Who we are

Our website address is: https://www.pullans.co.uk.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

PRIVACY NOTICE

This Privacy Notice was last reviewed in January 2021. The content of the policy may be reviewed and changed without prior notice, please visit the policy for any changes.

We are committed to ensuring that your privacy is protected and our use of your personal information is governed by this Privacy Notice, the Data Protection Act and General Data Protection Regulation (“GDPR”). Any reference to “you” or “your” refers to anyone whose personal information we process.

This policy is applicable for all and/or any of the companies listed below and should be read as any reference to “we”, “our” and “us” is a reference to all and/or any of the entities thereunder stated.

  1. Amberstone Developments (Leeds) Limited
  2. Amberstone Developments (North Yorkshire) Limited
  3. Amberstone Developments (West Riding) Limited
  4. Amberstone Developments (West Yorkshire) Limited
  5. Amberstone Developments (Yorkshire) Limited
  6. Calder Masonry Limited
  7. Chartford Arthington Limited
  8. Hatour Limited
  9. Horus Limited
  10. Pullan and Sons Limited
  11. Leeds London Limited
  12. LMS Hampshire LLP
  13. Pullan Properties Limited
  14. Sitex Holdings Limited
  15. The Knap (Barry) LLP
  16. Wilkinson Building Co. (Leeds) Limited
  17. Wilkinson Development Co. Limited

 

What data do we collect?

Any references to personal information in this Privacy Notice will include personal data, and where relevant, special categories of personal data.

In addition, if we are providing a service to you, or on your behalf, where we are required to do so by law, we will collect information relating to your identity, which will be at least one form of photographic identification (such as a passport, a driving licence or an identification card) and one form of documentation with proof of your place of residence (such as a recent utility bill)).

The below are examples of scenarios in which we may collect and process personal information including but not limited to:

Buy, Sell, Let, Rent

  • We use your personal information for the purposes of fulfilling our obligations to you. For example, to let or sell your property or, if you are a buyer or tenant, for the purposes of arranging viewings, obtaining feedback, and arranging contract documentation;
  • We will use your personal information to conduct due diligence in accordance with other legal or regulatory obligations;
  • We will collect specific identity documents and share your personal data with third party referencing agencies for the purposes of the prevention and detection of crime, fraud and/or money laundering and checking your suitability to rent that property;
  • Where you are not the legal owner of the property we will request details from you as to your ability to sell or let the property such as a Power of Attorney, Guardianship Order or Grant of Probate;
  • If we are dealing with an entity such as a company, trust or charity, we may need to obtain personal information for the beneficiaries of the entity and those in a position of control. This will include, but is not limited to, identity and address documents. We may also need to collect information on other individuals who have an interest in the property who are not considered to be our customers.

 

 

Tenant Data

  • Your contact details or those of relevant individuals at your organisation so that we can communicate with you and send you invoices. We may also undertake credit checks on our tenants in order to assess suitability for entering into a lease and ongoing monitoring of financial stability where this is deemed necessary;
  • Where you have a tenancy jointly with someone else or there is a guarantor for your tenancy, as necessary, we will share information either with the joint tenant or the guarantor (or both). This relates to your performance of your responsibilities under the tenancy agreement including information about any rent arrears or other breach of the tenancy terms. It can also relate to issues around the termination of the tenancy and any claims we may have as a result;
  • By law, in England, we are required to check your immigration status before we rent a property to you. This means that you are legally obliged to produce certain documentation (e.g. a passport or driving licence) to us. This applies whether or not you are a UK or EU citizen. Not only are we required to see original documentation but we must take and keep copies of it. We also check this documentation as part of our process to verify your identity at the outset of the tenancy. Prospective tenants and all adult residents who will live at the property have to be checked;
  • In cases where you rent a property where a child resides information will be given to us about resident children; usually by an adult such as a parent on their behalf. Data protection law requires us to give such information additional protection where we collect or use it. In particular we will need to check on the age of any residents to see whether or not an immigration/right to rent check must be carried out;
  • Private renting is highly regulated so we are under various legal obligations. These include an obligation to carry out gas safety checks under gas safety legislation. We may need to handle data for this purpose, e.g. to give the contracted gas safety engineer access to the property;
  • In line with advice from the Information Commissioner we consider that it is in the legitimate interests of utility companies to receive information about occupants of the property to enable them to bill you for utilities (unless these are included within your rent). Likewise, we notify local authorities of your occupancy relevant to the collection of Council Tax. In any event they are entitled to serve notice upon us requiring this information if they choose to do so.

Property Management

Where we manage property we may ask for additional emergency contact information in case we need to get in touch with you outside of working hours or in the event there is a matter requiring your urgent attention. We may also need to pass your personal information from time to time on to third party contractors with whom we have engaged to carry out maintenance or inspections.

