OVERVIEW of this Policy and Commitments to Privacy
Leamouth Limited Partnership regularly collects and uses personal data about current, former or prospective purchasers, when you make a reservation, note interest in a property or purchase a property in one of our Goodluck Hope or when you browse our website https://www.goodluckhope.com/ ("Website").
Personal data is any information that can be used to identify you as an individual. The protection of your personal data is very important to us, and we understand our responsibilities to handle your personal data with care and to comply with legal requirements.
The purpose of this privacy policy ("Policy") is to provide a clear explanation of when, why and how we collect and use personal data. We have designed it to be as user friendly as possible and have labelled sections to make it easy for you to find the information that is most relevant to you. Please read this Policy carefully as it provides important information about how we use personal data and explains your legal rights.
We will make changes to this Policy from time to time for example, to keep it up to date or to comply with legal requirements or changes in the way we operate our business. We will make sure that you are aware of any significant changes by sending an email message to the email address you most recently provided to us or by posting a notice on our Website so that you are aware of the impact to the data processing activities before you continue to engage. We encourage you to regularly check back and review this policy so that you will always know what information we collect, how we use it, and who we share it with.
1. WHO is responsible for looking after your personal data?
Leamouth Limited Partnership is a joint venture between Leamouth General Partner Limited company number 10423469 whose registered office address is 4th Floor, 161 Marsh Wall, London E14 9SJ and Ballymore Leamouth Limited Partner Limited company number 10316683 whose registered office address is 4th Floor, 161 Marsh Wall, London E14 9SJ and Clear Vision Global Limited, with a registration number 1914263 and having its place of incorporation at Vistra Corporate Services Centre, Wickhams Cay II, Road Town, Tortola, VG1110.
Leamouth Limited Partnership is the ultimate Data Controller of any personal data that you provide to us, and we collect from you and can be contacted using the details set in section 19 below.
2. WHAT personal data do we collect?
In relation to potential, historic and current purchasers ("purchaser"), we collect the following data directly from you in the course of managing your reservation or registration of interest form, monitoring your use of our Website or in the process of managing the sale of any property in our development:
The information marked with an * is mandatory, otherwise we would be unable to fulfil our contractual obligations to you pursuant to our contract or to respond to any enquiries you make on an interest form.
3. What PURPOSES do we USE your personal data for and what is the LEGAL BASIS?
We will use your personal data to:
We have to establish a legal ground to use your personal data, so we will make sure that we only use your personal data for the purposes set out in this Section 3 and in Appendix 1 where we are satisfied that our use of your personal data is necessary to:
PLEASE NOTE: If we have previously told you that we were relying on consent as the basis of our processing activities, going forward we will not be relying on that legal basis unless we have said that in this Policy.
4. Who do we SHARE your personal data with?
We share the data with the following entities who will also act in the capacity of an independent Data Controller:
To ensure we manage our developments in a streamlined manner, we also share the data with the following third parties who act on our behalf in the capacity of processor:
Services Providers, who provide database, IT and system administration services, such as Salesforce which is based in the USA. Also, if we were to sell part of our businesses we would need to transfer your personal data to the purchaser.
5. Direct Marketing
We may use your personal data to send you direct marketing communications about our developments. This will be in the form of email, post, SMS or targeted online advertisements.
Where we require explicit opt-in consent for direct marketing in accordance with the Privacy and Electronic Communications Regulations we will ask for your consent - we may also ask if you wish to receive marketing from any of our Associated Companies listed in Section 4 above. Otherwise, for non-electronic marketing or where we can rely on the soft opt-in exemption under the Privacy and Electronic Communications Regulations, we will be relying on our Legitimate Interests for the purposes of GDPR as further detailed in Section 3 and Appendix 1.
We also use your personal data for customising or personalising advertisements, offers and content made available to you based on your visits to and/or usage of our Website, and analyse the performance of those advertisements, offers and content. This constitutes 'profiling' - it does not have any significant legal impact on you but simply means we can ensure marketing materials are tailored to your preferences or what we think you will be interested in.
You have a right to stop receiving direct marketing at any time - you can do this by following the opt-out links in electronic communications (such as emails), or by contacting us using the details in Section 19.
