Privacy Policy
At Perfect10 Property Group, we are committed to safeguarding your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you engage with our property services, website, and communications.
Perfect10 Property Group acts as the Data Controller for the personal data collected and processed as described in this Privacy Policy. This means we are responsible for determining the purposes and means of processing your data in compliance with the UK GDPR and Data Protection Act 2018.
Accessibility Statement:
This Privacy Policy is available in alternative formats upon request to ensure accessibility for all individuals. If you require a version of this policy in an alternative format, please contact us at contact@perfect10property.co.uk, and we will accommodate your needs.
If you disagree with any part of this policy, please refrain from using our services or platform.
Terminology​
-
Clients: Individuals utilising our property services, including buy-to-let and social housing clients.
-
Perfect10 Property Group (referred to as "we" or "us"): Refers to our company and all operations concerning property services.
-
Third Parties: Includes external service providers, such as solicitors, brokers, builders, marketing platforms, and other professionals involved in service delivery.
1. Personal Information We Collect
We collect personal data essential for providing our services, including but not limited to:
1.1 Information Required to Use Perfect10 Property Services
To facilitate our property-related services, we collect:​
Contact Information: Name, email address, phone number, and postal address to manage property enquiries, communications, and client services.
Payment Information: Payment details (e.g., bank transfer information) necessary for transactions.
Client Information: Additional details required to fulfil legal, regulatory, or contractual obligations
1.2 Information You Choose to Provide
You may voluntarily provide additional information through our communication channels (e.g., investment forms, calls), including but not limited to:
Preferences: Information regarding specific property preferences or investment interests.
Financial Information: Details about income, savings, or financial goals to enable us to negotiate on behalf of our clients and secure investment opportunities on your behalf.
1.3 Automatically Collected Information
Certain data may be collected automatically when you use our website, depending on your personal system settings:
Device Information: IP address, browser type, and operating system.
Cookies and Tracking Technologies: We use cookies to improve website experience, track user interactions, and personalise content.
Third-party analytics tools: We may use third-party analytics tools (e.g., Google Analytics) to collect website usage information and improve user experience. These tools may collect data such as page visits, session durations, and referral sources. For more details, refer to their privacy policies.
2. Lawful Basis for Processing
In line with the UK GDPR, we process your data under the following legal bases:
Consent: For marketing communications where you have opted in. You may withdraw consent at any time by clicking the "unsubscribe" link in our emails or by contacting us directly at contact@perfect10property.co.uk. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Contract: To fulfil service agreements or property-related contracts.
Legitimate Interests: For improving services, maintaining security, and managing user interactions.
3. How We Use Your Information
We use your personal data to deliver, enhance, and manage our services:
3.1 Property Services
Your data helps us to:
-
Facilitate property viewings, consultations, and bookings.
-
Manage communications and engagement with clients and prospective clients.
-
Negotiate on behalf of our clients and communicate with solicitors, brokers, builders, and other involved parties throughout the property transaction, refurbishment, furnishing, and management processes, including repairs and maintenance.
-
Act as a bridge between social housing providers and our clients, supporting all stages before, during, and after contract execution.
3.2 Platform Improvement
We use your data to:
-
Conduct research and analysis to improve our services.
-
Customise your experience based on preferences and previous interactions.
-
Resolve technical issues on our website and platform.
3.3 Safeguarding and Compliance
We process data to:
-
Verify identities and protect against fraud.
-
​Comply with legal and regulatory requirements.
4. Payment Information
Payment transactions, such as bank transfers, are handled by third-party providers.
Payment details are securely managed by the providers under their privacy policies. We do not retain direct payment information, such as card details, from clients.
5. Sharing and Disclosure of Information
We do not sell or rent your data, but we may share it in specific situations:
5.1 Data Shared with Your Consent
We share your data only when authorised, such as for joint marketing or third-party services related to property management.
