One Touch Property Privacy Policy

One Brand Management Limited and its authorised agents are committed to the protection of its customers and all users of our websites. The following policy outlines how we treat your personal information, so that you can be assured it will be handled in a professional manner at all times.

1. Introduction

This Privacy Policy forms part of One Brand Management Limited (“One Touch”) obligation to be open and fair with all individuals whose personal data we process and to provide details around how we process such personal data and what we do with it.

One Touch is committed to safeguarding the privacy of personal data and complying with the General Data Protection Regulation (GDPR 2018) and the UK Data Protection Bill 2017, and any future changes in data protection legislation with which One Touch will be required to comply.

When selling, purchasing, renting or financing a property (including surveying services) through our company we process your personal data such as name, address, contact details, email address and passport amongst other things.

Processing of this data implies collecting, storing, using or disclosing your personal data.

If You consent to be notified of, or receive other products or services from One Touch, or use any of our websites, You may be provided with further privacy notices which may be contained in a separate policy or within any terms and conditions. These additional privacy notices shall supplement this Privacy Policy.

This Privacy Policy relates to the processing of personal data by One Touch.

Unless otherwise stated, all references to “we” or “our” shall imply all One Touch lines of business that process personal data. None of the lists or examples provided in this Privacy Policy is intended to be exhaustive or fully representative of every individual.


2. Scope

The scope of this Privacy Policy covers client personal data in respect of the following:

Ways we use your Personal Data

Definitions of Personal Data types

  • Collecting Personal Data
  • Using Personal Data
  • Fraud Protection Agencies (FPAs)
  • Disclosing Personal Data
  • Retaining Personal Data
  • Securing Personal Data
  • Sharing Personal Data
  • International Data Transfer
  • Log Files and Statistics
  • Data Subject Rights
  • Updates / Amendments
  • Third Party Websites
  • Consents (“Opt-in”)
  • Withdrawal of Consent (“Opt-out”)
  • Additional Privacy Information
  • Data Protection Registration
  • Our Details

3. Ways we use your Personal Data We’ll process your personal data:

a) as necessary to perform and fulfil our contracts with You:

  • to take steps at your request prior to entering into it;
  • to exercise rights set out in agreements or contracts;
  • to deliver our products and services;
  • to update our records;
  • to make and manage customer payments;
  • to manage fees and charges due on customer transactions;
  • to collect and recover money that is owed to Us.

b) as necessary to comply with legal obligation, e.g.:

  • when you exercise your rights under data protection law and make requests;
  • for compliance and to obey laws and regulations that apply to Us;
  • to verify your identity, make credit, fraud prevention and anti-money laundering checks;
  • to manage risk for Us and our customers;
  • to detect, investigate, report and seek to prevent financial crime;
  • to run our business in an efficient and proper way;
  • to manage how we work with other companies that provide products and services to Us and our customers.

c) as necessary for our own legitimate interests, or those or other persons and organisations, e.g.:

  • for good governance, accounting and managing and auditing our business operations;
  • to respond to complaints and seek to resolve them;
  • to run our business in an efficient and proper way;
  • to develop and manage our brands, products and services;
  • to manage how we work with other companies that provide products and services to Us and our customers;
  • to monitor emails, calls, other communications and activities with reference to your contract;
  • to provide advice or guidance about related products and services.

d) based on your consent, e.g.:

  • to manage our relationship with you;
  • to develop new ways to meet our customers’ needs and to grow our business;
  • to develop and carry out marketing activities;
  • to provide advice or guidance about related products and services.
  • You are free at any time to change your mind and withdraw your consent. The consequence might be that we can’t do certain things for You.

4. Definitions of Personal Data types We use various kinds of personal information, and group them together like this.

Type of Personal Information and their descriptions:

  1. "Contact"- Where You live and how to contact You.
  2. "Consent"- Any permissions, consent or preferences that You give Us, including how You would like Us to contact You.
  3. "Financial"- Your financial position, status and history.
  4. "Contractual"- Details about the products and services we provide to You.
  5. "Behavioural"- Details about how You use our products and services.
  6. "Communications"- What we learn about You from conversations, emails and letters between Us.
  7. "Social Relationships"- Your Family, friends and other relationships.
  8. "Open Data and Public Records"- Details about You that are in public records such as the Electoral Register and information about You that is openly available on the internet.
  9. "Usage Data"- Other data about how You use our products and services. 10."Documentary Data"- Details about You that are stored in documents in different formats, including copies. This could include things like your passport, drivers licence, birth certificate or utility bill.
  10. "Socio-demographic"- This includes details about your work or profession, nationality, education and where You fit into general social or income groups.
  11. "National Identifier"- A number or code given to You by a government to identify who You are, such as a National Insurance number or Passport Number.

5. Collecting Personal Data

We may collect and store the following kinds of personal data:

Information that You provided to Us when applying through our website, during visits to branch offices, in emails or over the phone.

Information contained in or relating to any communication that You send to Us through our website, email, in writing, using Live Chat or over the phone.

