Privacy

My House Online Ltd

My House Online Ltd ("We") are committed to protecting and respecting your privacy. We are a limited company and registered in England and Wales under company number 0999848 and have our registered office at Heath Barn, Norwich road, Fakenham, Norfolk NR21 8LZ.

This policy (together with our terms of use terms and conditions and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of UK and European data protection and e-privacy legislation (Data Protection Legislation) , we are the data controller.

Information we collect from you

We will collect and process the following data about you:

  1. Information you give us. This is information about you that you give us by filling in forms on our site www.myhouseonline.co.uk (our site) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our site, subscribe to our service, search for a product, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site.

    The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, demographic information such as post code, preferences and interests, personal description and photograph.

    The information you give us may also include the same type of personal data that you have collected from your own customers, together with additional information about your own customers such as addresses of the properties, the name, address, e-mail address and phone number of tenants occupying their properties and more. By providing us with such information, you are responsible for obtaining the consent of those data subjects under the Data Protection Legislation and you warrant to us that you have fully complied with the Data Protection Legislation in relation to the information you give us.

  2. Information we collect about you. With regard to each of your visits to our site we will automatically collect the following information: technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number(s).

  3. Information we receive from other sources. This is information we receive about you if you use any of the other websites we operate or the other services we provide. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

Cookies are small text files that are downloaded to your device by websites you visit. These cookies help us improve our site by providing us with information about how users interact with our sites such as the number of visitors to the site, the pages they visit and the length of time spent on the site. These cookies do not collect information that identifies a visitor. All the information that the cookies collect is aggregated and therefore anonymous. You may change your browser settings to delete and block cookies. To find out how to visit www.allaboutcookies.org.

Before our website places cookies on your computer, you will be presented with a message bar requesting your consent to set those cookies. By giving your consent to the placing of cookies, you are enabling us to provide a better experience and service to you. You may, if you wish, deny consent to the placing of cookies; however certain features of the Website may not function fully or as intended.

Our website may place the following cookies:


Type of Cookie Purpose

Strictly necessary cookies

These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, make use of e-billing services.

Analytical/performance cookies

They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies

These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies

These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Google Display Advertising, Google Remarketing and Google Analytics

We have implemented and use Display Advertising and Google Remarketing to advertise online. You will see our Ads on Third-party vendors websites, including Google, we show our ads on sites across the Internet.

We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimise, and serve ads based on someone's past visits to your website.

You may opt out of the DoubleClick cookie by visiting the Google advertising opt-out page or you may opt out of Google Analytics by visiting the Google Analytics opt-out page.

Google has additional information available about their Remarketing Privacy Guidelines, Policies, and Restrictions.

You can choose to enable or disable cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.

By continuing to use this site without changing your settings you consent to our use of cookies as described above.

LEGAL GROUNDS FOR COLLECTION AND USE OF PERSONAL INFORMATION

We will only collect, use and otherwise handle information held about you or received from you when:

Information you give to us. We will use this information:

  1. to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  2. to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
  3. to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please inform us in writing at My House Online, Heath Barn, Norwich road, Fakenham, Norfolk NR21 8LZ, office@myhouseonline.co.uk ;
  4. to notify you about changes to our service;
  5. to provide technical support to you;
  6. to ensure network and information security;
  7. to ensure that content from our site is presented in the most effective manner for you and for your computer.

Information we collect about you. We will use this information:

  1. to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  2. to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  3. to allow you to participate in interactive features of our service when you choose to do so; as part of our efforts to keep our site safe and secure;
  4. to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  5. to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

Information we receive from other sources. We will combine this information with information you give to us and the information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Marketing Opt-Out you are entitled to opt-out of marketing communications at any time and free of charge by emailing office@myhouseonline.co.uk or by using the "Update communication preferences" option included at the bottom of any marketing e-mail or other marketing material received from us.

Disclosure of your information

You agree that we have the right to share your personal information with:

Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

Selected third parties including:

business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you - this may include third-party integration platforms such as Van Mildert Landlord & Tenant Protection (to facilitate tenant referencing and landlord protections) and Tenant Shop or such other third party integration platforms or plugins used in connection with the performance of any contract we enter into with them or you; Yellow Bricks Mortgages and Ward Gethin Archer Solicitors in Norfolk.

advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we will provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in PE30). We may make use of the personal data we have collected from you to enable us to comply with our advertiser's wishes by displaying their advertisement to that target audience;

analytics and search engine providers that assist us in the improvement and optimisation of our site; credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.

We will disclose your personal information to third parties:

In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.

If My House Online Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use terms and conditions and other agreements; or to protect the rights, property, or safety of My House Online, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store your personal data

The data that we collect from you will be transferred to, and stored at, a destination within the European Economic Area ("EEA"). Your data will be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of services to you. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise the right at any time by contacting us at My House Online Ltd, Heath Barn, Norwich road, Fakenham, Norfolk NR21 8LZ or email to office@myhouseonline.co.uk

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to information

Data Protection Legislation gives you the right to access information held about you free of charge. Your right of access can be exercised in accordance with Data Protection Legislation. Any access request may be subject to a reasonable fee to meet our costs in providing you with details of the information we hold about you.

General Data Protection Regulations [GDPR] Policy Statement.

1. PURPOSE

    The purpose of this policy is to set out our company’s approach to collection and holding of personal data and to demonstrate that by introducing this policy statement and adhering to the policy and the related procedure we are demonstrating our commitment to being fully compliant with the General Data Protection Regulations which will become law across the EU [including the UK] in May 2018.

