Privacy Notice

Last updated: 15^th July 2024

The Purpose of this privacy notice is to explain how Simarc Property Management Limited referred to as Simarc hereafter, processes personal data to fulfil its data protection responsibilities. Simarc will provide specific privacy notices for clients, such as leaseholders, and third parties as required. Simarc is part of the Albanwise Wallace Estates group (the Group) which comprises a diverse group of businesses operating in the UK.

The Role of Simarc in data protection terms is that of a data controller where it determines the purpose and the way it uses any personal data it requests and collects. Thereafter, the processing of it becomes the responsibility of the Group privacy manager (PM) contactable using privacy@albanwisewallaceestates.com, who ensures that all processing is undertaken in accordance with the latest UK data protection legislation.

Simarc has a legitimate interest to provide effective management services on behalf of the Group’s freeholders to ensure the best possible leaseholder/resident experience, and in this role it serves as a data processor (under the instruction of the group’s freeholders).

The sort of personal data collected by Simarc will be basic contact details sufficient to be able to respond to general enquiries and then sufficient details to administer our contract with you, as required.

Simarc’s duty of confidentiality means that our staff will treat your personal data with due respect and in confidence. It is only disclosed to those that need to know it. We expect the same duty of confidentiality from all third parties with whom Simarc shares personal data and where appropriate, data processing agreements are in place. Simarc uses reasonable organisational and technical measures to ensure personal data is kept secure. These include having contractual obligations with those organisations with whom we share personal data, such as within the Group, and data processing agreements with those organisations that perform certain processing activities on our behalf. Sharing is kept to a minimum and the list of organisations that might receive your personal data is reviewed regularly. All processing undertaken by Simarc staff takes place on-site and/or agreed off-site locations, but all within the UK.

Simarc processes personal data against a lawful basis and such instances are described below:

We will pursue our legitimate interests:
- to respond to your general enquiries and stay in touch with you for marketing purposes
- to provide our services to the Freeholders whose properties we are managing
To comply with our legal obligations
When processing for a pre-defined purpose for which your consent will be sought prior to the processing commencing – please note that consent can be withdrawn at any time by contacting the Group PM

In all cases the processing of personal data by Simarc shall be done in accordance with the principles of data protection.

Simarc will share personal data, on a ‘need to know’ basis with some or all of the following:

IT support companies that are subject to a data processing agreement
Third-party professional service providers that we engage to provide our services, all of which are subject to a data processor agreement
Other third-party organisations that we may refer you to, but only with your prior permission
Other businesses in the Group that are subject to a data sharing agreement
Unspecified recipients but only when compelled to do so for legal reasons

Simarc will process your personal data in the UK and all business data, including email, are backed up using a replicated systems based in the UK and Ireland.

Simarc follows a retention schedule to determine the length of time it holds different types of personal data. The retention schedule is shown below:

Routine correspondence for casual and contract related business in hard copy or in emails will be stored for the current tax year plus 6 years. Contact data is stored indefinitely unless a valid request to erasure is received from the interested data subject.
By exception, documentation that includes personal data may be retained by Simarc beyond the schedule, but only for a specific purpose and only when Simarc believes it has a legitimate interest or a legal obligation to do so.

At the end of the retention schedule Simarc will either return, destroy or delete your personal data and any associated emails or relevant documentation. If it is technically impractical to delete electronic copies of personal data, it will put it beyond operational use. It should be noted that Simarc allows up to 3 months after the retention schedule to complete the action.

The Simarc website uses non-essential cookies (and other technologies) but these will only be downloaded onto your device if you give permission through the cookie consent management platform – please see our cookie notice for an explanation of the cookies being used.

The UK General Data Protection Regulation defines the rights that you have, although these do not apply in all situations. For convenience, these rights are shown below:

Right to be informed as to how we process your personal data – this is done through this notice
Right to access your personal data held by us which is done by making a ‘Data Subject Access Request’ (DSAR) to the Group PM
Right to rectification of your personal data if you believe we have collected it incorrectly or it needs to be updated
Right to erasure of your personal data for which we no longer have a legitimate purpose to process
Right to restrict processing under certain circumstances, during which time your personal data but will be out of operational use until the related matter is resolved
Right to data portability of your personal data in a machine-readable version, but this only applies to data that has been provided with consent or under contract
Right to object to Simarc processing your personal data for which it does not have a legal or contractual obligation
Rights related to automated decision making and profiling (although we do not use these techniques in its decision making)

Further details on data subjects’ rights can be found on the Information Commissioner’s Office (ICO) website: https://ico.org.uk.

Raising concerns, exercising rights or making queries about our processing of your personal data can be done by contacting the Group PM. Be aware that we will need to verify your identity before responding fully. This may involve asking you for documentary proof that, in context, will enable us to confirm your identity. Alternatively, you may contact the ICO directly without referring to us first, although naturally we would welcome the first opportunity to address your concerns or queries.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_35580717_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
incap_ses_802_2488757	session	Set by Security Metrics to ensure compliance with PCI DSS
visid_incap_2488757	1 year	Set by Security Metrics to ensure compliance with PCI DSS

Last updated: 15th July 2024

Last updated: 15^th July 2024