Visiting this website:
We log the IP address, geographical location, browser type / version and operating system as well as a timestamp on our server log.
Our security software (third party provider) automatically collects search queries and the date and time of the request and referral URL. Depending on the settings of the device, it also automatically collects: IP address; MAC address; Device make, model and operating system version; mobile network information; internet service provider; browser type and language; country and time zone in which the Device is located; and metadata stored on the Device.

Personal data we obtain from you may include (via enquiry form, social media, phone call, post or in person):
Name, trading or business name, telephone number, job title, email address, address and postcode (and / or property photoshoot address and postcode), signature

Transaction data (BACS, cheques and cash):
If you do a BACS payment this may show up with certain details on our own bank statements it will show your account name and payment reference you enter. For cheque or cash payments we also note who this payment relates to on our paying-in book.

Email:
If you send us an email, the email will contain meta data (this may include name, email address along with a time stamp) and any other information you choose to share with us. It is your responsibility to make sure that your email and attachments are virus free and sent from a reputable provider.

Telephone:
Your telephone number will get logged on our device if you call us (unless you withheld your number). You may also choose to leave a voicemail. All call logs and voicemails are routinely deleted when no longer required.

From a third party (from an estate agent – only applies if we invoice you or send photos directly to you):
For the purposes of Property Photography we may have been passed your name, address, telephone number and / or email address from an estate agent (under a data processing agreement). If you are paying us directly, we will be the data controller and use your name and address for administering the customer account and providing you with an invoice and / or send photo files on a disk in the post or via WeTransfer to your email address.

Contractual Necessity:
We will process your personal data for the performance of a contract between you and us and/or taking steps (e.g. provide a quote), at your request, to enter into such a contract to provide goods or services.

Legal obligation:
We process personal data in order to comply with our legal obligations for HMRC. This includes internal record keeping such as bank statements, paying in books, cheque books, diaries, mileage log, customer accounts, invoices and purchase data.

Legitimate interests:

We will process your personal data for our legitimate business interests which include some or all of the following:

1. IP addresses and other meta data is logged and used when visiting the website for the monitoring and security of our website
2. Managing customer / supplier accounts, maintaining backups and hosting of data, and workflow management of our diary, namely the proper internal record keeping and administration of our business
3. Responding to and following up on communications / enquiries about our services or products namely the proper internal record keeping, administration of our business and communications with prospective customers, customers and suppliers
4. Contact existing customers for the purposes of updating them on changes to services or products (such as price changes, recommendations of similar products or holiday notifications), namely the proper administration of our business and communications with customers
5. Recovering debts and overdue payments owed to us
6. Obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice, namely the proper protection of our business against risks
7. For the establishment or defence of legal claims

Providing us with your personal data for the purposes of providing goods or services is a contractual requirement (unless we obtain it from a third party), as such you are obliged to provide this information.

It is your choice on whether to provide personal data, but if you decide you don’t want to provide us with your personal data, in turn we may not be able to provide more information or enter into a contract with you to provide goods and / or services.

We do not sell or share personal data for marketing purposes. We use third party systems and advisers to help us run our business, these have access to personal data and can only use it for the purposes as we set out in accordance with our contractual instructions.

Emails:
We do not authorise any third parties to access our email mailbox without our written permission. Our email and website server is based in England, UK.

Transferring photo files (via email to you):
We use third party provider, WeTransfer to transfer large files (e.g. property photos). We use your email address, first name or surname and message content (usually mentioning the property) along with the attached file which is labelled with your property address. This information is stored for 12 months by WeTransfer.

Social Media Interactions:
We use third party provider, Hootsuite to manage our social media interactions. If you contact us or interact with us through social media (private or direct message) it may be stored by Hootsuite for up to 3 months.

Accountant, professional advisors, courts of law and insurance:
We may disclose your personal data to our accountant, insurers, court of law and/or professional advisers insofar as reasonably necessary for the purposes of completing our end of year accounts, obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes in court.

