Last updated: January 2024
ember-dash is committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we handle your personal data in accordance with these regulations.
ember-dash acts as the data controller for personal information collected through our website and services. We are responsible for determining the purposes and means of processing your personal data.
Contact details:
ember-dash
47 Cathedral Road
Pontcanna, Cardiff CF11 9HB
Email: [email protected]
We process personal data under the following lawful bases:
Where you have provided explicit consent for us to process your data for specific purposes, such as receiving property updates or marketing communications. You may withdraw consent at any time.
Where processing is necessary for the performance of a contract with you, such as providing our property advisory services.
Where processing is necessary for our legitimate business interests, provided these do not override your fundamental rights. This includes improving our services and maintaining client relationships.
Where we are required to process data to comply with legal obligations, such as anti-money laundering regulations.
Under the UK GDPR, you have the following rights:
You have the right to request a copy of the personal data we hold about you. We will respond to such requests within one month.
You have the right to request correction of any inaccurate personal data we hold about you.
You have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
You have the right to request that we limit the processing of your personal data in certain circumstances.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
You have the right to object to processing based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
To exercise any of these rights, please contact us at [email protected]. We will respond to all legitimate requests within one month. Occasionally, we may need to extend this period by a further two months for complex requests, in which case we will inform you.
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
We do not routinely transfer personal data outside the United Kingdom. Should any transfer be necessary, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
We may update this GDPR information periodically. Any significant changes will be communicated through our website.