PRIVACY AND DATA PROTECTION DISCLAIMER

Assured Shorthold Tenancy (AST) Tenants

This notice explains what information we collect, when we collect it and how we use this. During our activities, we will process personal data about you which may be held on paper, electronically, or otherwise, we recognise the need to treat it in an appropriate and lawful manner. The purpose of this notice is to make you aware of how we will handle your information. This policy is valid from May 2018. Who we Are: Moat Property Management Limited is a property company that operates on behalf of the Landlord, we take the issue of security and data protection very seriously. We collect the following information about you for your application for accommodation: The Tenant - Tenants full name, e-mail address, telephone number Date of Birth, Current and previous addresses within 3 years, marital status, National Insurance Number, nationality, next of kin, name of university or college where you are studying (if applicable), the name of friends that you are staying with (if applicable); Property address; term, rent, deposit, utility and service responsibilities; The employment status of tenants and/or guarantors, address, contact details (including email, phone and fax numbers) of the employer/accountant, payroll numbers, length and terms of employment, salary information (including any regular overtime or commission), and any other income received; The Guarantor - Guarantor name, e-mail address, telephone number, Date of Birth, address current and previous within 3 years, marital status, National Insurance Number, nationality, next of kin (if applicable); Property address; term, rent, confirmation of ownership, deposit, utility and service responsibilities; The employment status guarantors, address, contact details (including email, phone and fax numbers) of the employer/accountant, payroll numbers, length and terms of employment, salary information (including any regular overtime or commission), and any other income received; The Information is required for the following reasons: to carry out due diligence on any prospective tenant, including whether there is any money judgements against them, or any history of bankruptcy or insolvency; to analyse the information, we collect so that we can administer, support and improve and develop our business and the services we offer to Tenants. to undertake and perform our obligations and duties to you in accordance with the terms of our contract with you; to enable us to supply you with the services and information which you have requested to help you to manage your tenancy; to enable us to supply you with the services and information you have requested. to enable us to manage your Tenancy; to contact you to send you details of any changes to our or supplies which may affect you; for all other purposes consistent with the proper performance of our operations and business. The information you provide to us will be treated by us as confidential and will be processed only by our monitored parties, acting on our behalf, within the UK. If and when required we may disclose your information to other third parties who act for us for the purposes set out in this notice, including the following: To carry out due diligence on you as a prospective tenant/ guarantor, including but not limited to the carrying out of affordability checks, due diligence checks and the obtaining of references from relevant parties, whose data you have provided; If you are unable to make payments under your tenancy, your information may be disclosed to any relevant professional party assisting in the recovery of this debt or the tracing of you as a tenant; In the creation, renewal or termination of the tenancy, your information will be disclosed to the relevant local authority, tenancy deposit scheme administrator, service/utility provider, freeholder, factor, facilities manager or any other relevant person or organisation in connection with this. If you request so, your information shall be disclosed to determine if there are any money judgements against you, as the prospective tenant/guarantor, or to determine if they have a history of bankruptcy or insolvency; checks and the obtaining of references from relevant parties, whose data you have provide If we enter into a joint venture with or merged with a business entity, your information may be disclosed to our new business partners or owners; Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent. Security - When you give us information we have a formal protocol in place to ensure that your personal information is kept secure and safe. How Long we keep your Information- We review data retention periods regularly and will only hold your personal data for the period stipulated within the regulations or as set out in any relevant contract we have with you. The period is between 6 – 7 years as per regulations and best practise procedure dependent on activity and required by law, this is stipulated within the contract we have with you. How we use cookies on this website- A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. Links to other websites-Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. Your Rights-You have the right at any time to: ask for a copy of the information we hold on you, require us to correct any inaccuracies in your information; object to receiving any marketing communications from me/ us. If you would like to exercise any of your rights above, please contact info@moatmanagement.com. Should you wish to complain about the use of your information, we would ask that you contact us to resolve this matter in the first instance. You also have the right to complain to the Information Commissioner’s Office in relation to our use of your information. The Information Commissioner’s contact details are noted below: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Telephone: 0303 123 1113, Email: casework@ico.org.uk, The accuracy of your information is important to us – please help us keep our records updated by informing us of any changes to your email address and other contact details.

Block Management

The EU General Data Protection Regulation (GDPR) comes into effect on 25th May 2018. This legislation strengthens individual rights of UK citizens over use of their data and creates uniform handling procedures across the EU. This legislation supplements the UK’s own Data Protection Act. Moat Property Management Limited is the appointed Managing Agent for your building and, as such, has relationships with various parties and this policy ensures that we comply with the necessary Data Protection obligations. Moat Property Management Limited is appointed as the Managing Agent by its Clients and acts as a consultant to advise and inform on legal compliance, lease conditions, and industry codes of practice. Throughout the daily duties of Block Management, Moat Property Management Limited collects and uses data on Leaseholders, Tenants, Clients, Contractors and Suppliers. Personal information is collected and dealt with appropriately and safeguards are in place to ensure that information is protected under both the Data Protection Act 1998 and General Data Protection Regulation (GDPR). Moat Property Management Limited is a Data Processor and, in certain circumstances, also a Data Controller. Under the GDPR regulations, Moat Property Management Limited is permitted to be both Processor and Controller. Moat Property Management Limited is the processor when data is used to manage buildings. Moat Property Management Limited is the controller when we collect data for its own personal use, such as for marketing and communication. In accordance with the Data Protection Act 1998, data is collected fairly and lawfully and is used for the purposes it is intended. Data is relevant, kept up to date and not kept for longer than necessary. Data is not transferred outside of the EU, without agreement. Moat Property Management Limited may share data with other agencies, such as local authorities or the police, upon request. There are certain circumstances where Moat Property Management Limited may be legally required to share data without prior consent. There may be requirement for Moat Property Management Limited to disclose data without prior consent to ensure that its obligations as Managing Agent are met. Such circumstances include emergency access, debt recovery and legal proceedings against the Client. Personal data is not shared with other leaseholders or used for any other purposes, other than those relevant to the management of their building, nor will it be sold to third parties for marketing purposes. To undertake its duties as Block Manager, Moat Property Management Limited will collect and hold information from Clients, Leaseholders, Tenants, Suppliers & Contractors and other relevant parties associated with providing services. The information collected may include, but not limited to ‘Identity Data’ (names, contact numbers, email address, correspondence address) and ‘Financial Data’ (including bank accounts). Moat Property Management Limited is responsible for maintaining control and confidentiality of all records held and must take steps to ensure that data is kept secured against unlawful disclosure. To do this, files are kept in lockable cupboards, data is archived, files are password-protected, electronic data is held on a secure server and backed up. Information is kept for as long as required by statute and is generally no more than seven years. If your data is held by Moat Property Management Limited, you have the right to request what is held, how you can access this information, how to keep it up to date and how it is controlled. Under the new Act, you have the right to prevent processing data in some circumstances and the right to correct or erase data deemed to be collected wrongfully. To make a data request, you must provide your full name and contact details, along with your relationship to Moat Property Management Limited and photographic identification (such as passport or driver’s license). Moat Property Management Limited will ensure that requests for access are provided within 40 business days as per the Act. If we are unable to comply with a data access request, or if you have any complaints about how we handle your data, the UK supervisory authority is the Information Commissioner who can be contacted at https://ico.org.uk/concerns/ Failure to comply with these Data Protection regulations is a serious offence and any breach by staff may result in disciplinary proceedings. Staff are aware that it is a criminal offence to breach the provisions of the Act and GDPR regulations. If a member of staff knowingly discloses personal data without prior approval or in circumstances unrelated to the management of the building, they may be liable for prosecution.