Cookie and Privacy Policy

At ReSI Estate Management. we are committed to ensuring that your privacy is protected. This Privacy Notice, together with our Terms and Conditions, explains how we use information about you when you use our services.

For the purposes of the Data Protection Act (DPA UK 2018) and the General Data Protection Regulation (“GDPR”) and UK data protection laws, the data controller is ReSI Property Management, trading as ReSI Estate Management. The person responsible for data protection is Joanne Couch and can be contacted at ReSI Estate Management, 2 Tangier Central, Castle Street, Taunton, TA1 4AS; at dpo@resi-em.co.uk or on 01823 813900.

What personal information do we collect?

If you own or rent a property in one of our managed developments, we will need to collect your personal information to provide our services to you. The information may include:

  • Identity and Contact Data – full name, marital status, date of birth, gender, national insurance number, username and password, property ownership details, address (including past address), email address and telephone numbers.
  • Next of Kin details.
  • Medical Information.
  • Your Marketing and Communications preferences.

How do we collect your information?

We may collect personal information by means of paper or electronic forms, telephone, email or post. We will usually collect the information directly from you, e.g. when you complete an out of hours emergency contact form, or through telephone calls and emails while providing our services to you.

We may also collect information from other third parties which includes (but is not limited to):

  • Family and household members
  • Friends and visitors
  • Referees
  • Members of public
  • Representatives
  • Development Management Companies
  • Contractors
  • Complainants

We may receive information about you from other data controllers, such as the police who might tell us about a crime they are investigating where this impacts on your contract with us or those who live in the same community. If you give us this information about yourself when communicating with us, you do so because you consider it forms part of a legitimate interest for us to hold this information on our records.

Why do we need your personal information?

We may need to use some information about you to:

  • deliver services and support to you;
  • manage those services we provide to you;
  • prevention/detection of crime/fraud;
  • help investigate any complaints you have about the services we provide;
  • check the quality of services and deliver service improvement;
  • to help with research and planning of new services.

How the law allows us to use your personal information

There are several legal reasons why we need to collect and use your personal information. Generally, we collect and use it where:

  • you are entering or have entered into a contract with us;
  • you, or your legal representative, have given consent;
  • it is necessary to protect someone in an emergency;
  • it is required by law;
  • you have made your information publicly available;
  • it is necessary for legal cases;
  • it is necessary for archiving, research, or statistical purposes.

We may contact you or send communications to tell you about our existing service to you e.g. service enhancements, government entitlements, or health and safety information. We won’t need your consent to communicate with you this way because we have assessed that it forms part of our agreement with you and it is of mutual interest for us to keep you informed and is relevant to your contract with us.

We may send automatic property updates or occasionally information on other products and services we offer and which we think will be of interest to you. We will ask for your consent to communicate this type of information to you and you can remove your consent at any time.

If you want to remove your consent, please contact  dpo@resi-em.co.uk or telephone 01823 813900.

The law gives you several rights to control what personal information we use and how it is processed. 

Under certain circumstances, you have the right to:

  • request access to your personal data (a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it;
  • request correction of the personal data that we hold about you;
  • request erasure of your personal data where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below);
  • object to processing of your personal data in particular ways, including processing based on the lawful basis of legitimate interests and direct marketing;
  • request the restriction of processing of your personal data, for example if you want us to establish its accuracy or the reason for processing it;
  • request the transfer of your personal data to yourself or another party in a safe and secure way, without affecting its usability, for example in a format that is structured, commonly used, and machine-readable.

To contact us about any of these rights, you can write to us at the following address:

Data Protection Lead
ReSI Estate Management
2 Tangier Central
Castle Street
Taunton
TA1 4AS

Alternatively email us at dpo@resi-em.co.uk or call us on 01823 813900.

Who do we share your information with?

Sometimes we may need to share your personal information. We will only do this if we have your consent or if there are legal or requirements for us to do so. We won’t ever sell your personal information to anyone else.  

We use a range of organisations to either store personal information or help deliver our services to you. We are likely to share your personal information with the following:

Police

For the purposes of preventing or detecting a crime or fraud.

Safeguarding, Support Agencies and Charities

We will only share information with these organisations where we suspect there may be safeguarding or welfare concerns. We will usually try to gain your consent in advance, but we may make a safeguarding referral without consent in situations where we feel there is a significant risk.

Group companies

We may share your information with shared service functions within the group, e.g. the IT services function for helping you access our online services.

Development Freeholders

To help manage the services we provide to you or to comply with the head lease. E.g. on the completion of any sublets we will tell them the name and age of our tenants to evidence compliance with any age restrictions.

Landlords/Tenants

We may share any tenant information we hold with their landlord. This includes references, property inspections, correspondence, payment history and any general notes relating to the conduct of a tenancy. We will share the landlord’s name and address with tenant.

We will complete a data protection impact assessment before we share personal information in a different way or with a new organisation, to make sure we protect privacy and comply with the law.

Sometimes we have a legal duty to provide personal information to other organisations, this is often because we need to give that data to the police, courts, local authorities or government bodies.

We may also share your personal information when we feel there’s a good reason that’s more important than protecting your privacy. This doesn’t happen often, but we may share your information:

  • in order to detect and prevent a crime and fraud; 
  • if there are serious risks to the public, our staff or to other professionals;
  • safeguarding of vulnerable individuals; or
  • to protect adults who are thought to be at risk, for example if they are frail, confused or cannot understand what is happening to them.

If we’re worried about your physical safety or feel we need to act to protect you from being harmed in other ways, we’ll discuss this with you and, if possible, get your permission to tell others about your situation before doing so. 

The risk must be serious before we can override your right to privacy. We may still share your information if we believe the risk to others is serious enough to do so. There may also be rare occasions when the risk to others is so great that we need to share information straight away. 

If this is the case, we’ll make sure that we record what information we share and our reasons for doing so. We’ll let you know what we’ve done and why if we think it is safe to do so and will not cause harm, distress or further risks to you, our staff, other professionals and/or the public.

Where is your information held?

Most personal information is stored on computer systems at our office in the UK or at third party data centres in the UK. There may be some occasions as our technology services progress where your information may leave the UK if it’s stored in a system outside of the EU. E.g. internet-based email servers.

We will always have additional protections on your information if it leaves the UK and ensure that we have a robust contract in place with that third party to ensure they process your data in compliance with General Data Protection Regulations.

How do we protect your information?

We are committed to ensuring the security of, and unauthorised access to, your personal data. We will only make data available to those who have a right to see it. For example, where we hold customer welfare or safeguarding information, we limit who can access that data internally on a need to know basis. We exercise the principle of least privilege – systems, employees, and representatives are given the minimum levels of access or permissions needed to perform the role. We also systematically monitor outbound emails for the purposes of protecting confidential and personal data and assisting in our ability to identify potential data breaches. If we become aware of a data breach we will, where we are required to, notify the Information Commissioner’s Office. If we believe that the data breach is serious, we may notify you as well. Security measures include encryption, anonymisation, access controls, staff security training and regular system testing and security patching.

How long do we keep your personal information?

There is often a legal or a contractual reason for keeping your personal information for a set period. We will keep your information for the duration of providing a service or product to you under the terms of a contract, such as your tenancy agreement. When your contract has ended we will keep your personal data for a set time for auditing and reporting purposes and for legitimate interest’s purposes, after that time we will either anonymise or destroy your information.

You can ask us for a copy of our retention policy by contacting us at dpo@resi-em.co.uk or by telephone on 01823 813900.

Visiting our websites

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

When you visit our website we collect standard internet log information for statistical purposes.

  • We use cookies to collect information in an anonymous way, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
  • We do not make any attempt to identify visitors to our websites. We do not associate information gathered from our sites with personally identifying information from any source.
  • When we collect personal information, for example via an online form, we will explain what we intend to do with it.

Cookies help us to improve our site and to deliver a better, more personalised service.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit https://www.aboutcookies.org.uk. To opt out of being tracked by google analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Our websites may contain links to third-party websites. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. We are not responsible for the content or privacy practices of any external websites that are linked from our sites.

How to tell us of a data breach

If you suspect your personal information or that of others may have been at risk of a data protection breach, please contact us:

Data Protection Lead
ReSI Estate Management.
2 Tangier Central
Castle Street
Taunton
TA1 4AS

Email:             dpo@resi-em.co.uk

Telephone:    01823 813900

Where can I get advice?

If you have any questions about how your personal information is handled, please contact our Data Protection Lead at dpo@resi-em.co.uk

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner’s Office (ICO) at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Tel: 01625 545 745

Web: ico.org.uk        Email: casework@ico.org.uk

© 2024  ReSI Estates Management Ltd. ReSI Estates Management Ltd, a trading name of ReSI Property Management Limited, a company registered in England with registered number 13074164, registered office address First Floor, 2 Tangier Central, Castle Street, Taunton, Somerset TA1 4AS.

Terms & Conditions  |  Privacy Notice & Cookie Policy