Up to 10% Loyalty Discount* read more

Privacy Policy

General Data Protection Regulation (2018) Policy

Avery & Co are residential surveyors and valuers covering the North West of England and North Wales carrying out surveys and valuations of residential properties for both private clients and on behalf of suppliers such as; mortgage lenders or referral sources. We are an RICS regulated firm and understand the importance of protecting our client’s data and all other data necessary to conduct our business.  We take and store all data in accordance with General Data Protection Regulations (GDPR – 2018). It is our commitment to both our employees, clients, and all other people we communicate with that we will honour and comply with GDPR and continue to ensure data is safe and not misused.

 

Notice and Consent

Avery & Co collect, or are provided with the data needed to conduct the relevant service as instructed by the client. All data held is necessary and securely stored. We receive affirmative consent from the client by ensuring they sign our Terms of Engagement.  The Terms of Engagement have a Privacy Notice, and a Privacy Declaration to be signed by the client. Our Terms of Engagement state:

General Data Protection Regulations (GDPR – 2018) provides consumers with specific rights on how their data is held and processed.  It gives the consumer the right to know what data of theirs is held and the right to have this information removed or corrected. By accepting these Terms of Engagement, you should be aware that for legal purposes, some of the information we hold must be retained for a period of up to 15 years from the date of instruction in order to comply with other regulations including the Limitation Act (1980).  However, we will never pass any of your data onto any third party without prior consent.  Upon request, we will be happy to provide a copy of our Privacy Policy which outlines the nature of data we hold on your behalf. We may wish to use your data to contact you in the future for market research purposes or to inform you of new products and services.

By signing the GDPR declaration on the final page of this document, you agree with us storing the necessary data relating to you and you are happy to be contacted by Avery & Co in the future. If you do not wish to sign the declaration unfortunately, we have no alternative but to decline your instructions.

 

Where instructions are sent to Avery & Co and Terms of Engagement cannot be issued i.e. for mortgage valuations, it is assumed that the mortgage lender takes the necessary steps to comply with GDPR when collecting and providing any personal data.  As a Controller of data, Avery & Co then follow GDPR to ensure all processes are compliant.

Access/vendor details for a residential property requiring a valuation or survey is data which permission can not be asked for.  However, it is necessary for Avery & Co to undertake the service requested and that Avery & Co retain such data within cases files for purposes including; complaints, criminal or fraudulent activity surrounding the case.

 

General processes

Avery & Co have processes and procedures in place for elements of the business that are affected by GDPR such as:

  • Instructions –  are taken using an Instruction Form by administration staff, this data is securely keyed onto a computer system.  The instruction sheet is then scanned and saved securely.  All paper copies relating to the instruction are then deleted/shredded.
  • Reports – both valuation and survey reports contain personal data.  These reports are saved securely on a computer system. They are also securely signed so that they cannot be altered or amended.  No paper copies of reports are kept.  Avery & Co retain all reports for 15 years from the date of inspection.
  • Files –  contain all necessary data and information relating to each case, including clients contact details, site notes and photographs.  As stated in the Terms of Engagement under the Privacy Notice, Avery & Co store such data for 15 years under the Limitation Act 1980 to enable a response to any potential claims or issues relating to a case in the future.  Although this data is securely stored both digitally and within secure and organised filing cabinets/storage facility, the data is not used for anything other than in the instance of complaint or case issue i.e. it is not passed onto third parties or used for marketing purposes.
  • Telephone conversations –  are recorded for training and quality purposes.  They are stored for 30 days by our telephone provider. At the beginning of each call, the caller is made aware of this.

 

Suppliers of services

Avery & Co have contracts with several suppliers of services. Where possible Avery & Co have received confirmation from these suppliers stating that they comply with GDPR.  Otherwise, it is assumed that these suppliers are compliant.

 

Access, modification, and deletion

A client’s personal data that is held by Avery & Co can be accessed or modified/deleted as it is their right under GDPR to do this.  However, Avery & Co can refuse this contractually due to the Limitation Act 1980.

If a client withdraws their consent to use, hold and store their personal data before the instruction is implemented (property inspection takes place) or before the Terms of Engagement are signed, Avery & Co will cancel the instruction and the client’s details will be appropriated deleted.

 

Limits on retention

Avery & Co will not store data indefinitely or longer than is required.  Avery & Co have a retention period of 15 years from the date of inspection of a property in which data is held.  This limitation period falls under the Limitation Act 1980. Data must be stored securely during this time. After 15 years from the data of inspection, the data is to be deleted appropriately.

A client cannot withdraw consent once the inspection of a property has taken place or, once they have signed Avery & Co’s Terms of Engagement.

 

Security and data breaches

Avery & Co implement vital and appropriate security measures such as encryption, regular password changes and other security checks such as checking the security of filing cabinets.

If there is a security breach, Avery & Co will send out breach notification within 72 hours to the client informing them.  The reason for this breach will then be analysed and measures will be put into place to ensure it does not happen again.

All staff at Avery & Co receive annual training on Data Protection.

Head Office:

23 Goodlass Road,
Hunts Cross,
Liverpool, L24 9HJ
Tel: 0151 321 2000

Chester Office:

Regus House
Heron’s Way
Chester Business Park
Chester, CH4 9QR
Tel: 01244 457247

Manchester Office:

Peter House,
Oxford Street,
Manchester, M1 5AN
Tel: 0161 820 9133

Preston Office:

Unit CO1B, Business First
Millennium City Park
Millennium Road
Preston, PR2 5DB.
Tel: 01772 972345