Thompson Heaney will take all reasonable commercial steps to protect your privacy in its capacity as Data Controller and Data Processor.

The Company collects data from you only insofar as it is needed for the performance of work instructed, or in compliance with identity checks as required by anti money laundering legislation.

The Company’s legal basis for the collection and processing of your data is therefore in the performance of the contract between the Company and yourself.

Thompson Heaney may contact you from time to time in relation to the various services we offer, where we consider you may have a legitimate interest in those services, but we will never give your personal data to any third party other than in the performance of our contract.

You are entitled to opt out of receipt of this internal marketing should you so wish.

The Company does not operate any systems which involve automated decision making based on data supplied by you.

While the company may provide aggregate statistics to others, these will contain no information to identify you personally. Any information that you have provided to the company that might identify you personally will not be used in any way that you have not given permission for.

In our analysis of the information we are seeking to improve and make our site more effective and fundamentally to improve it for your benefit as much as for our own. In common with many other organisations we employ the use of cookies. This procedure creates files of information about your visit to our site and, for instance, informs us about what you found of interest there.

The company may maintain links to other websites for your reference if you wish. The company cannot control the contents of such other sites and has no responsibility for all or any part of their content or approval or endorsement by the company of anything that you may read there. The company accepts no responsibility for the data collection methods employed by such other sites.

The Company will process your data using our in house staff. Your data may be physically held in files and servers located within the UK.

We do all that we can to secure your privacy including the use of encryption for the transmission of information. The very nature of the internet is such that there can be no absolute guarantee of security. Information can be accessed and used in ways which the company cannot foresee or protect you from with 100% security.

You therefore need to accept that information that you submit is to that extent at your own risk. The company recommends therefore that you should bear all of these matters in mind in considering what information you choose to submit.

Data collected from you will be retained only for as long as is required by RICS, the professional body of which the Company is a member.
You have rights to access and amend your data under GDPR legislation, including the right to be forgotten. In these circumstances you should address your Subject Access Request to the Company’s Birmingham Office address.