This privacy notice relates to your use of our websites, and your use of our services at AWOL London Ltd, registered at Regina House, 124 Finchley Road, London, United Kingdom, NW3 5JS.
AWOL is considered a data controller and is committed to protecting and respecting your privacy. The purpose of this notice is to provide you with information on how and why we collect and process your personal data.
Please read this privacy notice and any other documents or fair processing notice we may provide carefully, as it is meant to help you understand what information about you, we collect, why we collect it, and how you can update, manage, export, and delete the information we have about you.
2. How you can contact us
Should you have any enquiries regarding your data protection rights, please feel free to contact our Data Protection Team by emailing [email protected] or calling +44 (0)20 3958 2991.
3. How we collect your data
We use different methods to collect data from and about you including:
Direct interactions: You may give us information on your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you use our services, website, sign up for marketing material and give us feedback.
Third parties or publicly available sources: We may receive personal data about you from various third parties as set out below:
Technical data from the following parties:
(a) analytics providers such as Google based outside the EU;
(b) advertising networks; and
(c) search information providers.
Contact, financial and transaction data from providers of technical, payment and delivery services:
(a) identity and contact data from data brokers or aggregators.
(b) identity and contact data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
4. What personal data do we collect about you
Depending on what type of relationship you have with us, whether it be at enquiry stage, application, contractual or post-contractual, this will distinguish the type of data we collect and process about you. Below we have provided information on the types of data we collect and process about you:
Applying to be a tenant
- Full name
- Email address
- Phone number
- Home/primary address
- Current salary
- Requirements for the property to rent
Contractually becomes a tenant
|- Banking details
- Credit card details
- National Insurance Number
- Copy of ID
- Copy of passport and/or visa
- Proof of address
- Bank statements
- Confirmation of income
- Name and contact details of a guarantor should one be required
- Reference check
- Former and current employer details
|Special Categories of Personal||*We do not collect any Special Categories of Personal
Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
5. What personal data we collect about children
Our services are not intended for use by children, and we do not knowingly collect data relating to children. In the event we learn that we collected personal data from anyone under the age of 16, and do not have a parent or guardian’s consent, we will delete that information as quickly as possible.
6. How and why we process your personal data
We use your personal data to provide our services. We must have a lawful basis for processing your personal data. The lawful bases we rely on are briefly explained below:
|Business purpose||Type of data||Lawful basis for processing|
|To register you as a new customer||(a) Identity
|(a) Performance of a contract|
|To process and perform our
obligations under our contract with
(a) Manage payments, fees, and
(b) Collect and recover money owed
|(a) Performance of a contract
(b) Legal requirement
|To manage our relationship with
you, which includes:
(a) Notifying you about changes to
our terms or privacy notice
(b) Sending a Birthday message
(c) Asking you to leave a review
(d) Informing you about any
relevant changes within LiFE
Residential or UK legislation in
relation to your property.
|(a) Performance of a contract
(b) Necessary for our legitimate
(c) Necessary for our legitimate
interests (to keep our records)
updated and to study how clients
use our products/services)
|To administer and protect our
business and this website (including
troubleshooting, data analysis,
testing, system maintenance,
support, reporting and hosting of
|(a) Technical||(a) Necessary for our legitimate
interests (for running our business,
provision of administration and
IT services, network security, to
prevent fraud and in the context
of a business reorganisation or
group restructuring exercise)
|To deliver relevant website content
and advertisements to you and
measure or understand the
effectiveness of the advertising we
serve to you
(b) Marketing and
|(a) Necessary for our legitimate
interests (to analyse how clients
use our products/services, to
develop them, and to inform our
|To use data analytics to improve
our website, products/services,
marketing, customer relationships
|(a) Necessary for our legitimate
interests (to define types of clients
for our products and services,
to keep our website updated
and relevant, and to inform our
|To make suggestions and
recommendations to you about
goods or services that may be of
interest to you
|(a) Legitimate Interest
7. How we use your data for Marketing purposes
We may use your data to provide you with details about products and services from our partners. Your data is used in different ways depending on the platform you are visiting or contacting us on.
