Privacy Policy

1. Background

This privacy notice lets you know what happens to any personal data that you give

to us, or any that we may collect from or about you. It applies to all services, and

instances where we collect your personal data.

This privacy notice applies to personal information processed on or behalf of James

Gibb Property Management Ltd.

Changes to this privacy notice

We may change this privacy notice on occasion, to reflect changes in the law and/

or our privacy practices. We encourage you to check this privacy notice for changes

whenever you visit our website – https://www.jamesgibb.co.uk

Our Company and Data Protection Officer

We are James Gibb Property Management Ltd, we have 4 offices in Scotland,

Edinburgh, Aberdeen, Dundee and Glasgow, with Glasgow being designated Head

Office. Our address is Red Tree Magenta, 3rd Floor, 270 Glasgow Road, Glasgow,

G73 1UZ. 

We have a nominated data protection officer (“DPO”). You can contact the DPO by

writing to the above address, marking it for the attention of the DPO, using the

Contact Us form on our website: – https://www.jamesgibb.co.uk or by e-mail to

DPO@jamesgibb.co.uk

2. What kinds of personal information about you do we process?

Personal information that we will process about the services we provide you

includes:

• Personal and contact details, such as title, full name, contact details and contact

details history.

• Information about property, such as location, value, (for insurance purposes, if

applicable), property type and any repairs and maintenance work we have

carried out on behalf of the registered owners.

• Personal and contact details of any named person who you have authorised to

act on your behalf in relation to the service we provide or managing the account

you have with us, such as letting agent, relative, solicitor. (please note the

authorisation must be provided in writing confirming the named persons details).

• Records of contact with us, such as letters, e-mails, contact via our website,

client portal or the James Gibb + App.

• Services we provide on behalf of registered owners, such as cleaning services,

grounds maintenance, including usage of these services.

• Information relating to client property and account, such as Income Recovery

Actions.

• Marketing to clients in relation to the services we provide or to manage an

account.

• Information about the use of services held with our business partners, such as

Insurance policies.

• Financial details relating to an account, such as Bank details, (if payment method

is direct debit).

3. What is the source of your personal information?

We will collect personal information from the following general sources:

• From you directly, and any information received from a third party named

person on the account.

• Information generated about you during the provision of our services.

• Business partners, such as insurers, (if applicable), and others who are part of

providing services or operating our business.

• From other sources, such as publicly available information, debt recovery and /

or tracing agents, Registers of Scotland.

4. What do we use your personal data for?

We use your personal data, including any of the personal data listed in section 1

above, for the following purposes:

• Managing your property and services you have with us.

• Managing your account with us.

• Providing you with information relating to our services.

• Updating your records, tracing your whereabouts and recovering debt.

• Managing any aspect of the services we provide.

• The performance of our services and internal processes.

• To improve the operation of our business and that of our business partners.

• To follow guidance and best practice under the change to rules of government

and regulatory bodies.

• For management and auditing of our business operations including accounting.

• To monitor and to keep records of our communication with you and our staff.

• To administer our good governance requirements such as internal reporting and

compliance obligations.

• To comply with legal and regulatory obligations, requirements and guidance.

• To share information as needed with business partners, such as, contractors who

provide services to you, debt recovery agent, insurers.

• To share information with other agencies such as the police, for the prevention /

detection of crime.

5. What are the legal grounds for our processing of your personal

information, (including where we share it with others)?

• Where it is needed to provide you with our services, such as:

o Managing the services, you hold with us or the contact information where

you have asked us to provide you with our services.

o Updating your account details, tracing your whereabouts to contact you

about your account and doing this for recovering debt (where appropriate).

o Sharing your personal information with business partners and service

providers to help manage your account

o All stages and activities relevant to managing the service including enquiry,

administration and managing of accounts.

• Where it is in our Legitimate interests to do so such as:

o Managing your services and account, updating your record, tracing you

whereabouts to contact you about your account and doing this for recovering

debt, (where appropriate).

o To perform our services and internal processes.

o To follow guidance and best practice of government and regulatory bodies.

o For management and audit of our business operations, including accounting.

o To carry out monitoring and to keep records of our communications with you

and our staff.

o To administer our good governance requirements such as, internal reporting

and compliance obligations.

o Where we need to share your personal information with people or

organisations to run our business or comply with any legal and / or regulatory

obligations.