6. International Transfers
We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests, in particular we will either:
You have the right to ask us for more information about the safeguards we have put in place as mentioned above. Contact us as set out in Section 19 if you would like further information or to request a copy where the safeguard is documented (which may be redacted to ensure confidentiality).
7. How long do we keep your personal data?
We will retain your personal data for as long as is reasonably necessary for the purposes listed in Section 3 of this Policy. Where there has been no interaction from a purchaser, a record will be archived and deleted in line with our retention policy.
Where we are required to do so to meet legal, regulatory, tax or accounting requirements, we will retain your personal data for longer periods of time, but only where permitted to do so, including so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a possibility of legal action relating to your personal data or dealings.
We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required and we do not have a legal requirement to retain it, we will ensure it is either securely deleted or stored in a way such that it is anonymised and the personal data is no longer used by the business.
8. What are your rights?
You have a number of rights in relation to your personal data. In summary, you have the right to request: access to your data; rectification of any mistakes in our files; erasure of records where no longer required; restriction on the processing of your data; objection to the processing of your data; data portability; and various information in relation to the basis of any international transfers. You also have the right to complain to your supervisory authority (further details of which are set out in Section 19 below). These are defined in more detail as follows:
RIGHT | WHAT THIS MEANS |
---|---|
Access | You can ask us to:
|
Rectification | You can ask us to rectify inaccurate personal data. We may seek to verify the accuracy of the data before rectifying it. |
Erasure / Right to be Forgotten | You can ask us to erase your personal data, but only where:
|
Restriction | You can ask us to restrict (i.e. keep but not use) your personal data, but only where:
|
Portability | You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it 'ported' directly to another Data Controller, but in each case only where: the processing is based on your consent or the performance of a contract with you; and the processing is carried out by automated means. |
Objection | You can object to any processing of your personal data which has our 'Legitimate Interests' as its legal basis (see Appendix 2 for further details), if you believe your fundamental rights and freedoms outweigh our Legitimate Interests. Once you have objected, we have an opportunity to demonstrate that we have compelling Legitimate Interests which override your rights. |
You also have various rights in relation to any automated decision making, however we do not carry out these activities in connection with the Website.
To exercise your rights you can contact us as set out in Section 19. Please note the following if you do wish to exercise these rights:
9. Contact and complaints
The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our development manager, who can be contacted in the following ways:
Ballymore Development Management Limited C/O Ballymore, 161 Marsh Wall, London E14 9SJ, United Kingdom
If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. You also have a right to lodge a complaint with your national data protection supervisory authority at any time. In the UK, the supervisory authority for data protection is the ICO (https://ico.org.uk/). We do ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
APPENDIX 1 - LEGAL BASIS FOR PROCESSING
Activity | Type of information collected | The basis on which we use the information |
---|---|---|
Contact you, or register you as a new customer. |
|
|
Provide customer support and to enable you to partake in a viewing, open house, launch or event, prize draw, competition or complete a survey |
|
|
To ensure that content from our websites is presented in the most effective manner for you and your computer |
|
|
Facilitate reservations and transactions, as well as managing our relationship with you and carrying put various credit checks. |
|
|
Comply with legal and regulatory obligations |
|
|
To make suggestions, recommendations and provide information to you about products or services that may be of interest to you |
|
|
Administer and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
|
|
To use data analytics to improve our websites, products/services, marketing, customer relationships and experiences |
|
|
APPENDIX 2 - GLOSSARY
Data Controller: means a natural or legal person which determines the means and purposes of processing of personal data.
Data Subject: means an individual whom the personal data is about.
EEA: means the European Economic Area.
GDPR: means the General Data Protection Regulation, which comes into force on 25 May 2018 and replaces the previous Data Protection Directive 95/46/EC.
ICO: the Information Commissioner's Office regulates the processing of personal data by all organisations within the UK.
Legitimate Interests: this is a ground which can be used by organisations as a lawful basis of processing, for example where personal data is used in ways that could reasonably be expected, or there is a compelling reason for the processing.
Member States: means those countries which are part of the European Union.
Privacy Shield: means a framework which has been adopted to protect the rights of those individuals whose data has been transferred to the US.
Service Providers: these are a range of third parties to whom we outsource certain functions of our business. For example, we have service providers who provide / support IT applications or systems, which means that your personal data will be hosted on their servers, but under our control and direction. We require all our service providers to respect the confidentiality and security of personal data.