We also have scripts from third party providers embedded on our website that allow us to offer our clients the ability to enquire with us or make use of our live chat 24/7. When you use these tools, your personal data is controlled and safeguarded by AWOL according to best practice, as outlined in this privacy notice.
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Cookies are small text files that are placed on your computer’s hard drive through your web browser when you visit any website. They are widely used to make websites work, or work more efficiently, as well as to provide data to the owners of the site. Like all other users of cookies, we may request the return of data from your computer when your browser requests a web page from our server. Cookies enable our web server to identify you, and to track your actions and the pages you visit while you use our website. The cookies we use may last for a single visit to our site (they are deleted from your computer when you close your browser) or may remain on your computer until you delete them or until a defined period of time has passed.
- to allow essential parts of our website to operate for you.
- to operate our content management system.
- to operate online notification forms that you use to contact us for any reason. This cookie is set on your arrival at our website and deleted when you close your browser.
- to enhance security on our contact forms and it is set for use only through contact forms. This cookie is deleted when you close your browser.
- to collect data about how visitors, use our website. We use this data to improve your experience while on our site and enable us to enhance it. This cookie collects data in an anonymous form, including the number of visitors to the site, where visitors have come from, and the pages they visited.
- to store your visit to the site data so that you do not have to provide it afresh when you visit the site next time. This cookie will last for a period after which it will delete automatically.
We will only send you marketing emails if we have your explicit consent to do so. Usually, we will ask you to give us your marketing consent when you sign business terms with us or when you enquire about a property with us. We will also give you an opportunity to opt-out by email after you have given us your marketing consent, should you have a change of mind.
You can change your mind on how you receive marketing messages or choose to stop receiving them at any time through our Marketing Preference Function which is a web page allowing you to unsubscribe from receiving marketing material. You can access this web page by following the link at the bottom of our marketing emails or email [email protected] for more details.
You can also unsubscribe by contacting our Data Protection Team via email [email protected] or calling +44 (0)20 3958 2991. Some preference change requests are processed manually and can take up to one week to implement across our systems.
If you have opted out from our marketing communications, it is possible that your details may be recaptured through public sources in an unconnected marketing campaign. We will try to make sure this does not happen, but if it does, we do apologize, and we would ask that you opt out again.
Please note that, even if you choose not to receive marketing information, we may still use your personal data to provide you with important services communications, including urgent communications in relation to any services you use, or important legislative changes that might affect you.
Automated decision-making or profiling
According to the ICO, ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a person. Some organisations analyse personal data to classify people into different groups or sectors and to identify correlations between different behaviours and characteristics to create profiles for individuals. Organisations use profiling to: - find something out about individuals’ preferences. - predict their behaviour; and/or - make decisions about them. AWOL does not undertake any automated decision-making or profiling.
8. How long do we keep your data for
The period for which we will keep your personal data will depend on the type of service you have requested from us. The retention period may be longer than the period for which we are providing services to you where we have statutory or regulatory obligations to retain personal data for a longer period, or where we may need to retain the information in case of a legal claim.
9. How do we keep your personal data safe
We have appropriate security measures in place to protect your personal data, employing multiple layers of technical controls to safeguard and monitor our systems. All our staff undergo regular, formal cyber security awareness and data protection training.
We limit access to your personal data to only those employees, agents, contractors and other third parties who have a business need to know it. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We do not, however, have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many information security risks that exist and take appropriate steps to safeguard your own information.
