HOP & GDPR
HOP has always taken data privacy seriously. In fact, data protection is just 1 of over 150 pieces of legislation that face the lettings & block management industry. HOP is always working hard to stay up to date with changes in the law.
As part of GDPR compliance HOP reviews its use of personal data and provide data privacy training to our teams. HOP has made some changes to the ways in which we collect, store and use your personal data.
We’ve also updated our GDPR policy to bring it in line with the updated regulations.
We’ve listed our third party organisations such as referencing agencies, portals and software providers, and identified what they do with the data. HOP has designated a member of the team to be responsible for data protection.
HOP has updated existing contracts and highlight clauses that may be relevant to GDPR as well as reviewing how we sign up new Applicants, Tenants and Landlords, and how we manage consent. HOP has examined the security of its data to identify any vulnerabilities and the security of data on devices such as phones, laptops and cloud storage.
We have audited how our existing contacts came onto our databases and have auto archived applicants on our list after a certain period of time. HOP has a simple process in place for identifying, investigating and reporting data breaches and all employees at HOP undergo ongoing training.
HOP GDPR Policy
This document outlines HOP’s policy in regards to the GDPR Data Protection Legislation 2018.
How we store your data
We store all of our customers’ data on software systems called Jupix & Resident, which HOP currently holds licences to use. Jupix & Resident have informed HOP of their GDPR Policy. The data that we collect is owned by HOP and we do not sell your data to any third parties.
Who we share your data with
In order to provide the best service to our customers, we need to share your personal data with some of our service partners. These include but are not limited to One Utility, our bills management platform to provide your details to utility companies, the local council and internet providers. We also have a requirement to share your data with the DPS who provide our tenant deposit schemes.
As block managers we also share information with but are not limited to solicitors, debt collection agents, insurers, insurance brokers, loss adjusters, contractors, including maintenance contractors, regulatory authorities, including the fire authority and local authority, energy brokers, parking enforcement, IT support, accountants, the site developers or freeholders.
Gathering reviews is market research and essential to help us to continually improve our customer experience and provide the best service to our customers. We use Feefo to gather genuine reviews from our customers using their email address and/or mobile number. Note that Feefo are only permitted to contact you for a review on our behalf, no other reason.
As part of the referencing, application and creation of Tenancy paperwork process, HOP are required to share the details of applicants and their guarantors with all other Tenants, permitted occupiers and Guarantors within the property, whether on single or joint agreements.
As part of providing maintenance on managed properties we will share our customer’s details with maintenance contractors. To allow notice of entry for our Tenants we may provide your details to other professional business, inventory clerks, surveyors, other letting agents.
We work with other companies that may assist you in your moving process – for example bills management companies, internet providers, solicitors, insurance companies, credit checking companies that we refer to. However, we will ask your permission prior to passing your data on to any of these companies.
As part of our compliance regulations we may also need to share our customer’s details with HMRC, accountants and the local council. If required for legal reasons we may also share your data with law enforcement agencies, courts/tribunals and government bodies. We would need to do this to comply with our legal obligations, to exercise our legal rights for the protection of our employees and customers and for the prevention, detection, investigation of crime or prosecution of offenders.
How we ensure your data is secure
All data held by HOP is stored within Jupix & Resident which is stored on encrypted servers. The data storage system that we use abides by the GDPR Policy and is password protected by all of our users. In line with GDPR, Jupix provides a full auditing system to record processing of any data. If we need to print your details, for example on a contract or tenancy agreement, all paper copies with any personal data is placed in a locked paper cabinet and shredded off site by McCarthy’s shredding services who are GDPR compliant. If we store your personal details, we will always ensure these are kept out of sight and locked away.
Processing customer data
The processing of any customers’ data is necessary for the legitimate interests of HOP. The legitimate interests are;
- Handling queries, complaints or disputes from our customers
- Issuing service charge demands and accounts
- Providing the best service to our customers
- Sending promotional communications
- Gathering reviews and feedback on our service
- Contacting you about relevant information in relation to your property or industry
- Complying with our legal obligations such as Right to Rent
- Complying with HMRC regulations
- Preventing, investigating and detecting crime, fraud or anti-social behaviour
- Working with law enforcement agencies
How long your data is stored for
We store your data for a reasonable length of time in relation to the type of customer you are. Under Consumer Protection Regulations we must store our Applicant, Tenant, Guarantor and Landlord details for 7 years, or anyone who has conducted a viewing or valuation with us. Applicants who did not conduct a viewing with HOP will be automatically archived by our software after 18 months. Under Anti-Money Laundering obligations we must store identification documents for any person we do business with for five years.
Where we must store customers’ data In line with other legal compliance obligations, we keep it encrypted and will only use it as needed to fulfil our legal obligations or to service your needs as a customer.
What we use your data for
HOP will use your data to contact you to provide services to you as a customer. We will contact you by the methods that you have opted in for and we may contact you about relevant services based on what type of customer you are to HOP.
If you would prefer not to receive information from HOP you can update your preferences at any time. We will obtain your consent to be contacted and by which methods when you first make contact with us as a potential customer.
How we obtain consent
Upon your initial contact or application with HOP, we will ask for your contact details and your consent to be contacted. There will be a choice of contact options and consent can be amended or withdrawn at any time.
Data security breaches
Your data is important to us. All data will be stored securely, however, if we are alerted to data security breach which has potential to result in a risk to our customers, this breach will be notified to the ICO within 72 hours and all parties effected will be contacted.