Legal information

All information in this website is for illustrative purposes only, not to scale. The pictures are approximate only. Whilst every attempt has been made to ensure the accuracy no responsibility is taken for any error, omission or misstatement.


Leas Pavilion Development Ltd regularly collects and uses personal data about current, former or prospective purchasers, when you note interest in a property or purchase a property in one of our developments, when you browse our corporate website https://leas-pavilion.co.uk/.

The purpose of this privacy policy (“Policy“) is to provide a clear explanation of when, why and how we collect and use that personal data. We have designed it to be as user friendly as possible, and have labelled sections to make it easy for you to find the information that is most relevant to you. Please read this Policy carefully as it provides important information about how we use personal data and explains your legal rights.

We will make changes to this Policy from time to time for example, to keep it up to date or to comply with legal requirements or changes in the way we operate our business. We will make sure that you are aware of any significant changes by sending an email message to the email address you most recently provided to us or by posting a notice on our Website so that you are aware of the impact to the data processing activities before you continue to engage.

WHO is responsible for looking after your personal data?

Leas Pavilion Development Ltd
300 Vauxhall Bridge Road
SW1V 1AA London
United Kingdom
VAT GB13039273

HOW do we collect personal data?

Directly

  • We collect your personal data in the course of managing your registration of interest form, or in the process of managing the sale of any property in our development.
  • We also collect your personal data in the course of monitoring your use of our Website.
  • We may receive personal data when we process your request to lease or notification of residence at one of our properties and any additional information provided by you during the course of your residence.

Indirectly

  • We further collect your personal data from third parties including credit reference agencies, leaseholder’s solicitors, completions teams appointed to carry out conveyancing services, research agencies and insolvency agencies.
  • We receive data that is collected by BAML where it has an impact on our developments, e.g. CCTV relating to incidents in a lobby/facility; or where an incident becomes a crisis, e.g. if an incident is likely to have a financial / reputational impact.
  • We also receive information from BAML, which may be aggregated, in relation to usage of certain facilities (i.e. the health clubs at the developments).
  • BAML operate CCTV and surveillance systems within our property portfolio and, where such CCTV footage reveals an incident that is escalated to us, CCTV imagery may be shared with us for crisis management.

WHAT personal data do we collect?

We collect the following data:

  • identity data such as your name, address, telephone number, email address and user name*,
  • employment information including place of employment and profession,
  • identification details such as passport, driving licence and residence permit, marriage/death certificates*,
  • profile/demographic information such as gender, age, postcode, bookings, preferences and interests, including any information you complete on a survey to tell us how we might improve our service offering,
  • bank details and financial information including sort code, account number, credit checks, bank details, payments and transactions information and arrears records*,
  • insolvency and bankruptcy information (if applicable),
  • conveyancing information including details of the property that you are interested in or you have purchased, and transactions such as parcel instructions, key releases and information relating to concierge/mail activities*,
  • communications including your preferences in receiving marketing from us and your communication preferences, operational instructions, feedback and general communications,
  • CCTV imagery and details, (which may, in certain occasions, include details of arrest reports, police investigations or incident reports where it relates to our development),
  • Details on energy usage,
  • Vehicle details (e.g. for parking or bike storage),
  • health information, for example if you are involved in an incident at a property and we have to manage a complaint/evacuation (including medical conditions / emergency contact information), and
  • device data including IP addresses and details about your browsing history, browser type, and session frequency and cookies – please see our separate cookie information page for further details on cookies.

The information marked with an * is mandatory, otherwise we would be unable to fulfil our contractual obligations to you pursuant to our contract or to respond to any enquiries you make on an interest form.

Where you are a contractor engaged to provide work at one of our developments, we collect: 1/ identity data (including: name, address, gender, telephone numbers, email address, username) and 2/ employment / work related data (including: place of employment and profession; employment history, qualifications, accreditations; operational records relating to daily work activity (such as handover logs); and report sheets and work certification.

