The protection of your personal data is an important concern for Asset Acquire LTD (hereinafter referred to as “Asset Acquire”). In this privacy policy, you can read which data is processed on the https://assetacquire.co.uk website and the associated subpages as well as in the logged-in area.
Definitions
My Company: My Company means; within this privacy policy we are referring to Asset Acquire Address of the company would be 128 City Road, London, EC1V 2NX Company Registration No: 14849636
Your Company: Your company/website with the name Asset Acquire / https://assetacquire.co.uk With the permanent address at 128 City Road, London, EC1V 2NX. Registered at Companies House UK with registration No. 14849636 of which my company will be signing an agreement and will abide by the GDPR guidelines for sourcing property investments in England.
Data Controller: Data Controller means the natural or legal person who alone or jointly or in common with other persons will determine the purposes and manner in which the procurement of any personal information related to your company are to be procured and acquired.
Asset Acquire Ltd of 128 City Road, London, United Kingdom, EC1V 2NX operates the website and we are also the Data Controller. You can contact us by telephone +44 (7312) 257879, or email tanya.ball@assetacquire.co.uk.
Data Processor: Data Processor means any natural or legal person or a group of expert individuals who will be collecting all the data from the Data collector and will be processing it to the best of his or their skilful knowledge in the benefit of your company.
Data Subject
Data Subject is any living individual who is using our Service and is the subject of access to my company’s Personal Data. He/she will be the first point of contact between my company and your company.
Scope of application
Pursuant to Art. 1 GDPR, the provisions of the GDPR generally only apply to the processing of personal data of natural persons. Accordingly, the processing of personal data of legal persons is only covered by the scope of the GDPR insofar as it relates to natural persons.
Principles for processing personal data
There are a certain set of principles we follow in processing your personal data. All these principles are set in benefit of both my company and your company under the guidelines of GDPR, so they will be followed to the best of our consent, and we expect the same from your end as well.
- Fairness and lawfulness. When my company’s data collector and data processor have access to your company’s personal data, the individual rights of your data will be subject to protection and must be protected. All personal data will be collected and processed in a legal, fair and an ethical manner only. Date of data collection and a brief description will be provided by your company before handing over the data for processing duly signed by a representative of my company at the time of receiving the same. A copy of which will be retained with both the companies.
- Restricted to a specific purpose. The personal data collected will only be processed for specific purposes of sourcing property investments in England. No other used of data will be conducted from my company. Any sort of data provided by your company should not contain any illegal or unlawful activity content. Responsibility of such an act will be directly imposed on your company and could attract legal attention.
- Transparency. The Data Subject will be informed of how his/her data is being collected, processed and used. All times of collection of data will be duly signed and a copy of brief description of the same will be provided by and to the Data Subject of your company and the Data Collector of My company simultaneously.
What personal data we collect and process
As soon as my company takes access to your company’s data, we start processing activities as per the agreement signed and only on the designs selected, not exceeding the GDPR compliance boundaries.
My Company needs to and will be collecting several and different types of personal data for various purposeful activities in your good faith. Personal Data which may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Product information
- Company’s Address
- Business Registration Number
- Your Personal Identification Number
- Photo IDs
- Bank Details
Types of data processed
- Inventory data (e.g., names, addresses)
- Contact data (e.g., e-mail, telephone numbers if provided)
- Content data (e.g., text entries, messages)
- Usage data (e.g., website visited, interest in content, access times)
- Meta/communication data (e.g., device information, IP addresses)
Categories of persons concerned by the processing
- Visitors/ interested parties / suppliers
- Visitors and users of the online offer
How we use the personal data
My company uses the collected personal data for various purposes and in the following, we also refer to the data subjects collectively as “users”.
Purpose of processing
- Provision of the online offer, its contents, and functions.
