• Home
  • Rental Properties
  • Testimonials
  • Contact us
  • Student Starter Packs
  • Apply for a property
  • WANT TO SELL YOUR HOME?
  • More
    • Home
    • Rental Properties
    • Testimonials
    • Contact us
    • Student Starter Packs
    • Apply for a property
    • WANT TO SELL YOUR HOME?

  • Home
  • Rental Properties
  • Testimonials
  • Contact us
  • Student Starter Packs
  • Apply for a property
  • WANT TO SELL YOUR HOME?

Privacy Policy

Privacy Notice 

This privacy notice explains how No Ordinary Rental Ltd looks after personal information you give us or that we learn by having you as a client and the choices you make about marketing communications you agree we may send you.  This notice explains how we do this and tells you about your privacy rights and how the law protects you.

TOPICS:

  • What information we collect about you
  • How information about you will be used
  • Marketing
  • Employment
  • How long your information will be kept for
  • Where your information is kept
  • Access to your information and correction
  • Cookies
  • Other websites
  • Changes to our privacy notice
  • How to contact us

WHAT INFORMATION WE COLLECT ABOUT YOU

We collect information about you when you enquire with us, whether contact is online, on paper, by email or over the phone. 

The information you give us may include your name, address, email address, phone number and/or a CV.

For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.

HOW INFORMATION ABOUT YOU WILL BE USED

In law, we are allowed to use personal information, including sharing it outside the business, only if we have a proper reason to do so, for example:

  • To fulfil a contract with you ie to provide the service you have requested and to communicate with you about this.
  • When it is in our legitimate interest ie there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
  • When you consent to it: we will always ask for your consent to hold and use personal information.

We will therefore share your information with:

  • Mailing house Mailchimp
  • Credit check companies
  • Referencing companies 
  • Suppliers of our website Go Daddy.com

We have rigorous data protection and security policies in place with all our suppliers.

Some of the people working in our company are self-employed. Our self-employed contractors may have access to your information.

We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.

MARKETING

We would like to send you information about products and services which may be of interest to you.  We will ask for your consent to receive marketing information.

If you have consented to receiving marketing, you may opt out at a later date.

You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party suppliers of products or services.  If you no longer wish to be contacted for marketing purposes, please contact Jane Taylor.

EMPLOYMENT

The information we collect about contractors and employees, the purposes it is used for and who it will be shared with is set out in our contracts.

HOW LONG YOUR INFORMATION WILL BE KEPT FOR

Unless you request otherwise, we will keep your information to contact you no more than three times a year for a maximum of 1 year from your date of contact.

After a year we will delete all your personal information, except for your name and financial transactions (which we are obliged to keep for 6 years).

Information about unsuccessful job applicants will be deleted after four months.

See our data retention policy for further information, including employee data.

WHERE YOUR INFORMATION IS KEPT

Your information is stored within the European Economic Area on secure servers provided by Go Daddy.com and Mailchimp.  Any payment transactions are encrypted.  Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access.

Where Your Data is Stored

        The European Economic Area; or

        in a country which the European Commission has determined provides an adequate level or protection (including via Privacy Shield agreements); or

        To service providers who have an agreement with us compliant with the Model Contract Clauses (as defined by the European Union)

ACCESS TO YOUR INFORMATION AND CORRECTION

You have the right to request a copy of the personal information that we hold about you.  This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.  

If you would like a copy of some or all of your personal information, please contact Jane Taylor.

We want to make sure that your personal information is accurate and up-to-date.  You may ask us to correct or remove information you think is inaccurate.

You have the right to ask us to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.

E-NEWSLETTERS 

We may email e-newsletters to inform you about products and services.  You have the opportunity to unsubscribe from e-newsletters at any time.

E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity.  We use this information to refine future email campaigns and provide you with more relevant content based around your activity.

COOKIES 

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.  This is used to track visitor use of the website and to compile statistical reports on website activity.  For further information visit www.aboutcookies.org or www.allaboutcookies.org

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.  However, in a few cases some of our website features may not function as a result.

See our cookies policy here https://www.noordinaryrental.co.uk/privacy-policy/

OTHER WEBSITES 

Our website includes links to other websites.  This privacy notice only applies to this website so when you link to other websites you should read their own privacy notices.