What PURPOSES do we USE your personal data for and what is the LEGAL BASIS?

We will use your personal data to:

  • carry out our obligations arising from any contracts entered into between you and us, in particular:
    • manage our relationship with you as a leaseholder, including processing applications for consent pursuant to lease terms (such as alternations or subletting), releasing keys, booking deliveries, issuing notices of intention to carry out works, managing and sending demands for service charges, and for credit control and arrears recovery.
    • contact you with details of the progress on your purchase, with updates on the development or in the event that we need to contact you urgently about an issue with the property.
    • provide customer care, completions, occupations management and estate management services, including managing snagging, home demonstrations, handovers, registrations, concierge services, parcel logging, vehicle registrations for access to parking or bike storage, release of keys and booking facilities for resident events.
  • comply with internal record keeping requirements, including records of changes in name and ownership of leasehold properties.
  • process information that you provide by filling in forms on our Website, or any of the Apps or a reservation or registration of interest form at one of our sales offices and, if applicable, deal with any concerns if you contact us with a query or issue.
  • administer and protect our business, property portfolio and our Website and Apps (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  • carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes.
  • where we are responsible for the costs of doing so, arrange and manage repairs.
  • communicate with you in the event of emergency, for general crisis management, and to manage emergency response procedures, including evacuation plans.
  • manage operational issues and issue general estate communications, including to notify you about changes.
  • issue marketing communications and feedback surveys and to enable you to partake in a viewing, open house, launch or event, prize draw or competition.
  • carry out profiling and analytics and take steps to ensure that content from our Websites and Apps and, where applicable, our marketing communications, is presented in the most effective manner for you and for your computer. Further, using data analytics to improve our property portfolio, products/services, marketing, customer relationships and experiences.
  • process CCTV footage and protect facilities / properties in our development.
  • comply with legal and regulatory obligations.

We have to establish a legal ground to use your personal data, so we will make sure that we only use your personal data for the purposes set out in this Section 4 and in Appendix 1 where we are satisfied that our use of your personal data is necessary to:

  • perform a contract or take steps to enter into a contract with you, or
  • comply with a relevant legal or regulatory obligation that we are subject to (e.g. to comply with ICO requirements), or
  • support ‘Legitimate Interests’ that we have as a business (to grow our brand, to improve our services, to carry out analytics across our datasets and maintain our reputation), provided it is always carried out in a way that is proportionate, and that respects your privacy rights. More detail on our interests is set out in Appendix 1; or
  • based on your consent.

Where we process special categories of personal data, for example health information, we have an additional lawful basis, this additional basis will either be:

  • processing is necessary for the establishment, exercise or defence of legal claims;
  • processing is necessary to protect the vital interests of the data subject; or
  • based on condition 16(1) of Schedule 1 of Data Protection Act 2018.

Where we process information that reveals or relates to criminal convictions or offences (for example as part of credit checks to prevent money laundering or to manage accidents that occur at a property on our development), we have an additional lawful basis, this additional basis will be either based on condition 14(1) or 15 of Schedule 1 of Data Protection Act 2018.

Who do we SHARE your personal data with?

We share the data with the following entities:

  • Associated companies of Leas Pavilion Development Ltd, for the purposes of marketing activities relating to it’s developments.
  • our solicitors, accountants and third party corporate service providers at an appropriate point in any sales process, where details of prospective purchasers are passed to enable them to prepare relevant paperwork to complete the conveyancing process;
  • our managing and marketing agents who have delegated authority on behalf of Leas Pavilion Development Ltd for the purposes of: managing the conduct of negotiations with investors and, where relevant, managing the subsequent sale process through to completion, provision of promotion and marketing services, operating our on-site marketing suite / project branded website;
  • third parties that manage our properties and collect service charges (such as our letting agents, credit reference agencies, contractors, sub-contractors);
  • utility companies who provide services to a property that you have purchased; and
  • regulators and authorities, which include the ICO and HMRC, as well as other regulators and law enforcement agencies in the E.U. and around the world, in particular National Crime Agency, the National House-Building Council, local authorities and other professional services firms (including our auditors, lawyers, bankers, anti-money laundering agencies and insurers who provide consultancy, banking, legal, insurance and accounting services) for the purpose of ensuring that we comply with our legal obligations.