2. SCOPE

  1. This policy applies to the organization’s employees, management, & contractors, including any student interns, and volunteers.
  2. This policy describes the organization’s objectives and policies regarding maintaining the privacy of client information.
  3. This policy has been drawn up based on our current understanding of the Data Protection Act [DPA] and forthcoming changes [General Data Protection Regulations –GDPR -] which will become law in May 2018.

3. PRINCIPLES & DEFINITIONS

Many of the principles of GDPR are the same of the DPA. The regulation’s principles aim to ensure that an individual has:

  • The right to be informed: Allowing individuals to know that their data is being stored

  • The right of access: Allowing individuals to access their data is so that verify the lawfulness of the processing

  • The right to rectification: Allowing individuals to change/amend their data if it is incorrect/incomplete

  • The right to erasure: the right to be forgotten’ Total wipeout of their data from your systems

  • The right to restrict processing: Allowing individuals to put a block on their data being used at all

  • The right to data portability: To obtain and reuse their own data for their own purposes across different services

  • The right to object: Can say no to their data being used for marketing or processing

  • The right not to be subject to automated decision-making including profiling: Can say no to their data is subject to analysis without ‘human intervention’

Right to be informed

As a business we will provide details on how customers information will be processed and why. A Privacy Policy has also been produced in line with GDPR requirements. Any policy changes will be communicated to both new and existing customers.

Right to erasure (or 'right to be forgotten')

Individuals will now be able to request that their data is deleted. This doesn’t give people an absolute right to be erased or forgotten, however it is possible under certain circumstances. For example, situations where there is no longer a compelling reason for the data to remain on file. There are also occasions where this request can be refused. That is, when personal data has been processed for one of the following reasons:

  • To exercise the right of freedom of expression and information.
  • To comply with a legal obligation for the performance of a public interest task or exercise of official authority.
  • For public health purposes in the public interest.
  • Archiving purposes in the public interest, scientific research historical research or statistical purposes.

Data Protection Officer

As part of the new GDPR, it is a requirement that under certain circumstances a data protection officer (DPO) must be appointed. My House Online do not carry out large scale processing of special categories of data, or processing data relating to criminal convictions or offences, so are not required to appoint a Data Protection Officer.
More information on DPOs can be found on the ICO website.

Obligations on data processors

According to the ICO, a data controller "determines the purposes and means of processing personal data" and a data processor "is responsible for processing personal data on behalf of a controller". Under the DPA, the statutory obligations are on data controllers only. However, the GDPR sees data processors being given new responsibilities around the security of personal data during processing activities. Data Processors will also be legally accountable for compliance outside of contract terms.

Data protection impact assessment

A data protection impact assessment (DPIA) is a tool which the GDPR promotes so that businesses can effectively assess and comply with their own data protection obligations. They allow you to identify and resolve any issues that may lead to non-compliance and the resulting costs and reputational damage that may ensue. You are required to conduct a DPIA where the processing of data is likely to result in a high risk to the rights and freedoms of individuals.
More information on the rights of Individuals can be found on the Information Commissioner's Office (ICO) website.>

4. RESPONSIBILITIES

Data Controller

A data controller is an individual (or an organisation) who decides how personal data is processed. Data protection obligations primarily fall upon the data controller – it’s the job of the data controller to keep personal data safe. This includes data relating tenants, landlords, vendors and purchasers & prospective purchasers, employees or anyone working in the business, and all other data that is personal in nature.
The data controller will decide:

  • To collect the personal data in the first place
  • The legal basis for data collection
  • Which items of personal data to collect (what you need to know!)
  • What the personal data will be used for
  • Whose data to collect
  • Whether to pass the data onto a Processor, which Processor, and whether they have a data handling process
  • How long you will keep the data – this could change depending on whether you have a a formal legal contract in place with the individual or not. Keeping data for 6 years is acceptable after the end of a formal legal contract (such as a tenancy agreement), but if there is no formal contract in place, it should be deleted immediately.
  • Whether to make any amendments to the data

As a data controller, you also have to keep an eye on any Data Processors that you engage with.

Data Processor

A Data Processor is any of the organisations you ask to handle data on your behalf such as your referencing agency, or your agent. Under GDPR they have responsibilities for:


  • Appropriate collection of data
  • Appropriate editing of data
  • Retaining/storing in line with GDPR guidelines
  • Disclosing (or sharing) data in line with GDPR guidelines (how secure: password protected, cloud systems etc)
  • The correct deletion/erasing/destroying of data
  • The proper viewing (e.g. looking at someone’s personal data, which could include their image, on-screen or on paper) of data in line with GDPR guidelines
  • Appropriate archiving of data

The Data Controller has a responsibility to ensure that any Data Processor engaged with is managing your tenant’s data correctly and complying with the regulations.

Data breaches

We will notify the ‘relevant supervisory authority’ of any data breach that could result in a risk of rights and freedom of individuals, including discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage. In addition, we will also have to notify the person whose data had been breached.
As an organisation handling personal data, we acknowledge our responsibility and will register with the Information Commissioner's Office (ICO) and will renew our registration annually.

Review Date:

This policy will be reviewed every two years to ensure that it is still current and fit for purpose and additionally whenever there is any significant change is made to the GDPR regulations or their interpretation.
Disclaimer:
We make every effort to offer accurate, common-sense, ethical Human Resources Management advice, but while authoritative, this document is not guaranteed for accuracy and legality and is not to be construed as legal advice.

Changes to the privacy policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact us

If you would like to discuss anything in this privacy notice, please contact:

Inna Melnyk/ office@myhouseonline.co.uk - Data Protection Officer.

Head office: My House Online, Heath Barn, Norwich Road, Fakenham, Norfolk, NR21 8LZ

© My House Online | Sitemap | Terms | Privacy Policy