CHANGES TO OUR PRIVACY NOTICE

We keep our privacy notice under regular review and we will place any updates on this webpage.  This privacy notice was last updated on April 2018.

HOW TO CONTACT US

Please contact us if you have any questions about our privacy notice or information we hold about you:

  • By email jane@noordinaryrental.co.uk
  • Or call us on 07834692585

You also have the right to complain to the Information Commissioner’s Office.  Find out on their website how to report a concern:

www.ico.org.uk/concerns/handling


Data Retention Policy

This policy sets out what information No Ordinary Rental Ltd holds, how long we hold it for and when it will be deleted. 

It also covers the procedure to follow regarding data requests.

  • Information held by us
  • How long is personal data held for?
  • Where is personal data held?
  • How is personal data deleted?
  • Access to personal information, correction and deletion

INFORMATION HELD BY US

We hold personal information about:

  • Tenants
  • Guarantors
  • Former tenants and prospective tenants
  • Employees/Contractors
  • Job applicants

HOW LONG IS PERSONAL DATA HELD FOR?

We aim not to hold personal data longer than necessary.

Unless requested by an individual, the following types of data will be held for the periods shown below, after which it will be securely deleted or destroyed:

TYPE OF INFORMATION

RETENTION PERIOD

Client general records

12 months

Financial transactions, invoices and supplier details

6 years

Employment records, contracts of employment, changes to terms and conditions, annual leave, training records

While employment continues and up to 6 years after employment ends

Payroll and wage records including PAYE, income tax, national insurance, sick pay, redundancy payments

6 years from the financial year-end in which payments were made

Maternity records

3 years after the end of the tax year in which the maternity pay period ends

Job applications (unsuccessful)

4 months after notifying unsuccessful candidates

Emails

One year from the end of the month in which they were received or sent unless a longer period is relevant as above.  Emails to and from ex-employees or contractors will be deleted within 2 weeks of them leaving unless these form part of the employment record – see above.

WHERE IS PERSONAL DATA HELD?

Personal data about clients, financial transactions are held in secure electronic files which can be accessed only by Director, Jane Taylor.


HOW IS PERSONAL DATA DELETED?

Personal data is permanently deleted in accordance with the retention periods listed above from:

  • Electronic files
  • Emails

ACCESS TO PERSONAL INFORMATION, CORRECTION AND DELETION

See our privacy notice https://www.noordinaryrental.co.uk/privacy-policy/

All requests for access to personal information will be handled by our Director Jane Taylor.    

Responses to requests will be made within 30 days.

All information relating to the individual will be compiled into a report and collected from:

  • Financial transactions
  • Emails
  • Other electronic records
  • Paper records (where applicable)

Date completed ……………………………………….

Procedure for Personal Data Breaches 

This procedure is to be followed if there is a breach of personal data.  The person responsible for managing the process is Jane Taylor.

All decisions on whether or not to notify the Information Commissioner’s Office (ICO) or individuals affected will be counter-signed by Gavin Taylor.

This procedure covers:

·         What is a personal data breach?

·         What must be recorded?

·         Assessing the likelihood and severity of the adverse consequences of the breach

·         When do breaches have to be reported to the ICO?

·         What must be reported to the ICO?

·         How to report a breach to the ICO

·         Telling individuals affected about a breach

·         What are the consequences of failing to notify the ICO?

WHAT IS A PERSONAL DATA BREACH?

A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to, personal data.

Examples include:

·         access by an unauthorised third party

·         deliberate or accidental action by a data controller (the company) or a data processor (third party supplier, who must inform you without undue delay as soon as they become aware of it)

·         sending personal data to an incorrect recipient

·         computer or data storage devices containing personal data being lost or stolen

·         alteration of personal data without permission

·         loss of availability of personal data (ie data is made unavailable and this unavailability has a significant negative effect on individuals)

WHAT MUST BE RECORDED?

All breaches must be recorded, whether or not they need to be reported to the ICO.  If you decide not to report a breach, you must be able to justify this decision and it must therefore be documented.

Record:

·         The facts relating to the breach

·         Its effects

·         Remedial actions taken

·         What caused the breach and how a recurrence could be prevented

ASSESSING THE LIKELIHOOD AND SEVERITY OF THE NEGATIVE CONSEQUENCES OF THE BREACH

Use the template in Appendix A to help answer the following questions:

·         What is the likelihood and severity of the resulting risk to people’s rights and freedoms?

