Privacy Policy

Personal Data We Collect

We collect personal data that you provide directly to us and data that is collected automatically when you use our services:

• Contact Information: Name, email address, telephone number, postal address
• Property Information: Property details, location, heritage status, requirements
• Professional Details: Professional background, investment capacity, property portfolio information
• Communication Records: Correspondence, meeting notes, consultation records
• Technical Data: IP address, browser type, device information, website usage data

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

• Avoid filling out contact forms, account registrations, or any data-submitting features.
• Disable cookies through your browser settings (see our Cookie Policy for more details).
• Contact us directly to request the deletion of any previously shared personal data.
• We respect your privacy choices.
  
  If you would like us to delete your data, please reach out to us at the contact details provided on our [Contact] page. We will process your request promptly.

Data Retention Periods

• Active Client Records: Retained for the duration of our professional relationship plus 7 years
• Marketing Data: Retained until consent is withdrawn or 3 years of inactivity
• Website Analytics: Anonymized data retained for 26 months
• Legal and Regulatory Records: Retained as required by professional and legal obligations

Primary Service Purposes

• Providing heritage property consultations, valuations, and professional advice
• Managing estate planning and succession planning services
• Coordinating property restoration projects and heritage compliance
• Facilitating property transactions and professional introductions
• Maintaining professional records and client relationship management

Third-Party Data Sharing

We may share your personal data with trusted third parties in the following circumstances:

• Professional Partners: Heritage consultants, conservation specialists, legal advisors
• Service Providers: IT support, marketing agencies, professional indemnity insurers
• Regulatory Bodies: RICS, HM Revenue & Customs, Financial Conduct Authority
• Legal Requirements: Court orders, legal proceedings, law enforcement requests

Technical Security Measures

• Encryption: All sensitive data is encrypted both in transit and at rest using industry-standard protocols
• Access Controls: Role-based access systems with multi-factor authentication for all staff
• Network Security: Firewalls, intrusion detection systems, and regular security monitoring
• Data Backup: Secure, encrypted backup systems with regular recovery testing
• Software Updates: Regular security patches and system updates to maintain protection levels

Your Data Protection Rights

Under GDPR and UK data protection law, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation on how we use your personal data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent for marketing communications at any time

International Data Transfers

We primarily store and process your data within the United Kingdom. Where we need to transfer data internationally, we ensure adequate protection through:

• Adequacy decisions recognized by the UK government
• Standard contractual clauses approved by the ICO
• Binding corporate rules for multinational service providers
• Specific derogations where legally permitted