5.2 Sharing with Service Providers
We may share data with trusted third-party providers, including:
Property Management Agents, Refurbishment & Maintenance Third Parties: For property management and upkeep.
Legal and Financial Consultants: To ensure legal compliance and manage financial matters.
Management Software Providers: To support service delivery and operational needs.
Marketing Platforms: For managing email communications and promotional activities.
This list may include additional providers as necessary.
​
Disclaimer Regarding Third Parties
While we take reasonable steps to ensure these third parties adhere to data protection standards, we cannot guarantee their compliance beyond the assurances they provide to us.
Clients are encouraged to:
-
Review the privacy policies of these third-party providers to understand their practices and ensure they meet their own requirements.
-
Conduct their own due diligence as part of their engagement with our services.
We do not vet all third-party providers with formal assessments, particularly smaller companies that may not have detailed privacy policies. Instead, we rely on contractual assurances provided by these third parties regarding their compliance with GDPR and data protection laws.
​
If you have concerns about specific third-party providers used in delivering our services, we are happy to provide details about them upon request. For further assistance, please contact us at contact@perfect10property.co.uk.
5.3 Legal Obligations
We may disclose data as required by law, such as for court orders or regulatory requests.
6. Data Security
We implement various security measures to protect your personal data, including:
Encryption: SSL encryption for secure data transmission.
Access Controls: Limiting data access to authorised personnel only.
To ensure the highest level of data protection, all employees handling personal data undergo regular training on GDPR principles, data protection best practices, and security protocols. This helps to minimise risks and maintain accountability throughout our organisation.
While we strive to protect your data, no security measure can guarantee absolute protection. All data processing activities are primarily conducted within the UK, and any exceptions are protected through supplementary safeguards.
Data Breach Notification
In the event of a data breach that poses a risk to your personal data, we will notify you and the Information Commissioner’s Office (ICO) promptly, as required under UK GDPR.
7. Data Retention
We apply data minimisation principles by collecting only the data necessary for the purposes outlined in this policy. Where possible, data is anonymised to further protect individuals' privacy. Personal data is not kept longer than required, and retention periods are determined based on legal, regulatory, and operational requirements. Once data is no longer needed, it will be securely disposed of in line with applicable legal standards, using methods such as shredding or digital wiping.
Retention Periods
Statutory Company Registers: Retained for the entire duration of the company’s existence, as required by law. These registers will primarily be archived, with access restricted to authorised personnel, but may be actively processed when necessary to meet legal or regulatory obligations.
Essential Contact Information, Financial Details, and Bank Transactions: Retained for a minimum of six years to comply with tax, legal, and regulatory obligations. During this period, such data is securely archived but may be accessed and processed for audits, compliance, or dispute resolution.
Other Personal Data Categories: Retained only as long as necessary to support client relationships or meet legal requirements. This data is archived when not actively in use and securely deleted when no longer required.
8. International Data Transfers
We are committed to ensuring that international data transfers comply with all relevant UK data protection regulations.
Overseas Clients: We may receive international data transfers for clients residing outside the UK. However, we seldom need to transfer personal data outside of the UK, as third-party services required by our clients are typically based within the UK.
Remote Work: Strict data protection protocols, such as encryption and access controls, are applied to maintain data security. Where applicable, we implement supplementary measures to ensure that personal data is adequately safeguarded and compliance with UK data protection standards.
Safeguards for International Transfers:
If personal data is transferred outside the UK to a country without an adequacy decision, we use the following safeguards to ensure compliance with GDPR Article 46:
Standard Contractual Clauses (SCCs): Legally binding agreements approved by the UK Information Commissioner’s Office to protect data during cross-border transfers.
Supplementary Measures: Additional safeguards, such as encryption, pseudonymisation, and strict access controls, to further protect your data.
Adequacy Decisions: Where applicable, we rely on adequacy decisions for countries deemed to have equivalent data protection standards by the UK government.
