General Data Protection Regulation (GDPR) 2018

Ansham Associates Ltd Data Protection Policy Last updated: 25th May 2018

We have updated our privacy policy and data handling agreement to comply with the new General Data Protection Regulation (GDPR) from 25th May 2018.

We are committed to protecting and respecting your privacy and keeping client information secure.  We will always let you know how we intend to use your data and will never give anyone access to it unless we are forced to by law.  We may distribute your data in connection with the project or our services to you to third parties but we will never sell your data. 

How we collect and store your information:

We ask our clients to provide us with contact details such as: your name, business name, email address, project address and phone number so that we can respond to your enquiry.

During a project, if you provide us with a service we will collect either your name and/or the business name, bank details and keep records of the invoices we send you and the payments you make to us. We may record details of the service provided, such as date, details, cost etc.

Our website uses Google Analytics to track visitors to our website. This is done in the aggregate. We do not collect or store IP addresses, or any information that is personally identifiable.

Occasionally, we might receive your contact information from another member of our team. If we do, we protect it in exactly the same way as if you gave it to us directly.

When you contact us by email, sign up for a newsletter, or through our website, we store your information within Microsoft Office 365. If we do business with you, we store your information in our accounts software, Xero. We chose these systems partly for their commitment to security.

What we use your information for:

We will only use your information for the purpose of the project/service provided to you by us. We will not send you promotional offers or ‘junk mail’. We will contact you via email or telephone to send you invoices, statements, contractor/supplier quotes or project updates. 

Referrals of business: Partners, directors or administrators of the business may refer third parties to them if you are a “business to business” client whereby your business maybe able to give service to a third party we are engaged with or otherwise are dealing with. Generally we will guide them to publicly available contact information only where possible.  

Compliance with our insurance and professional standards terms: We must keep details of our professional work product for a minimum of six years and will normally hold it for seven to eight years. This is because from time to time we may need to provide it to our insurers, (brokers and underwriters) AND to our regulatory body the ARB and where applicable the RIBA, for these purposes: reviewing and handling complaints, claims for loss, negligence or legal compliance, reviewing and renewing policies, setting premiums, arranging run off cover, training and performance analysis. 

The steps we take to keep your information private:

All information stored both in our own systems and third-party services, is secured with a password.  Our management team have access to everything you’ve provided to us, but individual employees only have access to what they need to do their job. We restrict access to only those that need it using passwords.  We use different passwords for each service, and never use the same password twice.

The computers we use are all encrypted and are protected by a passcode or fingerprint access. These computers ask for authentication whenever they are switched on or after 5 minutes of inactivity. Our mobile devices are also protected by a fingerprint, or facial recognition.  

We operate from premises that are locked outside offices hours and when unmanned. We may work in public areas on mobile devices or work from home from mobile devices, not leave devices (or data) unattended and staff with access to data have signed agreements to stipulate that all data will be kept safe and will not be disclosed by them to any third party. 

Who is responsible for your information at our company:

The Director of the company, Shyam Patel, is responsible for the security of your data. If you have any concerns about the information we store or you would like to make a complaint about the way we handle your data and your privacy, please address all correspondence FAO Shyam Patel using the contact details below:

Email: sp@ansham.com

Telephone: 02070789858

Post: please see our terms for our postal address. 

Changes to the policy:

If we update the contents of this policy, the changes will be published on our website and become effective from the moment they are published.