·         What are the potential negative consequences to the individuals concerned?

·         How serious and substantial are the consequences? Don’t forget this can include emotional distress, as well as financial, physical or material damage.

If there is a high risk of negatively affecting individuals’ rights and freedoms (scoring 6 or more points on the risk assessment template at Appendix 1), then it must be reported to the ICO.  This includes personal data breaches notified to you by third party data processors.

You may also need to notify third parties such as the police, insurers, banks or credit card companies who could help to reduce the risk of financial loss to individuals.

WHEN DO BREACHES HAVE TO BE REPORTED TO THE ICO?

Breaches which are likely to result in a high risk of negatively affecting individuals’ rights and freedoms must be reported no later than 72 hours after you first become aware of it.  If you take longer than this, the reasons for delay must be documented.

WHAT MUST BE REPORTED TO THE ICO?

A description of the nature of the personal data breach including:

·         The categories and approximate number of individuals concerned and the categories and approximate numbers of personal data records concerned (which may be the same number)

·         The name and contact details of the person who can provide more information if required

·         The likely consequences of the personal data breach

·         The measures taken, or proposed to be taken, to deal with the personal data breach including measures taken to mitigate any possible negative effect

The information can be provided in phases if it is not all available within 72 hours, as long as this is still done without undue further delay and you tell the ICO when to expect further information from you.

You must prioritise the investigation, give it adequate resources and deal with it urgently.

HOW TO REPORT A BREACH TO THE ICO

The section of the ICO website on reporting breaches has not yet been updated for GDPR.  However, the following contact details are provided:

Data breaches : Call 0303 123 1113

Open Monday to Friday between 9am and 5pm, closed after 1pm on Wednesdays for staff training.

TELLING INDIVIDUALS AFFECTED ABOUT A BREACH

If the breach is likely to result in a high risk to the rights and freedoms of individuals (scoring 6 or more on the more points on the risk assessment template at Appendix 1), you must inform the individuals affected as soon as possible. 

One of the main reasons for informing individuals is to help them take steps to protect themselves from the effects of a breach.

You need to tell individuals:

·         The nature of the personal data breach

·         The name and contact details of the person who can provide them with more information

·         The measures taken or proposed to be taken to deal with the personal data breach and the measures taken to mitigate any possible adverse effects

If you decide not to notify individuals, you still need to notify the ICO unless you can show that the breach is unlikely to result in risks to rights and freedoms.  The ICO has the power to make you inform individuals if they consider there is a high risk.  The decision-making process must be documented.

WHAT ARE THE CONSEQUENCES OF FAILING TO NOTIFY THE ICO?

A fine of up to 10 million euros or 2% of your turnover or a fine of up to 20 million euros or 4% of your turnover in the most severe cases.

This Privacy Policy governs the manner in which No Ordinary Rental Ltd collects, uses, maintains and discloses information collected from users (each, a "User") of the www.noordinaryrental.co.uk website ("Site"). This privacy policy applies to the Site and all products and services offered by No Ordinary Rental Ltd.
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, subscribe to the newsletter, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
Our Site may use "cookies" to enhance User experience. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.
How we use collected information
Gavin Taylor Hair may collect and use Users personal information for the following purposes:

  • - To improve customer service Information you provide helps us respond to your customer service requests and support needs more efficiently.
  • - To personalize user experience We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
  • - To improve our Site We may use feedback you provide to improve our products and services.
  • - To process payments We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
  • - To run a promotion, contest, survey or other Site feature To send Users information they agreed to receive about topics we think will be of interest to them.
  • - To send periodic emails We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.

How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.
Sharing your personal information
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Third party websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.
Changes to this privacy policy
No Ordinary Rental has the discretion to update this privacy policy at any time. When we do, we will post a notification on the main page of our Site, revise the updated date at the bottom of this page and send you an email. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Contacting us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at: No Ordinary Rental Ltd, 12 James Street, Leicester, LE7 7DY jane@noorindaryrental.co.uk 07834 692585
This document was last updated on 22 November, 2020

Copyright © 2021 No Ordinary Rental Limited - All Rights Reserved.

Powered by GoDaddy

  • Privacy Policy