Where you are a tenant in a building managed by us, we may need to share your personal information with the property owner, but will only do so where we have considered your own rights first.

Investment

Where you engage with us as an investor we will collect information required to identify you to meet anti-money laundering and counter terrorist financing requirements.

If the investor is an entity such as a company, trust or charity, we may need to collect personal information about the controllers and the beneficiaries of the entity.

Supplier Data

We need a small amount of information from our suppliers in order to fulfil the terms of the contract between us.

We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide.

CCTV

We may operate CCTV in properties based on our legitimate interest in protecting the property and ensuring the safety of visitors, tenants and clients, as well as to assist with the prevention and detection of crime.

Images captured by our CCTV systems will not be kept for longer than necessary. However, on occasions there may be a requirement to keep images for longer, for example when a crime is being investigated.

Wi-Fi

We may provide visitors with access to its guest Wi-Fi within its premises. Please note that no personal information will be obtained or stored from the usage of our Wi-Fi systems.

Correspondence

Correspondence includes all ways in which we receive communications from whatever source. We may monitor, record and retain your calls, emails, letters, text messages, social media messages and other communications.

This may be necessary to manage your tenancy or the property or to deal with your application for a tenancy or to deal with tenants/residents or prospective tenants/residents/guarantors. We need these records for contractual performance where applicable, to carry out any applicable legal obligations imposed on us, to protect your vital interests, or in our legitimate interests. These legitimate interests are to ensure that we have the necessary information relating to these matters and for accurate record keeping.

Car Registration

We hold records of car registrations for vehicles which you park/keep at or in the vicinity of the property to manage the property for contract performance. We also handle this information in our own legitimate interests and those of others such as neighbours in order to monitor and regulate parking. This is to protect our own property interests and rights and those of others such as neighbours who may be affected by parking issues.

Employee Data

We hold personal data that is directly relevant to our employees. It includes information necessary for employment such as the employee’s name and address and details for payment of salary etc. That personal data shall be collected, held, and processed in accordance with employee data subjects’ rights and the our obligations under the GDPR and with this Policy.

 

How do we use personal information?

Under GDPR, the lawful bases we rely on for processing this information are:

  • you have provided consent. Consent may be requested in certain cases, e.g. to obtain a reference but generally we do not rely on your consent to process your personal data;
  • we have a contractual obligation;
  • we have a legal obligation;
  • we have a vital interest; and/or
  • we have a legitimate interest.

 

How and where do we store your data?

All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected and/or for as long as we have your permission to keep it. We may keep personal data for longer if this is required by law, such as information needed for accounting and audit purposes, or to fulfil our contractual obligations.

Your data will be stored within the European Economic Area (“the EEA”). If we ever do store data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under GDPR.

 

How we keep your information secure?

The security of information is very important to us and we have measures in place which are designed to prevent unauthorised access to your personal information including but not limited to:

  • Our client files are stored on our secure client management systems. Access is restricted on our client systems to those within the business who are required to have access to your information for legitimate business purposes;
  • Hard copy documentation is stored in locked cabinets.

Do we share your data?

We may share your data with other companies in our group for account management and reporting purposes. This includes our landlords for whom we perform management services and holding company and its subsidiaries.

We may also share information, where this is necessary, with landlords and other managing agents, insurance companies/brokers, credit and referencing agencies, Home Office, Local Authorities, utility and water companies, Police, tracing agents, legal representatives, mortgage lenders, maintenance contractors, tenancy deposit schemes, utility switch over companies/brokers, chartered surveyors and estate agents.

In some cases we may be under a legal obligation to provide information either because of the law or because of a contractual obligation binding on us. What we actually share will depend on what is necessary in the circumstances.

 

Your rights in relation to personal data

You have a right to access the personal data we hold about you. You may ask us to rectify or erase the personal data we hold about you or to restrict the processing we carry out in certain circumstances. You can also object to the way we are processing your personal data in certain circumstances.

If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioners Office:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

 

How can you access your data?

If you wish to access data, which we hold about you, you can submit a subject access request to us. All subject access requests should be made in writing and sent to the email or postal addresses shown below.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within one month of receipt. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

 

Contact details

Data Protection Officer: 

Raj Khela

dpo@pullans.co.uk

  1. Pullan & Sons Limited, C7 Joseph’s Well, Hanover Walk, Leeds, LS3 1AB.

Please contact the Data Protection Officer if you:

  • have any questions about how we collect and use your information;
  • want to access the information we hold about you;
  • address any concerns about the information you have provided us; or
  • have any complaints about how we use your information.

If we cannot resolve any issue, you have the right to complain to the data protection authority in your country (the Information Commissioner in the UK). If you need more information about how to contact your local data protection authority please let us know by contacting us.

 

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements