Conquer Ltd is committed to all aspects of data protection and takes its duties seriously under GDPR legislation.
Conquer Ltd also incorporates the following companies:
Let Response and Home Response
The IT manager is responsible for the implementation of this policy. If you have any queries please direct them to firstname.lastname@example.org or 57 Severn Road, Weston-super-Mare, BS23 1DR.
Effective 25th May 2018
Data Protection overview
GDPR describes how organisations must handle and store personal data. To comply with the law, personal information must be stored safely and not disclosed unlawfully.
Further information can be found at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Things you create or provide to us
When you create an account with Let Response or Home Response you provide us with contact details that are stored securely in our electronic database, including your name, contact details, details of properties you own or manage and a password.
Information provided by others
We may be provided with the name and contact details of landlords from the letting agents that we work with, and the names and contact details of tenants from landlords or letting agents.
Information we collect as you use our services
As we carry out our services, notes are created and stored during the processing of a job and may include personal data collected (such as alternative contact details, availability, images of work done, and communications between parties). These assist with the completion of the work required and any warranty queries that may occur.
We may store certificates for a property such as Gas Safety Certificates on our server when they are carried out.
Purposes for which we use and process your information and the grounds for doing so
We store and process the property data of a landlord, homeowner or tenant for the purpose of allowing us to gain access to inspect and quote for work requested and to complete authorised works and invoice as required under a contractual basis.
Contact details of tenants and landlords are used to contact the subject to schedule and confirm visits and notify the subject when we will be arriving on site. We deem this to be a legitimate interest as it increases efficiency contacting the tenant or landlord directly and ensures someone is on site to allow access where required. The tenant also benefits from knowing when the fitter is attending and on route to their property.
We use registered users’ contact details to notify of updates to any work you have or send queries regarding the work. We do this under a legitimate interest and contractual basis to provide regular communication about developments to the job and reduce unnecessary delays in obtaining authorisation to proceed with work.
Certificates, such as CP12s, may be stored on our portal for download to provide evidence of compliance under a contractual and legal obligation basis.
IP addresses are stored in server access logs for the purpose of detecting unauthorised use or attempts to breach our servers as required under GDPR as part of our data breach protection and detection policy.
Sharing of your information
We may disclose the name of the tenant and their phone number (or similar appropriate contact) to our fitters and sub-contractors, who may only use the data to contact the subject in relation to gaining access to the property to allow work to be carried out.
We may share your data with other third parties where we are legally obliged to do so, or with a debt recovery agency.
None of the data we process is transferred outside of the EEA.
How long we keep your data
We only keep personal data as long as necessary and for the purposes it was collected.
While you hold an account with us, or have outstanding payments due, we will store your contact and property details.
Contact details relating to work carried out at a property will be retained for the purpose of warranty claims. This is usually 12 months but may vary depending on the nature of the work carried out.
Certificates are retained until they are renewed.
Personal data relating to financial transactions will be retained for 7 years for our tax records.
Managing and updating your information – your rights
You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of the information we hold, please write to the address above or email email@example.com
We want to ensure that your information is correct and up to date, so you are also entitled to ask us to update or remove information which you think is inaccurate.
You have the right to request that we remove your information from our records, or stop using it for particular purposes. We will do this wherever possible unless:
It would prevent us providing a service to you and you still wish to receive the service
Where we have a legal obligation to retain the information
Where you have outstanding balances to be paid
Other technical reasons that do not allow us to remove your data entirely
Keeping your personal data safe
We take the security of your data very seriously and employ several technical and organisational measures to protect your data from being accidentally lost, altered, or accessed in an unauthorised way.
The raw data is held securely on a remote server with very limited access with all passwords encrypted and salted. The data is processed through our web portal using verified user accounts protected by encrypted passwords to identify a user and grant access only to the data and processing authorised to that user. Best coding practices are employed and all user input is sanitised to protect against database injection attacks.
Users are expected to choose sufficiently strong and unique passwords and take care of their own log-in details, keeping them secure to prevent unauthorised access to their account.
Changes to the Policy
We review and update our policies regularly, and any update will be made available on our websites.