This policy discloses the practices of the Data Controller: Phillips Tracey Architects Limited (together referred to as "we", "us", "our" or "Company") whose registered office is Unit 1 Times Court, Retreat Road, Richmond TW9 1AF. It aims to inform you of the types of information we collect about you, why/how we will use it and the steps we take to ensure its security.
Information we collect
The types of information we collect fall into two categories: Personally Identifiable Information and Non-personally Identifiable Information
Personally Identifiable information
We only collect and process personally identifiable information (your data) for specific, legitimate purposes. Our lawful basis for processing your data is your consent, provided affirmatively through the submission of your contact details. You can withdraw your consent any time by contacting us using the details herein.
Your data might include your name, email address, geographical location and so on. It will be limited to the minimum amount required for the stated purpose at the point of collection. Your data is used only for the stated purpose you have consented to; it will be processed no further than necessary to carry out the stated purpose and will not be reappropriated for any other purpose.
The provision of your data is not part of any statutory or contractual requirement or obligation. At no time will your data be subjected to automated decision making or profiling.
– Contact details for clients, potential clients and suppliers
We collect contact details from you when you ask us for a quotation or when we enter a contract together. We hold this information for purposes such as issuing contracts, general business communication and invoicing. This information may be held both physically and electronically and may contain personal data. As required by the General Data Protection Regulation (GDPR), our stated lawful basis for holding this personal data is ‘Contract’ as we require this information to be able to comply with our obligations of our contract.
– Information supplied by clients for contracted work
We shall be considered an independent Data Controller in relation to the client personal data provided by you. Each of us will comply with all requirements and obligations applicable to us under the data protection and GDPR legislation in respect of the client personal data. You shall only disclose client personal data to us where:
- you have provided the necessary information to the relevant data subjects regarding its use
- you have a lawful basis upon which to do so, which, in the absence of any other lawful basis, shall be with the relevant data subject’s consent; and
- you have complied with the necessary requirements under the data protection legislation to enable you to do so.
Non-personally Identifiable information
We collect anonymised data through Google Analytics in order to provide a better experience for the visitors to our website.
In our Company, access to your data is limited to employees specifically tasked with managing data. We will retain your data no longer than necessary. If the data has not been used for the stated purpose for more than two years from either the date of collection or the last execution of the stated purpose it will be deleted.
We understand the need for security and confidentiality of any information we hold or have access to and we take every reasonable care to protect this information. We understand our obligations in the event of a data breach and have procedures to deal with this.
All of our computers are password protected. We do not hold client data unless it is necessary for the ongoing implementation of a system. Where we do hold files which hold contact data, these are password protected.
Lodging a complaint
If you believe we have not upheld our obligations under the General Data Protection Regulation (GDPR) you have the right to the right to lodge a complaint with a supervisory authority. In the UK this is the Information Commissioner's Office. Details on how to lodge a complaint can be found at https://ico.org.uk/concerns/