Information that You provide to Us for the purpose of subscribing to our marketing communications.

Information that You provide to Us when using any services we provide, or that is generated during the use of those services.

Information that You provide as part of electronically signing agreements with Us.

Information that You provide in performing anti-money laundering, financial and credit checks as well as for fraud and crime prevention and detection purposes.

Information related to the security and access of our systems and applications.

Information to help Us comply with our legal and regulatory obligations, including reporting to and being audited by regulators and external auditors.

Information to help Us comply with court orders and to exercise and defend our legal rights.

Any other personal information that may be sent to Us and which we use for legitimate business purposes.

Information shared as part of our competitions or promotions.

Before You disclose to Us the personal information of another person, You must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this Privacy Policy.

Data from third parties we work with:

  • Companies that introduce You to Us (property portals for example)
  • Financial Advisors
  • Mortgage Brokers
  • Comparison websites
  • Social networks

We may need to collect personal information by law, or under the terms of a contract we have with You. If You choose not to give Us this personal information, it may delay or prevent Us from meeting our obligations. It may also mean that we cannot perform the services needed to progress the sale, purchase or letting of a property.

Any data collection that is optional would be made clear at the point of collection.


6. Using Personal Data

We may use your personal information to:

  • Enable your use of any services that we may provide through our websites or third-party websites.
  • Supply You with our products and services.
  • Send statements, invoices and payment reminders to You, your lawyers who You use for conveyancing, or to collect payments from You.
  • Send You marketing communications.
  • Deal with enquiries and complaints.
  • Perform money laundering, financial and credit checks.
  • Use tracing services to obtain onward contact details and collect any unpaid debts for any default by You.
  • Ensure appropriate access to systems and applications.
  • Comply with our legal and regulatory obligations.

7. Fraud Prevention Agencies (FPAs)

We may need to confirm your identity before we provide products or services to You or your business. Once You have become a customer of ours, we will also share your personal information as needed to help detect fraud and money-laundering risks.

We use Fraud Prevention Agencies to help Us with this.

Both we and fraud prevention agencies can only use your personal information if we have a proper reason to do so. It must be needed for either of Us to obey the law, or for a “legitimate interest”.


8. Disclosing Personal Data

We only disclose your personal data in the ways set out in this Privacy Policy or subject to any agreements in place between Us. The following circumstances may apply:

Across our different lines of business and brands, as part of a need to know or as part of improving our existing products and services or as part of providing new services.

To third parties who process personal data on our behalf.

To third parties’ who process personal data on their own behalf but provide Us, or You, with a service on behalf of Us.

To third parties’ with whom information is shared for anti-money laundering checks, credit risk reduction, debt collection and other fraud and crime prevention purposes.

To any regulator, external auditor or applicable body or court where we are required to do so by law or regulation or as part of any investigation.

To any central or local government department and other statutory or public bodies, such as HMRC.

If the law or a public authority says we must share the personal data;

If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud or reducing credit risk);

To any other successors in title to our business(es);

We do not sell, rent or trade any of your personal data.

We will not, without your consent, disclose or supply your personal data to any third party for the purpose of their or any other third party’s direct marketing.


9. Retaining Personal Data

The following criteria are used to determine data retention periods for your personal data (whether or not You become a customer):

Retention in case of queries – we will retain your personal data as long as necessary to deal with your queries (e.g. if your potential transaction is unsuccessful);

Retention in case of claims – we will retain your personal data for as long as You might legally bring claims against Us; and

Retention in accordance with legal and regulatory requirements – we will retain your personal data after your contract or service with Us has come to an end based on legal and regulatory requirements.


10. Securing Personal Data

Where One Touch acts as the controller of personal data, it will ensure that necessary and adequate safeguards (e.g. encryption) are in place to prevent unauthorised access, loss, misuse or alteration of your personal data.

Where data is stored electronically we store all personal information on secure servers with relevant access and firewall controls.

Where data is stored on paper or forms all personal data is locked away when not in use, and disposed of securely after use either using document shredders or third-party disposal organisations who have been contracted to dispose of documents appropriately.

Any personal data sent to Us, either in writing or email, may be insecure in transit and we cannot guarantee its delivery.

Where You use a Password to access any service provided by One Touch this must be kept confidential and not disclosed to anyone else. One Touch does not ask You for your password.


11. Sharing Personal Data

To provide the services to You we may share the personal data that You supply with several third parties:

Adobe Systems, Inc (“Adobe Sign”) and/or Docusign Inc who are used to undertake the electronic digital signing of agreements.

Salesforce whose services are based in the USA.

iContact whose services are based in the USA.

Dropbox, Inc and/or Microsoft Corporation (“OneDrive”) to archive paper records that we are required to keep for legal and regulatory reasons and to dispose of records securely.

To protect your data One Touch agree contractual arrangements with these third-party data processors to ensure that your personal data is protected in compliance with this Privacy Policy and the data protection legislation that One Touch is required to comply with.