10. What happens if we have a data breach
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
11. Your legal rights as a data subject
As a data subject, you have several rights under data protection laws, which are set out below. You can Exercise any of these rights at any time should you wish to do so. If you require further information about your rights, please contact us using the details above.
|Right to be informed||We have a legal obligation to provide you with concise, transparent, intelligible, and easily accessible information about your personal data and our use of it. We have written this notice to do just that, but if you have any questions or require more specific information, you can contact our Data Protection Team at [email protected].
|Right of access||You have the right to ask us for copies of your personal data. This right always applies. There are some exemptions, which mean you may not always receive all the information. In most cases, this will be free of charge, but in some limited circumstances, for example, repeated requests for further copies, we may apply an administration fee.
|Right to rectification||You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information about you that you think is incomplete. This right always applies.
|Right to erasure||You have the right to ask us to erase your personal data in certain circumstances. We have the right to refuse to comply with a request for erasure if we are processing the personal data for one of the following reasons:
• to exercise the right of freedom of expression and information to comply with a legal obligation..
• to perform a task in the public interest or exercise official authority.
• for archiving purposes in the public interest, scientific research, historical research, or statistical purposes.
• for the exercise or defence of legal claims.
|Right to restriction of processing||You may ask us to stop processing your personal data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:
The accuracy of the personal data is contested. Processing of the personal data is unlawful.
We no longer need the personal data for processing, but the personal data is required for part of a legal process.
The right to object has been exercised and processing is restricted pending a decision on the status of the processing.
|Right to object to processing||You have the right to object to processing in certain circumstances. You can also object if the processing is for a task conducted in the public interest, the exercise of official authority vested in you, or your legitimate interests (or those of a third party).
|Right to data portability||This right only applies if we are processing information based on your consent or for the performance of a contract and the processing is automated.
|This right provides you the ability to ask for a decision to be made
manually, where a decision is made using automated means and this
adversely impacts you.
12. How can you exercise your rights?
Should you wish to exercise any of your rights listed above, please do so by contacting our Data Protection Team by emailing [email protected] or calling +44 (0)20 3958 2991. To better safeguard your data, we will also take reasonable steps to verify your identity before granting access or making corrections to your data.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
13. Sharing of data
We may share your personal data, where it is lawful to do so, with the following types of organisations who provide us with assistance in delivering our services or where we are legally obliged to share information:
• other companies within our group and our employees, consultants, agents, and professional advisers
• our business partners
• courts of law and government or regulatory authorities to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
• third parties to which we outsource certain services such as:
- credit referencing companies
- deposit protection companies
- utility providers
- Insurance providers
- cleaning, inventory, maintenance, building management companies
- IT systems or software providers
- IT support service providers
- digital marketing service providers
- payment service providers
- document and information storage providers
• other organisations for the purposes of fraud/crime protection and investigation
• anyone else with your consent
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. When we share your data with third parties, we disclose only the personal data that is necessary to deliver the service and we have a contract in place that requires our service to keep your data secure and only for the duration it is required to carry out that specific task we have instructed them on.
We will not sell, rent, or lease your personal data to any third party.
14. Where your data is kept, covering International transfers of data
Your data is held within AWOL’s information systems or those of our data processors with whom we have entered into a contract. Your data will be located within the UK unless operational reasons mean that isn’t possible. If personal data is processed outside of the UK, such as within the EEA, it will only be within countries covered by a UK GDPR adequacy decision or that have appropriate safeguards in place.
15. If you want to complain
We hope that we can resolve any query or concern you have raised about our use of your information. So please contact us first by emailing [email protected] or calling +44 (0)20 3958 2991 and we will try our best to deal with your concerns in a timely manner.
When we receive a complaint, we record all the data you have given to us. We use that data to resolve your complaint involving only those with a need to know. We make every effort to resolve all issues as quickly and efficiently as possible and minimise data processed.
For further information on how you can submit a complaint, please refer to our complaints procedure by following this link: Add link to AWOL’s complaint procedure here.
You have the right to lodge a complaint with a supervisory authority, in the UK or EEA member state where you work or normally live, or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner’s Office, which may be contacted at https://ico.org.uk/concerns or by telephone on 0303 123 1113.