To ensure we manage our developments in a streamlined manner, we also share the data with Service Providers who provide database, IT and system administration services.

Also, if we were to sell part of our businesses, we would transfer your personal data to the purchaser or potential investors.

Direct Marketing

We may use your personal data to send you direct marketing communications about our developments or services. This will be in the form of email, post, SMS or targeted online advertisements.

Where we require explicit opt-in consent for direct marketing in accordance with the Privacy and Electronic Communications Regulations (“PECR”) we will ask for your consent. Otherwise, for non-electronic marketing or where we can rely on the soft opt-in exemption under the PECR, we will be relying on our Legitimate Interests for the purposes of GDPR as further detailed in Section 4 and Appendix 1.

We also use your personal data for customising or personalising advertisements, offers and content made available to you based on your visits to and/or usage of any of our Websites, and analyse the performance of those advertisements, offers and content. This constitutes ‘profiling’ – it does not have any significant legal impact on you but simply means we can ensure marketing materials are tailored to your preferences or what we think you will be interested in.

You have a right to stop receiving direct marketing at any time – you can do this by following the opt-out links in electronic communications (such as emails).

International Transfers

We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests, in particular we will either:

  • only transfer your personal data to countries which are recognised as providing an adequate level of legal protection in accordance with Article 45 of the GDPR, in particular Jersey & Malaysia; or
  • ensure that transfers outside your country are subject to additional safeguards required under local law – for example, the EU Model Clauses pursuant to Article 46(2) of the GDPR.

You have the right to ask us for more information about the safeguards we have put in place as mentioned above.

How long do we keep your personal data?

We will retain your personal data for as long as is reasonably necessary for the purposes listed in Section 4 of this Policy.

Where we are required to do so to meet legal, regulatory, tax or accounting requirements, we will retain your personal data for longer periods of time, but only where permitted to do so, including so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a possibility of legal action relating to your personal data or dealings.

We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required and we do not have a legal requirement to retain it, we will ensure it is either securely deleted or stored in a way such that it is anonymised and the personal data is no longer used by the business.

What are your rights?

  • Access: You can ask us to:
    • confirm whether we are processing your personal data;
    • give you a copy of that data;
    • provide you with other information about your personal data such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we have carried out automated decision making or profiling, to the extent that information has not already been provided to you in this Policy.
  • Rectification: You can ask us to rectify inaccurate personal data. We may seek to verify the accuracy of the data before rectifying it.
  • Erasure / Right to be Forgotten: You can ask us to erase your personal data, but only where:
    • it is no longer needed for the purposes for which it was collected; or
    • you have withdrawn your consent (where the data processing was based on consent); or
    • it follows a successful right to object (see ‘Objection’ below); or
    • it has been processed unlawfully; or
    • it is necessary to comply with a legal obligation which we are subject to.

    We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary: for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims, in relation to the freedom of expression or for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

  • Restriction: You can ask us to restrict (i.e. keep but not use) your personal data, but only where:
    • its accuracy is contested (see ‘Rectification’ above), to allow us to verify its accuracy; or
    • the processing is unlawful, but you do not want it erased; or
    • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
    • you have exercised the right to object, and verification of overriding grounds is pending.

