1. Who We Are
Ad Hoc Property Management Ltd is a UK-based property management and guardianship provider. We are responsible for the personal data we collect and process in connection with our services and website.
For the purposes of UK data protection law, we act as:
- A data controller where we determine the purposes and means of processing personal data.
- A data processor where we process personal data strictly on the documented instructions of a client.
If you have any questions about this notice or how we use personal data, you can contact:
Email: s.sidhu@adhocproperty.co.uk
Address: Unit 20 & 21 Angel Gate, 326a City Road, London EC1V 2PT
Data Privacy Manager: Sharan Sidhu
2. The Personal Data We Collect
We may collect and process the following types of personal data, depending on your relationship with us:
Website visitors
- Name and contact details provided via contact forms
- IP address and browser information
- Analytics and cookie data (where applicable)
Guardian applicants and licensees
- Name, address and contact details
- Date of birth and identification information
- Employment and income information
- References
- Financial information for affordability checks
- Credit reference information obtained via Blinc
- Limited health or incident-related information where relevant to safety
DBS checks are not undertaken as standard but may be required in specific circumstances, for example where a property is adjacent to a school or where the environment presents particular safeguarding considerations.
Clients and property owners
- Contact details
- Contract and service-related information
- Communications and instructions
Employees and contractors
- Recruitment and HR data
- Payroll and benefits information
- Training and compliance records
- Health and safety information where relevant
We do not intentionally collect more data than is necessary for the purposes described below.
3. How We Use Personal Data and Our Lawful Bases
We process personal data in accordance with UK GDPR and the Data Protection Act 2018. Our lawful bases include:
- Performance of a contract
- Managing guardian licence agreements
- Delivering property management services
- Managing client contracts
- Processing payments and administering accounts
- Legal obligations
- Health and safety compliance
- Tax and accounting requirements
- Responding to lawful requests from regulators or law enforcement
- Legitimate interests
- Assessing suitability of guardian applicants
- Carrying out credit checks via Blinc
- Protecting property and assets
- Preventing fraud or misuse
- Improving our services and website
- Sending relevant marketing communications to business contacts, with the right to opt out at any time
Consent
Where consent is relied upon, for example in relation to certain marketing communications or optional cookies, it may be withdrawn at any time.
4. Credit Reference and Financial Checks
Where appropriate, we obtain credit reference information from Blinc to assess affordability and financial suitability. This is carried out under our legitimate interests and contractual requirements.
Blinc acts as an independent data controller in relation to credit reference data it holds. You should refer to Blinc’s privacy information for further details about how they process personal data.
5. CCTV and Surveillance Data
Where surveillance systems or body-worn cameras are used in connection with our services, personal data may be captured in accordance with our CCTV and Surveillance Data Handling Policy.
Surveillance data is processed only for defined purposes such as safety, incident management and crime prevention, and is handled securely.
6. Sharing Personal Data
We may share personal data where necessary with:
- Clients and property owners
- Credit reference agencies such as Blinc
- IT service providers, including Salesforce
- Professional advisers
- Insurers
- Regulators and law enforcement agencies where required
Where we use third-party service providers, they act as data processors and are required to implement appropriate security measures.
We do not routinely transfer personal data outside the UK.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, contractual and regulatory requirements.
Retention periods are defined and applied on a risk-based basis. When personal data is no longer required, it is securely deleted or anonymised.
8. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or loss.
These measures include:
- Role-based access controls
- Multi-factor authentication for key systems
- Secure cloud-based systems
- Incident reporting and response procedures
- Regular training for staff
9. Your Rights
Under UK data protection law, you have the right to:
- Request access to your personal data
- Request correction of inaccurate data
- Request erasure where applicable
- Restrict or object to certain processing
- Request data portability where relevant
- Withdraw consent where processing is based on consent
Requests should be made using the contact details above. We will respond within statutory timescales.
10. Complaints
If you are not satisfied with how we have handled your personal data, you have the right to complain to the Information Commissioner’s Office: www.ico.org.uk
We encourage you to contact us first so we can try to resolve your concern.
11. Cookies and Website Analytics
Our website uses cookies and analytics tools to improve functionality and user experience.
Where required, we will seek consent before placing non-essential cookies. Further details are provided in our Cookie Policy.
12. Updates to This Notice
We may update this Privacy Notice from time to time to reflect changes in law, guidance or operational practice. The most recent version will always be available on our website.