- To provide you with service information and updates of any policy concerns
- To notify you about changes to our services and/or products
- Provision of contractual services, service, and customer care, guidance, and support
- Answering contact requests and communication with users
- To detect, prevent and address any technical errors or concerns that may be observed in the due course of action
- Marketing, advertising, and market research
- Security measures
Which of my data is collected and processed?
- Visiting the website
We collect data about each visit from the website (so-called server log files). This data includes IP address, names of the websites accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type including version, the operating system of the device, referrer URL (the previously visited page), IP address and the requesting provider as well as, when using a mobile device, additionally: country code, language, device name, name of the operating system and version.
We use this data only for statistical evaluations for the purpose of the operation, security, and optimisation of the website. However, we reserve the right to check this data retrospectively if there is a justified suspicion of unlawful use on the basis of concrete indications.
b) Service request and enquiry
When you register your interest on the website, we first collect and store your master data (name, e-mail address and phone number), the pseudonymised IP address, you used to reach our website. This data is used for the purpose of service requests and your enquiry on the website.
c) Contacting us
When contacting us (for example, by e-mail), your name, e-mail address and your request will be stored for processing the request and in case follow-up questions arise.
d) Provision of contractual services
We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and service.
e) When you require a service from us
Information that you enter in the application forms on our site or provide to us by verbal or written communication. We will use this information to process your orders or respond to your enquiries. You have the right to withdraw consent at any time by asking us to delete the information stored in our systems. To comply with our Anti Money Laundering obligations, we may ask for various documents to verify your ID and address. This specific regulation means that we must hold and retain records for seven years after ceasing to provide the service. This data is GDPR Compliant and secured on our server located outside the EU. It is never shared or sold.
f) Usage-based online advertising
At this point we would like to provide you with comprehensive information on the subject of usage-based online advertising. Our website or the website from which you have just been linked collects and processes your usage behaviour anonymously. As a result, you as a user benefit by receiving advertising that is more suited to your areas of interest and by the fact that less random advertising is delivered overall. A cookie is stored on your terminal device to record your usage behaviour. Cookies are small text files that are stored on your computer’s hard drive and enable recognition, but do not allow personal identification of you. On the website www.youronlinechoices.com you can read more information about usage-based online advertising and the individual providers.
g) Hosting
The services for hosting and displaying the website are provided by our service provider as part of processing on our behalf. Unless otherwise explained in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our relationship with them, please contact us.
h) Comments and contributions in our blog
When users leave comments or other contributions, their IP addresses are stored for 7 days on the basis of our legitimate interests. This is done for our security in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.
Within the Blog you may be able to display certain profile information, share certain details, engage with others, exchange knowledge and insights, post and view relevant content. Content and data are publicly viewable. You have choices about the information on your comment. You don’t have to provide additional information on your comment; however, information helps you to get more from our Services. It’s your choice whether to include sensitive information on your comment and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the storage is our legitimate interest.
Use of service providers
Asset Acquire uses service providers to provide services (including for the delivery of ordered goods, sending letters or e-mails and the maintenance and analysis of databases) and to process your data (so-called commissioned data processing). The service providers process the data exclusively on the instructions of Asset Acquire and have been obliged to comply with the applicable data protection regulations. All commissioned data processors have been carefully selected and are only given access to your data to the extent and for the period of time required to provide the services.
- Tracking and analysis. The use of our digital offers is also measured and evaluated by means of various technical systems, mainly from third-party providers such as Google Analytics. These measurements can be both anonymous and personal. It is possible that the collected data will be passed on to third parties for processing by us or the third-party providers of such technical systems.
- Google Analytics. We use Google Analytics, a service provided by Google Inc. This means that the data collected can in principle be transmitted to a Google server in the USA, whereby the IP addresses are anonymised by means of IP anonymisation so that an allocation is not possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: http://tools.google.com/dlpage/gaoptout?hl=en.
- Social Media Plugins. Furthermore, we use so-called cookies and social media plug-ins for our website. The exact procedures involved, whether tracking may occur due to the use of the website and how your data is used for this purpose are explained in the Privacy Policies of the relevant Social Media Network.
