At Etive Technologies Limited (Etive), which operates the DLB and PLB services, we are committed to protecting the privacy of our customers and the responsible management of personal information in accordance with the Data Protection Laws. Our company number is SC407510 and our registered office is at Quartermile Two, 2 Lister Square, Edinburgh, EH3 9GL. We are a controller for the purposes of the Data Protection Laws.
How to contact us
By post: Quartermile Two, 2 Lister Square, Edinburgh, EH3 9GL
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Why we process your personal data
Personal data may be processed by us where you consent to the processing or where that processing is necessary for 1) the performance of a contract with you and/or to provide services to you; or 2) compliance with a legal obligation to which we are subject; or 3) the purposes of our legitimate interests (or those of a third party). Where we process special category personal data we will process it in accordance with the explicit consent that we have requested from you.
Legitimate interests means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Property Log Book & Digital Log Book provide a variety of on-line services, including an online enquiry form which collects personal data when you register with us and when you use our services. We use your personal data to provide those services, including putting local authority information that may be relevant to you into your PLB or DLB.
You may use the services of third parties in connection with the DLB or PLB services. Those third parties may have their own privacy policies that govern how they use information provided by you. Please read such privacy policies before using any third party services.
What information do we collect?
We will collect information from you in the following circumstances:
Our enquiry form involves providing us with your name, address, telephone and mobile number and e-mail address. We use this information to answer your queries. It is in our legitimate interests to use your personal data to correspond with you when you make an enquiry to us.
When you register for the DLB and/or PLB services, we will collect and process certain personal data such as your name, contact details, financial details and other information to verify your identity. If you do not provide such personal data then we cannot perform our contract with you to deliver the DLB or PLB services (as applicable).
Information provided by you when you call or email us
You may give us personal data by corresponding with us by phone, e-mail or otherwise. Where we do not have a contract in place with you then is in our legitimate interests to use your personal data to correspond with you.
Special category personal data
Where you use the DLB or PLB services, certain information that you may provide to us is ‘special category personal data’ such as biometric data. We will not process any of your special category personal data without your explicit consent. Please note that if you do not provide explicit consent for us to process your special category personal data then you may not be able to use some parts of the Services.
Website usage data
Information we receive from other sources
We can receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties including, for example, business partners (please see “Strategic Partners” below), sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies and can receive information about you from them.
If you are a consumer customer we will only provide you with direct marketing communications where you have consented to receive such communication or you have contacted us directly to request specific information about our Services. You can subscribe to such marketing communications, and you can adjust your marketing preferences at any time by contacting us using our contact details above.
With whom do we share your personal data?
We may share your personal data with the parties set out below:
- Service providers acting as processors who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- Any relevant accreditation body or trade association.
- Any relevant regulatory authority or law enforcement agency, including HM Revenue & Customs and courts or tribunals who require reporting of processing activities in certain circumstances.
- Our employees, agents, contractors and other third parties so we can provide our services to you.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party processor service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Any sharing of your personal data will only take place:
- to maintain network and information security;
- to provide our services;
- to protect and defend our legal rights;
- to prevent an unlawful or dishonest act;
- to pursue our commercial objectives where this does not override your rights and freedoms as a data subject (necessary for our legitimate interests);
- to develop and improve our Services in order to remain competitive (necessary for our legitimate interests);
- with your consent; or
- where we need to comply with a legal obligation.
You may choose to share your personal data with other organisations as part of the DLB and/or PLB services. This is at your sole discretion and we have no responsibility or liability with regard to how you share your personal data while using the DLB or PLB services (as applicable). We have a number of strategic partners who we work with and may share your information with to help enhance your Property Log Book/Digital Log Book experience. We do not sell or rent your personal information to others. See further information in Strategic Partners.
In a number of instances our Property Log Book/Digital Log Book Services are made available in conjunction with a variety of organisations and their affiliates, such as local authorities, social landlords, housing associations, government departments or sponsors or other strategic partners, who wish to make our Property Log Book and/or Digital Log Book service available to their members, customers, staff and/or affiliates. In such instances, if you are a member, customer, member of staff or affiliate of such an organisation (or one of their affiliates) then your personal data will be accessible by these organisations (and their affiliates).
As part of your use of the Property Log Book and/or Digital Log Book or as part of subscribing to any of our products and/or services, these organisations will have the opportunity to contact you and we will work with these organisations to help ensure that this is a welcomed initiative rather than a hindrance and that they respect any requests from customers and users to unsubscribe or opt-out. Where you receive products and/or services from another organisation, such organisations’ terms and conditions apply and we have no control over and do not accept any liability or responsibility for the accuracy of the information provided to you by such organisations or displayed on such organisations’ websites. If you are at any time dissatisfied with one of our strategic partners then we would like to know because we are committed to only working with strategic partners that share our commitment to responsible data management.
Compliance with law
We will release personal information where we are required to by law or by the regulations and other rules including auditing requirement to which we are subject. We may also exchange information with other companies and organisations for fraud protection and credit risk reduction.
International Data Transfers
We do not transfer personal data outside the UK.
Where we store your personal data
Personal data is stored within the UK.
All personal data you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you or where you have chosen a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Office of a breach where we are legally required to do so.
Your personal data is protected by legal rights, which include your rights to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, following your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: if you want us to establish the data’s accuracy; where our use of the data is unlawful but you do not want us to erase it; where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party (data portability). We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of these rights, please contact us using the details above.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
For tax purposes, we retain basic information about our customers for six years after they cease being customers.
Automated decision making and profiling
We do not use automated decision-making (including profiling) to make any decisions which would produce a legal effect or similarly significantly affect a data subject.
We want you to be happy with our Services; should you have any concerns please contact us using the details above.
Change of purpose
Where we intend to further process personal data for a purpose other than that for which the personal data was collected, we shall provide you prior to that further processing with information on that new purpose and with any relevant further information.
LAST UPDATED FEBRUARY 2022