Dualchas Architects Ltd is committed to protecting the personal information of its clients, staff, suppliers, partners and contractors.
Dualchas Architects is a data controller which is registered with the Information Commissioners Office No. ZA485913 and we are subject to the General Data Protection Regulations which came into force in May 2018.
When you send us a website enquiry we will collect you name, address, contact phone numbers and email address/es. When you send us details of your product or service we may collect your name, position, company name, address, email address and contact phone numbers. When you send us your CV and/or portfolio, we may collect your name, address, email address and phone contact numbers.
You may also provide us with information by corresponding with us by phone and email. We may take your name, address, contact phone numbers and email address.
While we collect most of the information we hold directly from you, we will sometimes obtain information from third parties, such as references (with your consent). For example, HebHomes, our sister company may refer current clients, or redirect initial enquiries to Dualchas for more appropriate architectural services.
The personal information we may hold may include; your name, job title, company name, address, email address, phone contact numbers. We may also hold limited financial information such as bank account details and VAT registration numbers for the processing of invoices.
When we collect personal information from clients, potential clients and others, it will be used for the following purposes
When you voluntarily give us your personal information we will only use it for the above purposes. If we intend to use your personal information for a purpose other than those above, we will seek your express consent.
We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as necessary for the relevant activity. For further details please see our Document Retention Schedule
Under the GDPR we only use this data where the law allows us to. Most commonly, we will use this data in the following circumstance:
Legitimate interest is when we, or a third party have a business or commercial reason to use your information, as long as it does not override your own fundamental rights and freedoms.
We have a legitimate interest in processing your personal information for marketing and promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We may use your personal information to send you updates (by email, text message, telephone or post) about our services and products
You have the right to opt out of receiving promotional communications at any time by contacting the Office Administrator email@example.com
We do not share or sell personal data to third parties for promotional or marketing purposes.
We will treat your personal information as confidential and only share in the following circumstances. We may share personal information with:
We may also share personal information with external auditors, e.g. auditors of our accounts or in relation to ISO accreditation.
We will keep personal information while we are providing you with services, have an account or contract with you, or in our employment. Thereafter we will keep personal information for as long as necessary to:
When personal information is no longer retained we will delete it and/or dispose of it securely.
You have the following rights which you can exercise free of charge
And in certain circumstances
You also have the right to see and correct data that we hold about you. If your details change or any other information we hold is inaccurate or out of date, please let our Office administrator know firstname.lastname@example.org
We use a number of cloud-based applications in the pursuit of our business, such as Dropbox and OneDrive. As such, some personal information may be stored in servers outside the EEA. We only use applications and platforms that demonstrate an approved certification mechanism under the GDPR regulations. Where on occasion, it may be necessary, for example to place an order with a supplier outside the EEA, or the project is based outside the EEA, we will seek your express consent.
Personal information is stored on a secure, onsite service and cloud based applications (One drive, Drop box) and access is only permitted to staff members with login accounts to access the information. All relevant security measures have been implemented to ensure that this information stays secure and all staff have been trained in the principles of data protection
We provide free access to Wi-Fi in our Studios or our visitors. It is securely configured to separate our corporate data for internet browsing. As a guest you will be asked to logon to a secure portal that will grant you access to browse the internet only. We do not store any information about your connection or the sites you visit.
Generally, we do not collect any personal information from children and young people under 16. On the rare occasion where we may it will be with the prior verifiable consent from their parent or legal guardian.
We do not use automated decision-making and profiling.
If it become apparent that a potential data breach has occurred, we will endeavour to report this to the ICO within 72 hours of the becoming aware of the breach. This will be the case if the data breach is likely to result in damage to a person’s reputation, financial loss, loss of confidentiality, or major financial or social disadvantage. If the breach is likely to result in the risk to your rights and freedoms of the we will also contact, you without due delay.
Data breaches will be reported to the ICO on the breach helpline 0303 123 1113
The GDPR give you the right to complain with the Information Commissioner, www.ico.org.uk/concerns or phone 0303 123 1113.
This Policy was published in January 2019
We may change this policy from time to time. When we do will inform you via our website or other means of communication, e.g. email.
Dualchas Architects Ltd
Sabhal Mòr Ostaig
Isle of Skye
01471 833 300