Unless otherwise defined under section 12 all personal data shared with third parties is stored and processed in the UK or EU.


12. International Data Transfers

Personal data that we collect, is predominantly stored and processed in the UK, but for specific services may be transferred, stored, processed outside of the EU (designated under GDPR as “Third Countries”).

As part of providing our services to You under an agency agreement we will use third party data processors from Third Countries as outlined below:

  • Adobe Systems, Inc (“Adobe Sign”) and Docusign Inc which are based in the USA.
  • Google, Inc whose services are based in the USA.
  • iContact whose services are based in the USA.
  • Dropbox, inc whose services are based in the USA.
  • Salesforce whose services are based in the USA.

One Touch has agreed contractual agreements with these third-party data processors to safeguard your personal data as required by GDPR when transfers are undertaken to Third Countries.

You expressly consent to the transfers of personal data described in this section for the purposes stated.


13. Log Files and Statistics

One Touch may use IP addresses, URLs of requested resources, timestamps and HTTP user agents to administer the system, analyse trends and gather broad demographic information for aggregate use.

In addition to this we may use third party services to monitor your use of our website, including Google Analytics, a web analytics service provided by Google, Inc (‘Google’). This information allows Us to track how many visitors we have, how often they visit and where they originated from. It also gives the ability to gather which terms were used when searching for properties.


14. Data Subject Rights

Your rights are as follows (noting that these rights don’t apply in all circumstances):

The right to be informed about our processing of your personal data;

The right to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed;

  • The right to object to processing of personal data;
  • The right to restrict processing of your personal data;
  • The right to have your personal data erased (the “right to be forgotten”);
  • The right to request access to your personal data and information about how we process it;
  • The right to move, copy or transfer your personal data (“data portability”); and
  • Rights in relation to automated decision making including profiling.

You have the right to complain to the Information Commissioner’s Office. It has enforcement powers and can investigate compliance with data protection law: www.ico.org.uk

For more details on all the above You can contact our Data Protection Officer (“DPO”) using the details in Section 22.


15. Updates / Amendments

We may update this privacy policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on these Websites prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.


16. Third Party Websites

We are not responsible for the practices employed by Third Party Websites linked to or from our Website nor the information or content contained therein.

Often links to other websites are provided solely as reference points to information on topics that may be useful to the users of our Website.

Please remember that when You use a link to go from our Website to a Third-Party Website, our Privacy Policy will no longer apply. Your browsing and interaction on any other Website, including Third Party Websites, which have a link on our Website, are subject to that Website’s own Privacy Policy.


17. Consents (“Opt-in”)

Your personal data is provided for the purpose of selling or purchasing a property, letting or being a tenant of a property, conveyancing, financial services or surveying services as agreed under the terms of an Agreement we have agreed between You and Us.

However, One Touch would like to support You throughout the entire process of selling or purchasing your property by offering You additional relevant and related services, and keep You informed about all One Touch services (marketing) which You can elect to, or decline from, receiving.


18. Withdrawal of Consent (“Opt-out”)

You have the right, at any time, to ask Us not to process your personal data for marketing purposes and any additional services that You have consented to receive.

You can opt-out of receiving any of these services and communications simply by clicking the unsubscribe link on any emails You receive, or contacting your branch or head office.

Please note it can take up to 28 days for a request to be fulfilled for general One Touch communications because of pre-planned or ongoing activity.


19. Additional Privacy Information

Referrals

If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the site. We store this information for the sole purpose of sending this one-time email and tracking the success of our referral program.

Your friend may contact us at enquire@onetouchinvestment.co.uk to request that we remove this information from our database.


Blog

Our Websites site offers a publicly accessible blog. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog, contact us at enquire @onetouchinvestment.co.uk. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.


Links to Third Party Sites

Our Websites may, from time to time, contain links to and from the websites of our suppliers, partner networks, advertisers, affiliates and other third parties. If you follow a link to any of these websites, please note that these websites should have their own privacy policies and we do not accept any responsibility or liability for these policies or the content or operation of these websites. Please check these policies and the terms of the websites before you submit any personal data to these websites.


Social Media Widgets

Our Websites include Social Media Features, such as the Facebook Like button. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Websites. Your interactions with these Features are governed by the privacy policy of the company providing it.


20. Data Protection Registration

We are registered as a data controller with the UK Information Commissioner’s Office and our data protection registration number is ZA053636.


21. Our Details

One Brand Management Limited is registered in England and Wales under company number 09691731.

Its registered office is at 124 City Road, London, EC1V 2NX.

You can contact Us as follows:

Email: enquire@onetouchinvestment.co.uk Web: https://www.onetouchinvestment.co.uk/contact/ Telephone: +44 (0) 20 3709 4275 In writing: Data Protection Officer One Brand Management Limited, 124 City Road, London, EC1V 2NX

“We are your partner in prosperity”

If you are considering buying investment property, it starts with a conversation. If we understand what you are looking for we are in a better position to help you achieve your goals and save you time by recommending the most suitable property.

Request a call back