Privacy Policy

Privacy Policy & UK GDPR

1. Background

1.1 Following the United Kingdom exit from the European Union, the DPA (Data Protection Act) 2018 and UK GDPR (General Data Protection Regulation) was passed to lay down the rules relating to the protection and processing of data.

1.2 We have therefore updated our privacy policy to reflect these changes and to explain how this applies to clients using our service.

2. Basis

2.1 This privacy policy sets out how your data is processed by our company.

2.2 By agreeing to use our services, you are automatically accepting this policy and do not need to sign a separate document. In other words, by using our services you are entering into an agreement which gives us a legitimate basis to process your data, in line with UK GDPR requirements.

3. Your Privacy

3.1 We value your privacy and are committed to keeping your personal and business data safe.

3.2 We will only ask for the minimum data necessary to operate effectively and provide a high-quality professional service.

4. How we collect data

4.1 When you make an enquiry, contact us by e-mail, telephone or communicate on-line, we collect your contact data so that we can respond to your enquiry and provide services.

4.2 We do not use cookies to collect data on our website.

5. What data we hold

5.1 The data we hold comprises your name, e-mail address, phone number, postal address, geolocation data and the company you work for, if applicable, so that we can provide you with services.

5.2 We hold your data for as long as necessary to complete our work in accordance with the UK GDPR requirements.

6. Where we store your data

6.1 When you contact us by telephone or e-mail we store your data in our contact database, as well as the mailboxes used to deliver the e-mail.

6.2 We use a secure IT system behind a password protected firewall, files are kept in secure folders, our virus defence software is regularly updated and our computers require authentication before starting.

6.3 Correspondence is locked securely in an office cabinet, our building is secure, monitored and protected by an alarm and CCTV.

7. What we use your data for

7.1 To provide services to you, we will use your data to carry out work, to correspond regarding the work and to ensure that you receive professional service from our company.

7.2 We will use your data to respond to requests, communicate instructions, make enquiries, provide updates and send drawings, documents and correspondence.

7.3 We use your data when we liaise on your behalf with other organisations involved in the work, the council and with professionals engaged to provide expert advice and services.

7.4 We may use your contact data to provide you with details of products and services, or to invite you to events, unless you tell us not to, in which case we will not contact you in respect of these purposes.

7.5 We will always ask for your consent before providing any subscription service. 7.6 We will respect your privacy and will not sell your data.

8. Responsibility for your data

8.1 The Director of Young Building Design is the Data Controller and is responsible for the security of your data.

9. Who has access to your data

9.1 The data we store is only accessible to those working for Young Building Design who need it to do their job.

9.2 We understand our responsibilities to keep your data secure and to comply with the UK GDPR.

10. How we keep your data private & secure

10.1 When we store your data digitally, our IT system and computers are regularly backed up, we also maintain a password protected firewall, virus defence software and authentication.

10.2 We routinely run checking and maintenance software and strive to keep our security measures up to date.

10.3 All office cabinets containing correspondence are properly organised and securely locked when not in use.

10.4 Any waste material containing data is securely destroyed before being disposed of.

11. Accuracy of your data

11.1 In order to provide the highest level of customer service possible we securely store your data and take all reasonable steps to ensure that it is accurate.

11.2 We may verify with you that the data we hold is correct and we will rectify inaccurate data as soon as we are made aware.

12. Links to other websites

12.1 Our website may contain links to other websites of interest.

12.2 Where you use these links to leave our website, you should note that we do not have any control over any other websites.

12.3 We cannot be held responsible for the protection and privacy of any data which you provide whilst visiting other websites and these are not governed by this privacy policy.

12.4 You should exercise due diligence before using any websites and look at the privacy statement applicable to the websites in question.

13. Policy updates

13.1 We aim to monitor the guidance relating to the UK GDPR so that we comply with the current rules and if the requirements change we will adjust our policy accordingly.

13.2 If we change the contents of this policy, those changes will become effective the moment we publish them on our website.

14. Your rights

14.1 Under the UK GDPR you have the right to see a copy of the data we hold about you, for this to be corrected, restricted and also the right to request that your data is deleted from our system.

14.2 We may be required to keep some records to ensure that you are not contacted in future, or to comply with any legal obligations.

14.3 We aim to respond within 30 days from the point of receiving the request and all necessary information from you.

15. Questions or Complaints

15.1 If you have any questions about the way in which we handle your data which are not answered by this policy, or if you have any reason to complain, please e-mail us, or write to: The Director of Young Building Design at 71-75, Shelton Street, Covent Garden, London, W2CH 9JQ. You can also contact the Data Commissioner’s Office (ICO).

Revised Jan 2021.