Luke Miller & Associates offers a large range of property services to a broad market through its investor, developer and occupier clients, at every stage of the entire process: property development, transaction, consulting, valuation, property management and investment management.
This Data Protection Notice provides you with detailed information relating to the protection of your personal data by Luke Miller & Associates.
Luke Miller & Associates, having its registered office at 4 Finkle Street, Thirsk, North Yorkshire, YO7 1DA are responsible, as a controller, for collecting and processing your personal data in relation to our activities. The purpose of this Data Protection Notice is to let you know which personal data we collect about you, the reasons why we use and share such data, how long we keep it, what your rights are and how you can exercise them.
Further information may be provided where necessary when you apply for a specific product or service.
1. WHICH PERSONAL DATA DO WE USE ABOUT YOU?
We collect and use your personal data to the extent necessary in the framework of our activities and to achieve a high standard of personalised products and services.
Depending among others on the type of product or service we provide to you, we may collect various types of personal data about you, including:
- identification information (e.g. name, ID card and passport numbers, nationality, place and date of birth, gender, photograph, IP address);
- contact information (e.g. postal address and e-mail address, phone number);
- family situation (e.g. marital status, number of children);
- economic and financial information
- employment information (e.g. employment, employer’s name, remuneration);
- banking, financial and transnational data (e.g. bank account details, credit card number, credit history, debts and expenses);
- data from your interactions with us (eg: our internet websites, our apps, our social media pages, meeting, call, chat, email, interview, phone conversation, correspondence, requests for information or documents, method of commercialisation);
- video surveillance (including CCTV) located at 4 Finkle Street, Thirsk, North Yorksire, YO7 1DA;
- data necessary to fight against over indebtedness, fraud, money laundering and terrorist financing.
We never ask for personal data related to your racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, genetic data or data concerning your sex orientation, unless it is required through a legal obligation.
The data we use about you may either be directly provided by you or be obtained from the following sources in order to verify or enrich our databases:
• third parties such as credit reference agencies and fraud prevention agencies in conformity with the data protection legislation;
• websites/social media pages containing information made public by you (e.g. your own website or social media); and
• databases made publicly available by third parties.
2. SPECIFIC CASES OF PERSONAL DATA COLLECTION, INCLUDING INDIRECT COLLECTION
For some reasons, we may also collect information about you whereas you have no direct relationship with us.
This may happen for instance when your employer provides us with information about you or your contact details are provided by one of our clients if you are for example:
- Co-borrowers / guarantors;
- Legal representatives (power of attorney);
- Beneficiaries of payment transactions made by our clients;
- Beneficiaries of insurance policies and trusts;
- Ultimate beneficial owners;
- Clients‘ debtors (e.g. in case of bankruptcy);
- Company shareholders;
- Representatives of a legal entity (which may be a client or a vendor);
- Staff of service provider and commercial partners.
3. WHY AND ON WHICH BASIS DO WE USE YOUR PERSONAL DATA?
a. To comply with our legal and regulatory obligations
- We use your personal data to comply with various legal and regulatory obligations, including:
- Real estate regulations
- banking and financial regulations in compliance with which we:
- set up security measures in order to prevent abuse and fraud;
- reply to an official request from a duly authorised public or judicial authority;
- prevention of money-laundering and financing of terrorism;
b. To perform a contract with you or to take steps at your request before entering into a contract
We use your personal data to enter into and perform our contracts, including to:
- provide you with information regarding our products and services;
- assist you and answer your requests;
- evaluate if we can offer you a product or service and under which conditions; and
c. To fulfill our legitimate interest
We use your personal data in order to deploy and develop our products or services, to improve our risk management and to defend our legal rights, including:
- proof of transactions;
- fraud prevention;
- IT management, including infrastructure management (e.g. : shared platforms) & business continuity and IT security
This can be achieved by:
- segmenting our prospects and clients;
- matching the products or services that you already hold or use with other data we hold about you
- if we need to carry out further processing for purposes other than those above in section 3, we will inform you and, where necessary, obtain your consent.
4. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In order to fulfill the aforementioned purposes, we only disclose your personal data to:
- Luke Miller a& Associates entities (e.g. you can benefit from our full range of products and services);
- Service providers which perform services on our behalf;
- Independent agents, intermediaries or brokers, banking and commercial partners, with which we have regular relationship;
- Financial or judicial authorities, arbitrators and mediators, state agencies or public bodies, upon request and to the extent permitted by law;
- Certain regulated professionals such as lawyers, notaries or auditors.
5. TRANSFERS OF PERSONAL DATA OUTSIDE THE EEA
In case of international transfers originating from the European Economic Area (EEA), where the European Commission has recognised a non-EEA country as providing an adequate level of data protection, your personal data may be transferred on this basis.
For transfers to non-EEA countries whose level of protection has not been recognised by the European Commission, we will either rely on a derogation applicable to the specific situation (e.g. if the transfer is necessary to perform our contract with you such as when making an international payment) or implement one of the following safeguards to ensure the protection of your personal data:
- Standard contractual clauses approved by the European Commission;
- Binding corporate rules.
To obtain a copy of these safeguards or details on where they are available, you can send a written request as set out in Section 9.
6. HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?
We will retain your personal data for the longer of the period required in order to comply with applicable laws and regulations or another period with regard to our operational requirements, such as proper account maintenance, facilitating client relationship management, and responding to legal claims or regulatory requests. For instance, most of client’s information is kept for the duration of the contractual relationship and 10 years after the end of the contractual relationship. For prospects, information is kept 3 years.
7. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
In accordance with applicable regulations, you have the following rights:
- To access: you can obtain information relating to the processing of your personal data, and a copy of such personal data.
- To rectify: where you consider that your personal data are inaccurate or incomplete, you can require that such personal data be modified accordingly.
- To erase: you can require the deletion of your personal data, to the extent permitted by law.
- To restrict: you can request the restriction of the processing of your personal data.
- To object: you can object to the processing of your personal data, on grounds relating to your particular situation. You have the absolute right to object to the processing of your personal data for direct marketing purposes, which includes profiling related to such direct marketing.
- To withdraw your consent: where you have given your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
- To data portability: where legally applicable, you have the right to have the personal data you have provided to us be returned to you or, where technically feasible, transferred to a third party.
If you wish to exercise the rights listed above, please send a request to email@example.com or a letter to the following address: Luke Miller & Associates, 4 Finkle Street, Thirsk, North Yorkshire, YO7 1DA .
In accordance with applicable regulation, in addition to your rights above, you are also entitled to lodge a complaint with the competent supervisory authority.
8. HOW CAN YOU KEEP UP WITH CHANGES TO THIS DATA PROTECTION NOTICE?
We may need to regularly update this Data Protection Notice and changes will be made to this page and we would suggest that you review this regularly. We may also, where appropriate, inform you of any material changes through our website or through our other usual communication channels.
9. HOW TO CONTACT US?
If you have any questions relating to our use of your personal data under this Data Protection Notice, please contact our data protection officer firstname.lastname@example.org, who will investigate your query.