Revesby Estate GDPR Privacy Policy
Last updated April 2025
- Introduction
Revesby Estate (“we,” “our,” or “us”) is committed to protecting the privacy and security of personal data. This GDPR Privacy Policy explains how we collect, process, and protect personal data in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.
- Scope
This policy applies to all individuals whose personal data we collect, including customers, tenants, business partners, employees, contractors, and website users.
- Data We Collect
We may collect the following categories of personal data:
- Identity Data: Name, title, date of birth, Ni number
- Contact Data: Address, email, phone number, emergency phone number
- Financial Data: Bank details, payment information.
- Transaction Data: Rent payments, invoices, contracts, Hours
- Property Data: Lease agreements, rental history, maintenance records.
- Technical Data: IP addresses, website usage analytics.
- General data: Appraisal, inspections, communications, etc
- How We Collect Data
We collect data through:
- Direct interactions (e.g., rental applications, contracts, emails).
- Automated technologies (e.g., website cookies, security systems).
- Third parties (e.g., credit reference agencies, legal advisors).
- Purpose of Processing
We process personal data to:
- Manage the estate
- Communicate with customers and suppliers.
- Process payments and financial transactions.
- Fulfil legal and regulatory obligations.
- Improve estate management and customer service.
- Legal Basis for Processing
We process personal data under the following legal bases:
- Contractual necessity: To fulfil lease agreements and service contracts.
- Legal obligations: To comply with tax, regulatory, and legal requirements.
- Legitimate interests: To manage our estate efficiently and improve services.
- Consent: Where required, for direct marketing or optional services.
- Data Sharing and Transfers
We may share personal data with:
- Professional advisors (e.g., lawyers, accountants).
- Service providers (e.g., maintenance contractors, IT providers).
- Regulatory authorities (where legally required).
We do not sell personal data to third parties. If we transfer data outside the UK/EU, we ensure appropriate safeguards are in place.
- Data Retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy and comply with legal obligations. Retention periods vary depending on the nature of the data.
- Data Security
We implement technical and organizational measures to protect personal data, including encryption, access controls, and secure storage solutions.
- Individual Rights
Under GDPR, individuals have the following rights:
- Right to access their data.
- Right to rectify inaccurate or incomplete data.
- Right to erase data (“right to be forgotten”).
- Right to restrict processing.
- Right to data portability.
- Right to object to processing.
- Right to withdraw consent (where applicable).
To exercise any of these rights, please contact us using the details below.
- Contact Information
For any questions or to exercise your rights, please contact:
- Updates to This Policy
We may update this policy from time to time. Any changes will be posted on our website and, where appropriate, notified to individuals directly.
This GDPR Privacy Policy ensures compliance with data protection regulations while reflecting the operational needs of Revesby Estate. Let me know if you’d like any modifications or additions.
Sub note- Tenant names, phone numbers, emails and addresses will be provided to to vetted 3 rd party contractor trades when access for works is required.