    We can continue to use your personal data following a request for restriction, where:

    • we have your consent; or
    • to establish, exercise or defend legal claims; or
    • to protect the rights of another natural or legal person.
  • Portability: You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another Controller, but in each case only where: the processing is based on your consent or the performance of a contract with you; and the processing is carried out by automated means.
  • Objection: You can object to any processing of your personal data which has our ‘Legitimate Interests’ as its legal basis (see Appendix 2 for further details), if you believe your fundamental rights and freedoms outweigh our Legitimate Interests. Once you have objected, we have an opportunity to demonstrate that we have compelling Legitimate Interests which override your rights.

You also have various rights in relation to any automated decision making, however we do not carry out these activities as we always involve meaningful human intervention.

Please note the following if you do wish to exercise these rights:

  • Identity. We take the confidentiality of all records containing personal data seriously, and reserve the right to ask you for proof of your identity if you make a request.
  • Fees. We will not ask for a fee to exercise any of your rights in relation to your personal data, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge a reasonable amount in the circumstances.
  • Timescales. We aim to respond to any valid requests within one month unless it is particularly complicated or you have made several requests, in which case we aim to respond within three months. We will let you know if we are going to take longer than one month. We might ask you if you can help by telling us what exactly you want to receive or are concerned about. This will help us to action your request more quickly.
  • Exemptions. Local laws, including in the UK, provide for additional exemptions, in particular to the right of access, whereby personal data can be withheld from you in certain circumstances, for example where it is subject to legal privilege.

Complaints

If you have a complaint or concern about how we use your personal data, please contact us at info@leas-pavilion.co.uk in the first instance and we will attempt to resolve the issue as soon as possible. You also have a right to lodge a complaint with your national data protection supervisory authority. In the UK, the supervisory authority for data protection is the ICO (https://ico.org.uk/). We do ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

APPENDIX 1 – LEGAL BASIS FOR PROCESSING

Activity

carry out our obligations arising from any contracts entered into between you and us, in particular:

  • manage our relationship with you as a leaseholder, including processing applications for consent pursuant to lease terms (such as alternations or subletting), releasing keys, booking deliveries, issuing notices of intention to carry out works, managing and sending demands for service charges, and for credit control and arrears recovery.
  • contact you with details of the progress on your purchase, with updates on the development or in the event that we need to contact you urgently about an issue with the property.
  • provide customer care, completions, occupations management and estate management services, including managing snagging, home demonstrations, handovers, registrations, concierge services, parcel logging, vehicle registrations for access to parking or bike storage, release of keys and booking facilities for resident events.

Type of information collected

  • Identity Information
  • Employment Information
  • Bank details and financial information
  • Conveyancing Information
  • Communications
  • Vehicle details
  • Details on energy usage

The basis on which we use the information

  • Performance of a contract or potential contract with you.
  • Legitimate Interest to provide services and to operate and grow our business.

Activity

comply with internal record keeping requirements, including records of changes in name and ownership of leasehold properties.

Type of information collected

  • Identity Information
  • Conveyancing Information

The basis on which we use the information

  • Performance of a contract or potential contract with you.
  • Legitimate Interest to operate our business and keep our records updated.

Activity

process information that you provide by filling in forms on our Website, or a reservation or registration of interest form at one of our sales offices and, if applicable, deal with any concerns if you contact us with a query or issue.

Type of information collected

  • Identity Information
  • Communications

The basis on which we use the information

  • Performance of a contract or potential contract with you.
  • Legitimate interest to provide services and to operate and grow our business.

Activity

administer and protect our business, property portfolio and our Website and Apps (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

Type of information collected

  • Identity Information
  • Communications
  • Device Data

The basis on which we use the information

Legitimate interest to operate our business, to provide administration & IT services, for network security and for prevention of fraud and ensure that our Websites and Apps operate efficiently.


Activity

carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes.

Type of information collected

  • Identity Information
  • Employment Information
  • Identification details
  • Bank details and financial information
  • Insolvency and bankruptcy information

The basis on which we use the information

  • Performance of a contract.
  • Legal obligation.
  • Condition 14(1) or 15 of Schedule 1 of Data Protection Act 2018.

