GDPR: Data privacy notice for clients, consultants and suppliers
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”).
At Karen Parry Architects Ltd we are committed to protecting and respecting your privacy and will only use your personal information to:
- To provide and improve our services to you
- To compile anonymous statistics (eg website usage)
- To process and respond to enquiries
- For other legitimate business purposes.
We do not collect data for marketing purposes and do not pass data to any third parties for marketing purposes.
What data do we hold and how will it be used?
We hold names and addresses, email addresses, phone numbers, briefing information, drawings, photographs and images in relation to each client’s project.
To allow us to carry out architectural work on your behalf, we need to pass this data to third parties during the project. These would typically include: other consultants involved in the project, planning and building control, other utilities such as Scottish Water, contractors and suppliers. We do not pass your details to third parties not involved in delivering the project. Our accountants and IT suppliers may also have access to names, addresses and email addresses as part of their service to us.
We use progress photographs and finished shots of projects on our website and social media channels such as facebook and houzz. We do not use client’s names when publishing photos. We would ask your permission for the photographer to visit the house and take photos on completion and again ask your permission if these are to be used in any publications. Progress shots of construction may be used on our facebook page unless you advise that this is not acceptable.
If you submit a client review for publication on website or social media your name would be used unless you request that it is anonymous.
KPA does not hold financial details for clients, or process card payments.
How long do we keep your data for?
KPA holds client’s details in perpetuity. We are contractually obliged to keep project information for 5 years. However, we also retain it for historic purposes as clients routinely return seeking access to archive information on their buildings.
How do we protect your data?
The GDPR requires us to ensure we implement secure systems to protect personal data & requires that any external parties which process personal data for our practice also take reasonable precautions to safeguard personal data. All our electronic data is secured by means of password security access for staff and we store files on Dropbox Business which is certified as being compliant with the most widely accepted security and privacy standards in the world.
If our security was to be breached, resulting in data being exposed that could result in a risk for the individuals concerned, we would inform you immediately.
In the event of any enquiry, we would co-operate with the relevant Data Protection Authorities. If you are not satisfied with how your data is being processed, please contact the office and we will address your concern immediately. You also have the right to complain to the ICO and can do that via their website.
Please contact firstname.lastname@example.org if you have any queries.