Security Software Provider (for our website):
We disclose to our security software provider data automatically collected when using our website for the purposes of security. It automatically collects search queries and the date and time of the request and referral URL. Depending on the settings of the device, it also automatically collects: IP address; MAC address; Device make, model and operating system version; mobile network information; internet service provider; browser type and language; country and time zone in which the Device is located; and metadata stored on the Device.

Cloud accountancy system and CRM:
We use third party provider, KashFlow in the UK for our cloud accountancy system and client relationship management (CRM). This may include invoices, purchases, name, address, postcode, telephone number and email address. This system is a processor on our behalf to provide the software and system. They may access your personal data in order to provide system support.

Print suppliers and delivery companies:
We may disclose personal data (this may include name, company name, phone number, email address, address and postcode – we only share the minimal amount of data required for that purpose) to our print suppliers or delivery companies insofar as reasonably necessary for providing a service or product on our behalf (for example, our print suppliers will only use your personal data to deliver your parcel). The supplier or subcontractor is only permitted to use your data to perform the required business function necessary in providing the service or product.

IT service, support and system providers:
We may disclose personal data to IT service, support and system providers who carry out work on our behalf or provide systems to us.

Legal obligation:
In addition to the specific disclosures of personal data set out in Section 4, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

In this Section, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).

For suppliers or third party service providers that are situated in the United Kingdom and the EU (including but not limited to; our email and website hosting provider in the UK, accountancy and CRM software provider in the UK, and WeTransfer file delivery provider in the Netherlands). The European Commission has made an “adequacy decision” with respect to the data protection laws of each of these countries.

Our website security provider is situated in the USA. Transfers to this country will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission.

Our social media management tool, Hootsuite are situated in Canada. Transfers to this country will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission.

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will keep written contracts for up to 6 years after termination along with any correspondence and notes we deem necessary for proper business administration and record keeping should we require legal defence or insurance cover.

Customer account data (including name, company name, address and postcode), invoices and purchases will be kept for 7 years from the date of your last transaction to comply with HMRC tax reporting and record keeping obligations. We remove telephone number and email address from customer accounts when no longer required, generally within 12 months of our business relationship ending.

IP addresses and other meta data collected are deleted from our server log within 24 hours from the time of last visiting our website (deleted automatically), and are kept by our security software provider indefinitely until there is no further need.

Enquiry correspondence and quotes will be kept for up to 6 months unless you tell us that you are not taking your enquiry any further, in which case we will remove it.

We use an SSL (secure socket layer) certificate on our website (you can see this by the “green padlock” in your browser). This encrypts the link between the website server and the end user.

Our emails and enquiry form are sent using SSL connection over SMTP. However emails cannot be 100% secure, this is due to the way the internet works. We cannot accept responsibility as it’s out of our control.

We have put in place suitable technical and physical measures for any systems we use where personal data is present.

We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.

In this Section 9, we have summarised the rights that you have under data protection law.

The right to access your personal data:
You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.

The right to rectification:
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

The right to erasure:
In some circumstances you have the right to the erasure of your personal data without undue delay. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.

The right to restrict processing:
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

The right to object to processing:
You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

The right to data portability:
To the extent that the legal basis for our processing of your personal data is consent or for the performance of a contract (or taking steps to enter into a contract), and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

The right to complain to a supervisory authority:
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority. In the UK it is the Information Commissioners Office – https://ico.org.uk/ who are responsible for data protection enforcement.

You may exercise any of your rights in relation to your personal data by written notice to us – either by our mailing address or emailing info@adamrichardjones.co.uk

Please note that we do not use cookies on our website. We may share third party website links which may use cookies – it’s your responsibility to check their privacy and cookie policies.

This website is owned and operated by Adam Richard Jones.

You can contact our data representative – Adam Richard Jones, using the following details;

Mail address (no visitors please): Adam Richard Jones, 3 Pensmill Close, Eardiston, Tenbury Wells, Worcestershire, WR15 8GA.

Phone number: 07534 364736

Email address: info@adamrichardjones.co.uk

Data controller registration no.: ZA058126