We regularly review these mechanisms to ensure the ongoing protection of personal data during international transfers.
9. Your Rights
Under UK GDPR, you have the right to:
Access: Request a copy of your personal data. You may submit a Data Subject Access Request (DSAR) to receive confirmation of whether we process your data and obtain a copy of the data we hold.
Rectification: Correct inaccuracies in your data.
Erasure: Request deletion of data unless retention is legally required.
Restriction: Limit data processing in certain cases.
Objection: Object to data processing, particularly for marketing.
Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format. You also have the right to request that we transfer this data to another organisation, where it is technically feasible. This right applies only to personal data you have provided to us and that we process by automated means based on your consent or contract.
Withdraw Consent: Where we process your data based on consent (e.g., for marketing), you have the right to withdraw your consent at any time. You can do this by clicking the "unsubscribe" link in our emails or contacting us directly at contact@perfect10property.co.uk.
If you wish to exercise any of your rights, please contact us via the contact information provided. We may request specific information to verify your identity before processing your request to ensure your data's safety and security.
How to Submit a Data Subject Access Request (DSAR):
If you wish to exercise any of these rights, including submitting a DSAR, please contact us at:
Email: contact@perfect10property.co.uk
Subject Line: "Data Subject Access Request"
Please include:
-
Your full name.
-
The specific right(s) you wish to exercise.
-
A clear description of the data or processing activities related to your request.
-
Proof of identity (e.g., a copy of your passport or driver’s licence) to ensure we can verify your identity.
We will respond to your request within one month, as required by GDPR. In certain circumstances, this period may be extended by an additional two months (e.g., for complex requests), but we will notify you if this applies.
Additional Considerations for DSARs:
-
In most cases, DSARs are free of charge. However, we may charge a reasonable fee or refuse to act on requests that are excessive, repetitive, or manifestly unfounded, in line with GDPR Article 12(5).
-
For security purposes, we only accept DSARs from email addresses registered in our systems.
-
Requests must concern your personal data only; we cannot provide information about family members or other third parties.
10. Cookies and Tracking Technologies
Our website uses cookies to enhance your experience. By using our site, you agree to the use of cookies as described in this policy.
Cookies We Use:
Strictly Necessary Cookies: Essential for the website’s operation, such as secure login and e-billing. These cookies do not require your consent.
Analytical/Performance Cookies: To analyse website performance and usage. These cookies are only used with your explicit consent.
Functionality Cookies: To recognise returning users and personalise content. These cookies are only used with your explicit consent.
Lawful Basis for Cookies:
Strictly Necessary Cookies: These are processed under the lawful basis of legitimate interests, as they are required to provide essential services.
Non-Essential Cookies (e.g., Analytical and Functionality Cookies): These are processed under the lawful basis of consent, as required by GDPR and the ICO's guidance on cookies and tracking technologies.
You can manage your cookie preferences through our cookie banner displayed when you first visit our site or by adjusting your browser settings. Note that disabling essential cookies may impact website functionality.
​
Cookie Retention:
Tracking data collected via cookies will be retained for a period of up to 12 months, after which it will be automatically deleted.
11. Right to Lodge a Complaint
If you have any concerns about how we handle your personal data, we encourage you to contact us first to resolve the issue.
When you contact us with a complaint:
-
We will acknowledge receipt of your complaint within five working days.
-
We aim to resolve your concern within 30 days.
-
If further investigation is required, we will keep you informed of the progress and expected timeline.
-
If you remain unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority, via their website at www.ico.org.uk.
12. Legal Jurisdiction
This Privacy Policy is governed by the laws of England and Wales, including the UK GDPR and the Data Protection Act 2018.
13. Policy Updates
We may periodically update this Privacy Policy. Substantial changes will be posted on this page, and where appropriate, we will notify you by email.
14. Contact Information
For questions about this Privacy Policy or your personal data, please contact us at:
Email: contact@perfect10property.co.uk