This Privacy Policy (together with our Website Terms of Use, our separate Employee Privacy Policy, and any other documents referred to) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This Privacy Policy also sets out how you can instruct us if you prefer to limit the use of that personal data and the procedures that we have in place to safeguard your privacy.
For the purpose of the Data Protection Act (“the Act”) and the General Data Protection Regulations (“GDPR”), that replace it from 25th May 2018, the data controller is Symonds & Sampson LLP (“Symonds & Sampson LLP”, “the Firm”, “us”, “our” or “we”).
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Symonds & Sampson LLP is a firm (OC326649) of Chartered Surveyors, Estate Agents & Auctioneers, Head Office at 30 High West St., Dorchester, Dorset DT1 1UP. There are 11 other offices in Devon, Dorset, Somerset and Wiltshire. The Firm does not trade and has no interest outside the UK, except in the rare event that a purchaser or vendor, or landlord, is resident overseas. Further details are available on the Firm’s website symondsandsampson.co.uk (the “Website”). Our ICO reference number for Data Protection purposes is Z7110322.
The Partners of the Firm are committed to ensuring that the principles of GDPR are adhered to; that the rights of individuals under GDPR are appropriately protected; and that privacy by default and design is at the heart of our approach to data protection.
In our business as Auctioneers, Estate Agents, Lettings Agents, and Chartered Surveyors, we may collect personal information from a range of subjects including, but not limited to:
In respect of each subject class above, we may gather and hold the following personal information:
We do not specifically process special category data such as nationality, sexuality, belief etc, nor do we collect more than very limited personal data about children. Should we do so, we will ensure that extra safeguards are in place.
We may collect or hold data from the following sources:
We may process this information for the following purposes:
We, or third-party processors, may use limited automated decision-making for the following purposes: referencing or money-laundering checks, which are necessary for legal or contractual purposes. We ensure that there is human intervention to refine the automated results where necessary, and allow you to challenge the results or the data input to reach the decision.
We may share your data with third parties, either directly or in passing, for the following purposes:
a. To help us in the fulfilment of a contract or service to you, including our current providers of the following services:
b. To assist us in the running of our own business, including our current providers of the following services:
c. With your permission, to a financial services provider
d. As required to authorities or regulators, including:
e. For the delivery of our own marketing material via printing or delivery businesses
f. After assessment, to meet the legitimate interests of others in referencing, debt-collection, managing insurance claims and the like.
We do not sell data to third parties.
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data.
As described in this Privacy Policy, we may in some instances disclose your personal data to third parties. Where we disclose your personal data to a third party, we require that third party to have appropriate technical and organisational measures in place to protect your personal data.
The information that you provide to us will be held in our systems, which are located on our premises or those of an appointed third party. We may also allow access to your information by other third parties who act for us for the purposes described in this Privacy Policy or for other purposes approved by you. We believe that we do not currently conduct any processing outside the European Economic Area (the EEA) but, should we be aware that your data is to be transferred outside the EEA, we will require that appropriate safeguards are in place.
Specific personal data, such as your IP address, is collected on our Website, and we may also transfer pieces of information known as Cookies to your computer or device. You may access other websites from our website. All of these matters, and other terms specific to the Website, are covered in our Website Terms of Use, available on the Website, or on request.
GDPR clarifies a number of rights for data subjects, which are summarised below:
If you wish to exercise any of these rights, you should contact us as set out below.
We may update our policies from time to time if operational needs or legislation requires amendment. New versions of the policies will be published on our website or available on request, but will not otherwise be notified.
It is our intention that we should adopt best practice to comply with the complicated and developing requirements of GDPR. However it may be that we have not interpreted the guidelines, or effected them in practice, as we should. If that is the case, we would prefer that you address any concerns in the first instance to us and we will do our absolute best to deal with the issue to your satisfaction in the appropriate timeframe.
Should you have any queries about our policies, or wish to exercise any rights conferred under GDPR, please email privacy@symondsandsampson.co.uk or write to The Data Protection Partner, Burraton House, Burraton Square, Poundbury, Dorset DT1 3GR. If you are exercising any rights, we will ask you to verify your identity and detail your request in writing.
There is additionally much relevant information on the website of the Information Commissioner’s Office at www.ico.org.uk, including the ability to report a concern directly to them, should you wish to do so.