1. Background
This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all services, and instances where we collect your personal data.
This privacy notice applies to personal data processed by or on behalf of Strathspey Capital Ltd.
Changes to this privacy notice
We may change this privacy notice on occasion, to reflect changes in the law and/ or our privacy practices. We encourage you to check this privacy notice for changes whenever you visit our website – https://www.strathspeycapital.com
Our Company and Data Protection Officer
We are Strathspey Capital Ltd, we have 1 office, also our head office, at Bellahouston Business Centre, 423 Paisley Road West, Glasgow, G51 1PZ.
We have a nominated data protection officer (“DPO”). You can contact the DPO by writing to the above address, marking it for the attention of the DPO, using the Contact Us form on our website, or by e-mail to info@strathspeycapital.com
2. What kinds of Personal Data about you do we process?
Personal Data that we will process about you includes:
Personal and contact details, such as title, full name, contact details and contact details history.
Records of contact with us, such as letters, e-mails or contact via our website.
3. What is the source of your personal Data?
We will collect personal Data from the following general sources:
From you directly, and any Data received from a third party on your behalf.
Data is generated about you during the provision of our services.
From other sources, such as publicly available data.
4. What do we use your personal data for?
We use your personal data, for the following purposes:
Providing you with information relating to our services.
Updating our records.
Managing any aspect of the services we provide.
Monitoring the performance of our services and internal processes.
To improve the operation of our business and that of our business partners.
To follow guidance and best practice under the change to rules of government and regulatory bodies.
For management and auditing of our business operations including accounting.
To monitor and to keep records of our communication with you.
To administer our good governance requirements such as internal reporting and compliance obligations.
To comply with legal and regulatory obligations, requirements and guidance.
To share data as needed with business partners.
To share data with other agencies such as the police, for the prevention / detection of crime.
5. What are the legal grounds for our processing of your Personal Data (including where we share it with others)?
Where it is needed to provide you with our services, such as:
Managing the services, we provide to you or the contact data where you have asked us to provide you with our services.
Updating your details.
Sharing your personal data with business partners as required, and service providers. i.e. to provide contractors access details.
All stages and activities relevant to managing the service including enquiry, administration and managing of accounts.
Where it is in our Legitimate interests to do so such as:
Managing your services and account, updating your records.
To perform our services and internal processes.
To follow guidance and best practice of government and regulatory bodies.
For management and audit of our business operations, including accounting.
To carry out monitoring and to keep records of our communications with you.
To administer our good governance requirements such as internal reporting and compliance obligations.
Where we need to share your personal Data with people or organisations to run our business or comply with any legal and / or regulatory obligations.
To comply with our Legal obligations.
With your Consent:
For some “marketing” communications.
For a Public interest, such as:
Processing special categories of personal data, such as health or if you are a vulnerable client.
6. When do we share your personal Data with other organisations?
We may share Data with the following third parties for the purposes listed above:
Business partners who are part of providing your services or operating our business.
Government or regulatory bodies, such as HMRC, the Financial Conduct Authority, the Information Commissioners Office.
Other organisations and businesses who provide services to us, such as, back up and server hosting providers, IT software and maintenance providers and providers of other back office functions.
Please note, we do not sell your personal details to any third party.
7. How and when can you withdraw your consent?
Where we are relying on your consent to process personal data, you can withdraw this at any time. i.e. for some “marketing” communications.
8. Is your personal Data transferred outside the UK or the EEA?
We do not anticipate transferring your personal data outside of the UK or the European Economic Area, but if our back up/ server uses “Cloud” services which may be outside of these areas, we will make sure that suitable security and safeguards are in place.
9. What should you do if your personal Data changes?
You should tell us so that we can update our records. You can do this by sending us an e-mail, writing to us, or by using the Contact Us form on our website.
10. Do you have to provide your personal Data to us?
We require your personal data to fulfil our legitimate obligations in providing service to you.
11. Do we do any monitoring processing of your personal Data?
In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, e-mail, text messages, letters, in person (face to face) meetings and other communications.
We will monitor where permitted by law and will do this where the law requires it, or to comply with regulatory rules, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This data may be shared for the purposes described above.
12. What about automated decision making?
We do not use automated decision making in either the provision of our services to you.
13. For how long is your personal Data retained by us?
Unless we explain otherwise to you, we will retain your personal data based on the following criteria:
For as long as we have reasonable business needs, such as managing our relationships with you.
For as long as we provide services to you and then for as long as someone could bring a claim against us / you in relation to the services we provided on your behalf.
Retention periods in line with legal and regulatory requirements or guidance.
14. What are your rights under General Data Protection Regulations (GDPR)?
Here is a list of the rights that all individuals have under the General Data Regulations which applies from 25th May 2018. They do not apply in all circumstances. If you wish any clarification on these, please contact our Data Protection Officer by e-mail to info@strathspeycapital.com
The right to be informed about the processing of your personal data. We do this by adding our privacy notice to our website which is available in paper copy on request.
The right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed.
The right to object to processing your personal data. i.e. if your data is being used for marketing purposes.
The right to restrict your personal data. In certain circumstances, i.e. if you contest the accuracy of your personal data we use.
The right to have your personal data erased, i.e. when we no longer require to store your personal data.
The right to request access to your personal data and to obtain information about how we process it. This is a “Subject Access Request”, request must be in writing and addressed the Data Protection Officer, using the details provided in the Contact Us section below.
The right to move, copy or transfer your personal data (“data portability”). This right only applies where we require your Consent to process your personal data (i.e. Marketing)
Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you. Strathspey Capital does not use Automated decision making in any of its processes.
You have the right to complain to the Information Commissioner’s Office which enforces all data protection regulations and laws: https://ico.org.uk
15. Your right to object
You have the right to object to certain purposes for processing, to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by using the Contact Us form on our website.
16. What are your marketing preferences and what do they mean?
If you have opted to receive marketing information from us, you can stop this at any time by using the Contact Us form on our website.
Contact Us
If you have any questions about this privacy notice, or if you wish to exercise your rights or contact the DPO, you can contact us by using the Contact Us form on our website.
Alternatively, you can write to us: The Data Protection Officer, Strathspey Capital Ltd, Bellahouston Business Centre, 423 Paisley Road West, Glasgow, G51 1PZ. You can also e-mail by contacting the DPO on info@strathspeycapital.com
Discuss your current and future property management business plans
If you are interested in discussing your current and future business plans, please don’t hesitate to get in touch. All discussions will, of course, be treated confidentially.