• To comply with our Legal obligations.

• With your Consent:

o For some “marketing” communications.

• For a Public interest, such as:

o Processing special categories of personal data, such as health or if you are a

vulnerable client.

6. When do we share your personal information with other

organisations?

We may share information with the following third parties for the purposes listed

above:

• Service providers.

• Business partners such as, insurers, debt recovery agents, or others who are part

of providing your services or operating our business.

• Government or regulatory bodies, such as HMRC, the Financial Conduct

Authority, the Information Commissioners Office and The First Tier Tribunal for

Scotland, (Housing and Property Chamber).

• Other organisations and businesses who provide services to us, such as, back up

and server hosting providers, IT software and maintenance providers and

providers of other back-office functions.

Please note we do not sell or give your personal details to third party for purposes unrelated

to your factoring account.

7. How and when can you withdraw your consent?

Where we are relying on your consent to process personal data, you can withdraw

this at any time. (please refer to section 5).

8. Is your personal information transferred outside the UK or the EEA?

We do not anticipate transferring your personal information outside of the UK or the

European Economic Area, but if our back up/ server uses “Cloud” services which may

be outside of these areas, we will make sure that suitable security and safeguards

are in place.

9. What should you do if your personal information changes?

You should tell us so that we can update our records. You can do this by sending us

an e-mail, writing to us, or by using the Contact Us form on our website,

https://www.jamesgibb.co.uk .

10. Do you have to provide your personal information to us?

We require your personal information to fulfil our legitimate obligations in providing

service to property owners.

11. Do we do any monitoring processing of your personal information?

In this section monitoring means any: listening to, recording of, viewing of,

intercepting of, or taking and keeping records (as the case may be) of calls, e-mail,

text messages, letters, in person (face to face) meetings and other communications.

We will monitor where permitted by law and will do this where the law requires it,

or to comply with regulatory rules, in the interests of protecting the security of our

communications systems and procedures and for quality control and staff training

purposes. This information may be shared for the purposes described above.

12. What about automated decision making?

We do not use automated decision making in either the provision of our services to

you or managing your account.

13. For how long is your personal information retained by us?

Unless we explain otherwise to you, we will retain your personal information based

on the following criteria:

• For as long as we have reasonable business needs, such as managing our

relationships with you and managing our operations.

• For as long as we provide services to you and then for as long as someone could

bring a claim against us / you in relation to the services we provided on your

behalf.

• Retention periods in line with legal and regulatory requirements or guidance.

14. What are your rights under General Data Protection Regulations

(GDPR)?

Here is a list of the rights that all individuals have under the General Data

Regulations and the Data Protection Bill 2018 which applies from 25th May 2018.

They do not apply in all circumstances. If you wish any clarification on these, please

contact our Data Protection Officer by e-mail to DPO@jamesgibb.co.uk .

• The right to be informed about the processing of your personal information.

• The right to have your personal information corrected if it is inaccurate and to

have incomplete personal information completed.

• The right to object to processing your personal information.

• The right to restrict your personal information.

• The right to have your personal information erased, (the “right to be forgotten”).

• The right to request access to your personal information and to obtain

information about how we process it.

• The right to move, copy or transfer your personal information (“data portability”).

• Rights in relation to automated decision making which has a legal effect or

otherwise significantly affects you.

You have the right to complain to the information Commissioner’s Office which enforces

all data protection regulations and laws: https://ico.org.uk/

15. Your right to object

You have the right to object to certain purposes for processing, to data processed for

direct marketing purposes and to data processed for certain reasons based on our

legitimate interests. You can contact us by using the Contact Us form on our

website, https://www.jamesgibb.co.uk .

16. What are your marketing preferences and what do they mean?

We may use your home address, phone numbers, e-mail address and social media

channels (for example, Facebook, Google and message facilities in other platforms).

If you have opted to receive marketing information from us, you can stop this at any

time by contacting us using the details below.

Contact Us

If you have any questions about this privacy notice, or if you wish to exercise your

rights or contact the DPO, you can contact us by using the Contact Us form on our

website, https://www.jamesgibb.co.uk .

Alternatively, you can write to us: The Data Protection Officer, James Gibb Property

Management Ltd, Red Tree Magenta, 3rd Floor, 270 Glasgow Road, Glasgow, G73

1UZ. You can also e-mail by contacting the DPO on DPO@jamesgibb.co.uk