Personal Data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
Who are we?
Gladman are a group of companies consisting of Gladman Developments Ltd, Gladman Homes LLP, Gladman Retirement Living Ltd (Trading as Adlington), Gladman Commercial Properties and Gladman Estate Management Ltd (“the companies”). Each of the companies are a ‘data controller’ for the purpose of relevant data protection legislation, including the General Data Protection Regulation (“GDPR”) for the information which they collect for business, marketing, recruitment and employment purposes. This means they decide how personal data is processed and for what purposes. The companies also act as ‘data processors’ for some of this data.
How do we use and keep personal data?
The companies comply with their obligations under the General Data Protection Regulations 2018 (GDPR) by;
· Keeping personal data up to date;
· Storing and destroying it securely;
· Not collecting or retaining excessive amounts of data;
· Protecting personal data from loss, misuse, unauthorised access and disclosure
· Ensuring that appropriate technical measures are in place to protect personal data.
We take your privacy seriously. We’ll only use your information for the purpose it is held.
Data obtained and held on the basis of consent
The companies control and process a limited amount of data on the basis of consent:
· Details provided by potential customers of Adlington
· Details provided by those who have opted to receive newsletters
Marketing material sent out using this data contains the ability to unsubscribe.
Data held on the basis of legitimate interest
The companies control and process a range of data on the basis that it has a legitimate interest to do so. Such data relates to potential, current and past employees, customers, contractors and suppliers, data relating to projects and research data.
The individual’s interests are balanced when considering what data it is necessary to hold, and how long this data is retained.
Website, Digital Platforms & Cookies
The companies operate a number of websites and digital platforms, which may contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms and therefore we recommend that you check the privacy and security policies of each and every other website / digital platform that you visit.
All traffic (transferral of files) between our websites and your web browser is encrypted and delivered over HTTPS.
If you visit one of the companies’ offices you may be recorded on our CCTV cameras. These cameras are used purely for the purposes of security. CCTV images are stored securely. In the event of a break in or other incident, we would share any CCTV that provides evidence to the police. CCTV data is deleted regularly.
Some data held for the legitimate interest of operating the companies will need to be transferred to third parties as part of our activities (for example, the transfer of employee data to HMRC or the transfer of customer details to enable services from sub-contractors to be delivered). We will always take care who the data is transferred to and consider the individual interests in such decisions.
Where we hold data provided by you with consent, we will not use your data for purposes that are not clear when you provide your details and will not disclose data outside of the companies (unless we have made this clear when collecting the data) except in limited circumstances such as: (a) if we are under a legal or regulatory duty to do so, (b) if it is necessary to do so to enforce our contractual rights, (c) to lawfully assist the police or security services with the prevention and detection of crime or terrorist activity, (d) where such disclosure is necessary to protect the safety or security of any persons, (e) otherwise as permitted under applicable law, (f) if there is a need to transfer information to third parties to fulfil business operations (such as use of email sending system to distribute newsletters). When we do, we’ll use safe, reliable, GDPR compliant services who won’t pass your personal details anywhere else.
Transfer of data outside the EEA
Please note that the companies do not transfer data outside of the EEA. In the event there is a requirement to transfer data outside of the EEA from time to time, we will take all necessary steps to ensure the data is afforded the same safeguards and controls as those applied within the EEA.
The companies will retain your data for as long as is reasonably necessary for the purpose it is used for and will not be retained indefinitely or for reasons incompatible with relevant data protection legislation, including the General Data Protection Regulations.
Keeping your personal information secure
We take the security of personal information seriously and the companies have appropriate measures, safeguards and protocols in place to ensure that data is kept secure, is only accessed by those individuals authorised to do so and where there is a legitimate need to access the data. Appropriate and reasonable steps are in place to reduce the risk of unauthorised access to personal data held by the companies (either through accidental disclosure or deliberate act) and in line with the companies’ obligations under applicable data protection legislation, including the General Data Protection Regulations.
Under the General Data Protection Regulation, you have a number of important rights regarding your personal information. In summary these rights are as follows and include the right to:
· Request access to personal information;
· Request inaccurate information to be reviewed and corrected;
· Request a restriction to the processing of personal information;
· Request personal information held by the companies to be erased in certain circumstances;
· Request a copy of the personal information that has been provided to us;
· Object to the processing of personal information or the continued processing of personal information; and
· Request not to be subject to automated decision making which produces legal effects that concern or affect you in a significantly similar way
Further information regarding the rights under the General Data Protection Regulation can be found by visiting www.ico.org.uk. These rights are subject to the conditions and restrictions set out in the General Data Protection Regulations and the Data Protection Act 2018.
Should you wish to make a request to exercise any of the above rights you should contact us via email at firstname.lastname@example.org or write to us at: Data Protection Officer, Gladman House, Alexandria Way, Congleton, Cheshire, CW12 1LB
When contacting us please ensure that you provide relevant information to allow us to identify you (this can include confirmation of any of the unique or personal identifiers we hold about you such as address) and state the right or rights that you wish to exercise. We may need to contact you to request further information to verify your identity.
We will respond to you within one month from when we receive a valid request.
How to make a complaint
If you have a complaint regarding any aspect of your personal data or this Notice, please write to us at email@example.com by letter to Data Protection Officer, Gladman House, Alexandria Way, Congleton, Cheshire, CW12 1LB.
If you are not satisfied with the outcome of your complaint, you may write to the Information Commissioner’s Office at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. You can also contact the Information Commissioner’s Office by visiting their website www.ico.org.uk
Changes to this Privacy Notice
We aim to meet high standards and so our policies and processes are subject to review. The latest version of this notice will be displayed on this website.