE IT

The information we hold on our records concerns our relationship with you. We:

  • hold names, marital status, photographic ID and information about your housing circumstances;
  • hold contact details for you so we can communicate with you by your preferred means, and keep you informed about services we offer which may be useful to you;
  • keep financial records about the amount of money you have paid us; any amount(s) outstanding and action taken to recover money you owe;
  • we may record your telephone calls to our switchboard for training and monitoring purposes to ensure we are delivering a good service;
  • we may capture your image on our CCTV systems if you visit a property or office. Any CCTV recordings will be held in accordance with our CCTV Policy before being erased;
  • we record the findings of surveys and other research to help us improve our service to customers. The information you provide will be anonymous unless you agree that we can use your details.

This list is not exhaustive as we hold records of most contacts we have with you, or about you, and we process this information so we can deliver services to you. Generally, the information we hold will have been provided by you (on application or enquiry forms or when we communicate with you), but we may also hold information provided by third parties where this is relevant to your enquiry or application.

We will only ask for personal information that is appropriate to enable us to deliver our services. In some cases, you can refuse to provide your details if you deem a request to be inappropriate. However, you should note that this may impact our ability to provide some services to you if you refuse to provide information that stops us from doing so.

HOW WE MANAGE YOUR PERSONAL INFORMATION

We process your personal information in accordance with the principles of GDPR.

We will treat your personal information fairly and lawfully and we will ensure that information is:

  • Processed for limited purposes;
  • Kept up-to-date, accurate, relevant and not excessive;
  • Not kept longer than is necessary;
  • Kept secure.

Access to personal information is restricted to authorised individuals on a strictly need to know basis.

We are committed to keeping your personal details up to date, and we encourage you to inform us about any changes needed to ensure your details are accurate.

PERIODS FOR WHICH WE WILL STORE YOUR PERSONAL INFORMATION

We will only hold your records during the period of our relationship with you and for a set period afterwards to allow us to meet our legal obligations including resolving any follow up issues between us. Our Document Archive and Retention Procedure provides further information on how long we store personal information for. 

SHARING YOUR PERSONAL INFORMATION

Normally, only Inland Homes staff will be able to see and process your personal information. However, there may be times when we will share relevant information with third parties for the purposes as outlined below, or where we are legally required to do so. When sharing personal information, we will comply with all aspects of the GDPR. Special categories of personal data about health, sexual life, race, religion and criminal activity for example is subject to particularly stringent security and confidentiality measures.

Where necessary or required, we may share information as follows:

  • to comply with the law (e.g. the police, Inland Revenue, Council Tax Registration Officer, Social Security Fraud Act) or a court order;
  • where there is a clear health or safety risk to an individual or members of the public, evidence of fraud against Inland Homes, other irregular behaviour or a matter Inland Homes is investigating;
  • in connection with court proceedings or statutory action;
  • providing the name, address and contact number of a resident to contractors or other agents providing services on Inland Homes’ behalf;
  • providing the name of a resident and the date of occupancy to gas, electricity and water companies;
  • providing information anonymously for bona fide statistical or research purposes, provided it is not possible to identify the individuals to whom the information relates.

OUR WEBSITE

When someone visits our website, we collect standard internet log information and details of visitor behaviour patterns, using Google analytics (see section below - How we use Cookies). We do this to find out things such as the number of visitors to the various parts of the site.

We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered from this site with any personally identifying information from any source.

If we do want to collect personally identifiable information through our website, we will tell you. We will make it clear when we collect personal information and will explain what we intend to do with it.

What are Cookies?
Cookies are text files placed on your computer by websites you visit. These are widely used to enable websites to work properly (e.g. ensuring that the right personal information collected is attached to the individual who submitted it) when collecting information that you have provided to the Data Controller. You may delete and block cookies if you wish from this site. If you would like further information relating to cookies and what they do and how to delete them, please visit www.aboutcookies.org or
www.allaboutcookies.org

How we use Cookies
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org
To opt out of being tracked by Google Analytics across all websites visit
http://tools.google.com/dlpage/gaoptout.

These cookies are used to collect information about how visitors use our websites. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. 

Third party cookies
We sometimes embed content from other websites. Pages with this embedded content may present cookies from these websites. You should check the relevant third-party website for more information about these cookies.

Accepting cookies
For this website to function properly you will need to accept cookies. Please be aware that if you do not accept cookies, certain personalised features of this website cannot be provided to you.

YOUR RIGHTS UNDER THE GDP

You have a number of rights under the GDPR:

Access to personal information
Under the GDPR, you have a right to ask us what personal information we hold about you, and to request a copy of your information. This is known as a ‘subject access request’ (SAR). SARs need to be made in writing (we have a subject access form you can use for this purpose), and we ask that your written request is accompanied by proof of your identify e.g. a copy of your passport or driving licence. We have one calendar month within which to provide you with the information you’ve asked for (although we will try to provide this to you as promptly as possible).

Following your SAR, we will provide you with a copy of the information we hold that relates to you. This will not generally include information that relates to your property such as repair logs or details of contractor visits, as this is not considered personal information.

Rectification
If you need us to correct any mistakes contained in the information we hold about you, you can let us know by contacting us at:

Inland Homes, Decimal Place, Chiltern Avenue, Amersham, Bucks, HP6 5FG.
e-mail: info@inlandplc.com

Erasure (‘right to be forgotten’)

  • You have the right to ask us to delete personal information we hold about you. You can do this where:
  • the information is no longer necessary in relation to the purpose for which we originally collected/processed it;
  • you withdraw consent;
  • you object to the processing and there is no overriding legitimate interest for us continuing the processing;
  • we unlawfully processed the information;
  • the personal information has to be erased in order to comply with a legal obligation.

We can refuse to erase your personal information where the personal information is processed for the following reasons:

  • to exercise the right of freedom of expression and information;
  • to enable functions designed to protect the public to be achieved e.g. government or regulatory functions;
  • to comply with a legal obligation or for the performance of a public interest task or exercise of official authority;
  • for public health purposes in the public interest;
  • archiving purposes in the public interest, scientific research historical research or statistical purposes;
  • the exercise or defence of legal claims; or
  • where we have an overriding legitimate interest for continuing with the processing.

Where we refuse to erase your personal information, we will tell you why.

Restriction on processing
You have the right to require us to stop processing your personal information. When processing is
restricted, we are allowed to store the information, but not do anything with it. You can do this where:

  • you challenge the accuracy of the information (we must restrict processing until we have verified its accuracy);
  • you challenge whether we have a legitimate interest in using the information;
  • the processing is a breach of the GDPR or otherwise unlawful;
  • we no longer need the personal data but you need the information to establish, exercise or defend a legal claim.

If we have disclosed your personal information to third parties, we must inform them about the restriction on processing, unless it is impossible or involves disproportionate effort to do so. We must inform you when we decide to remove the restriction giving the reasons why.

Objection to processing
You have the right to object to processing where we say it is in our legitimate business interests. We must stop using the information unless we can show there is a compelling legitimate reason for the processing, which override your interests and rights or the processing is necessary for us or someone else to bring or defend legal claims.

Withdrawal of consent
You have the right to withdraw your consent to us processing your information at any time. If the basis on which we are using your personal information is your consent, then we must stop using the information. We can refuse if we can rely on another reason to process the information such as our legitimate interests.

Right to data portability
The right to data portability allows us to obtain and reuse your personal data across different services. It allows us to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way. The right only applies to personal data you have provided to us where the reason we are relying on to use the information is either your consent or for the performance of a contract. It also only applies when processing is carried out by us using automated means.

CHANGES TO THIS PRIVACY NOTICE
We keep our privacy notice under regular review and will place any updates on our website.

FURTHER INFORMATION
The Information Commissioner (ICO) is also a source of further information about your data protection rights. The ICO is an independent official body, and one of their primary functions is to administer the provisions of the GDPR.

You have the right to complain to the ICO if you think we have breached the GDPR. You can contact the ICO at:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
0303 123 1113

https://ico.org.uk/