Activity

facilitate registration as a resident on the Apps, and managing enquiries and providing services via the Apps.

Type of information collected

  • Identity Information
  • Communications

The basis on which we use the information

  • Performance of a contract.
  • Legitimate interest to manage and maintain our portfolio.

Activity

where we are responsible for the costs of doing so, arrange and manage repairs.

Type of information collected

  • Contractors: Identity data & Employment / work related data
  • Leaseholders/Residents: Identity Information, Communications and Conveyancing Information

The basis on which we use the information

Performance of a contract or potential contract with you.


Activity

communicate with you in the event of emergency, for general crisis management, and to manage emergency response procedures, including evacuation plans.

Type of information collected

  • Identity Information
  • Communications
  • Health information

The basis on which we use the information

  • Performance of a contract or potential contract with you.
  • Legitimate interest to manage our portfolio and maintain security and protect our interests and reputation and deal with crises.
  • Necessary to protect the vital interests of the data subject.
  • Necessary for the establishment, exercise or defence of legal claims.

Activity

manage operational issues and issue general estate communications, including to notify you about changes.

Type of information collected

  • Identity Information
  • Communications

The basis on which we use the information

Performance of a contract or potential contract with you.


Activity

issue marketing communications and feedback surveys and to enable you to partake in a viewing, open house, launch or event, prize draw or competition.

Type of information collected

  • Identity Information
  • Communications

The basis on which we use the information

Legitimate interest for marketing activities relating to our developments and to grow our business or where opt-in consent is required for electronic marketing pursuant to PECRs, consent.


Activity

carry out profiling and analytics and take steps to ensure that content from our Website and, where applicable, our marketing communications, is presented in the most effective manner for you and for your computer. Further, using data analytics to improve our property portfolio, products/services, marketing, customer relationships and experiences.

Type of information collected

  • Identity Information
  • Communications
  • Profile/Demographic Information
  • Details on energy usage
  • Device data
  • Vehicle details

The basis on which we use the information

Legitimate interest to define types of customers based on their age, gender & interests for our products or services, to keep our Websites and Apps updated & relevant, to develop our business and to inform our marketing strategy; also to ensure communications are relevant and of interest to recipients.


Activity

process CCTV footage and protect facilities / properties in our development.

Type of information collected

  • CCTV imagery and details
  • Health information
  • Vehicle details

The basis on which we use the information

  • Legitimate interest to manage our portfolio and maintain security and protect our interests and reputation.
  • Condition 14(1) or 15 of Schedule 1 of Data Protection Act 2018.
  • Necessary to protect the vital interests of the data subject.
  • Necessary for the establishment, exercise or defence of legal claims.

Activity

comply with legal and regulatory obligations.

Type of information collected

  • Identity Information
  • Conveyancing Information
  • Identification details
  • Bank details and financial information

The basis on which we use the information

Legal obligation.

APPENDIX 2 – GLOSSARY

Controller: means a natural or legal person which determines the means and purposes of processing of personal data.

Data Subject: means an individual whom the personal data is about.

EEA: means the European Economic Area.

GDPR: means the General Data Protection Regulation, which came into force on 25 May 2018 and replaces the previous Data Protection Directive 95/46/EC.

ICO: the Information Commissioner’s Office regulates the processing of personal data by all organisations within the UK.

Legitimate Interests: this is a ground which can be used by organisations as a lawful basis of processing, for example where personal data is used in ways that could reasonably be expected, or there is a compelling reason for the processing.

Personal Data: is information that relates to an identified or identifiable individual. What identifies an individual could be as simple as a name or a number or could include other identifiers such as an IP address or a cookie identifier, or other factors.

Service Providers: these are a range of third parties to whom we outsource certain functions of our business. For example, we have service providers who provide / support IT applications or systems, which means that your personal data will be hosted on their servers, but under our control and direction. We require all our service providers to respect the confidentiality and security of personal data.