When do we disclose your Personal Data?
We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.
We may share your information with organisations that help us provide the services described in this privacy policy and who may process such data on our behalf and in accordance with this privacy policy, to support this website and our services. For example, with our legal professional advisors.
In relation to information obtained about you from your use of our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimisation of our website which is subject to our Cookie Policy.
We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation, or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website, and its users.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Under UK GDPR and the DPA 2018, personal data must not be retained for longer than is necessary for its lawful purpose. The default standard retention period is 6 years plus current, otherwise known as 6 years + 1.
We are legally required to keep basic information about our customers (including contact, identity, financial and transaction data) for up to 6 years after they cease being customers, for tax purposes and compliance with UK GDPR retention obligations.
Cross-border data transfer
Sharing of data sometimes involves cross-border data transfers, for example, to the U.S. If and to the extent that we involve third parties in the performance of contracts (such as service providers), they will only receive personal data to the extent that the transfer is necessary for the corresponding service. In the event that we outsource certain parts of data processing (“commissioned processing”), we contractually oblige commissioned processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
Your rights
- Information You may request information from us as to whether we are processing personal data about you and, if so, you have a right to be informed about this personal data and to receive the further information referred to in Article 15 of the GDPR.
- Right to rectification You have the right to rectify inaccurate personal data relating to you and may request that incomplete personal data be completed in accordance with Art. 16 GDPR.
- Right to erasure You have the right to demand that we delete the personal data concerning you without delay. We are obliged to delete them immediately, in particular if one of the following reasons applies:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You withdraw your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
The right to erasure does not exist insofar as your personal data is required for the assertion, exercise or defence of our legal claims.
- Right to restriction of processing You have the right to demand that we restrict the processing of your personal data if:
- You dispute the accuracy of the data, and we therefore verify the accuracy,
- The processing is unlawful, and you refuse the deletion and demand the restriction of use instead
- We no longer need the data, but you need it to assert, exercise or defend legal claims,
- You have objected to the processing of your data, and it is not yet clear whether our legitimate reasons outweigh your reasons.
- Right to data portability You have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent, or a contract and the processing is carried out by us with the aid of automated processes.
- Right of withdrawal If the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
- General and right of appeal The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to contact the supervisory authority responsible for us. The Information Commissioner’s Office (ICO) in the UK is the for us relevant authority in matters of data protection. You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
If you make a Data Subject Access Request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us. We do not sell the Personal Information of our users. For more information about these rights, please contact us.
Data security
To ensure the best possible protection of your data, our website is transmitted via a secure SSL connection (i.e., encrypted) between our server and the browser. We use a rights management system, 2-factor authentication, internal encryption, and certified server operators to ensure a high level of data security.
All data is processed exclusively on servers within the UK, unless otherwise stated in this privacy policy.
We expressly point out that data protection and data security for data transmissions in open networks cannot be completely guaranteed according to the current state of technology. From a technical point of view, every Internet provider can view the pages stored on the web server and possibly also other data stored there at any time. You yourself are responsible for the security and backup of the data you transmit to the Internet and store on web servers. We cannot accept any liability for the disclosure of data due to errors or unauthorised access by third parties.
Children
The website of Asset Acquire is not directed at persons under the age of 18. If you are under 18 years of age, you may therefore not use the website of Asset Acquire and you may not enter your personal data on our website. We do not knowingly collect data from persons under the age of 18. If you are a parent of a person under the age of 18 and you become aware that your child is using our website, please contact us using the contact details provided and arrange for the relevant data to be deleted.
Questions about data protection
Asset Acquire complies with the legal obligations and all our employees have been obligated in writing to comply with the relevant regulations and guidelines on data protection and data security and to protect data secrecy. In addition, the employees of Asset Acquire are regularly trained in these areas. Questions regarding data protection at Asset Acquire can be directed to us at any time.
