Privacy and Data Policy


Dualchas provides client led architectural services for bespoke, one-off designs. Our sister company, HebHomes, provide, deliver, erect and build kit homes designed by Dualchas architects. When clients make their first approach to either company, we will discuss with the client whether they wish to explore a bespoke one-off design or a more cost effective kit home. A client who contacts one company in the first stance may be referred to the sister company depending on client requirements.

Dualchas Architects Ltd is committed to protecting the personal information of its clients, staff, suppliers, partners and contractors.

Dualchas Architects is a data controller which is registered with the Information Commissioners Office No. ZA485913 and we are subject to the General Data Protection Regulations which came into force in May 2018.

This privacy policy provides information about the personal information that Dualchas collects, the ways in which we use this data, with whom we share the data and how long we hold the data.

Any questions regarding this privacy policy and our data protection practices should be sent by email to the Office Administrator, [email protected]  

How does Dualchas collect information?

You can visit our website without providing and personal information, however we may automatically collect IP addresses, information about your visit and how you use our website. We also monitor customer traffic patterns and site use which enable us to improve the service we provide. For more details please see our cookie policy.

When you send us a website enquiry we will collect you name, address, contact phone numbers and email address/es. When you send us details of your product or service we may collect your name, position, company name, address, email address and contact phone numbers. When you send us your CV and/or portfolio, we may collect your name, address, email address and phone contact numbers.

You may also provide us with information by corresponding with us by phone and email. We may take your name, address, contact phone numbers and email address.

While we collect most of the information we hold directly from you, we will sometimes obtain information from third parties, such as references (with your consent), or referrals from our sister company HebHomes for more appropriate  bespoke architectural services. 

What type of information do we hold?

The personal information we may hold may include; your name, job title, company name, address, email address, phone contact numbers. We may also hold limited financial information such as bank account details and VAT registration numbers for the processing of invoices.

How your personal information is used

When we collect personal information from clients, potential clients and others, it will be used for the following purposes

  • To maintain responsible commercial and contractual relations with you
  • To understand your service and project needs
  • To manage and develop our business and operations
  • To meet legal and regulatory requirements
  • To notify you of changes to our services
  • To process a job application
  • To recommend your product or service to relevant contacts.

When you voluntarily give us your personal information we will only use it for the above purposes. If we intend to use your personal information for a purpose other than those above, we will seek your express consent.

We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as necessary for the relevant activity. For further details please see our Document Retention Schedule

What is the legal basis on which we process your data?

Under the GDPR we only use this data where the law allows us to. Most commonly, we will use this data in the following circumstance:

  • For the performance of our contract with you or, at your request, carry out instructions in the lead up to entering into a contract.
  • Where necessary for compliance with a legal or regulatory obligation we are subject to; and
  • For our legitimate interests (as described within this policy) and your interests and fundamental rights do not override these interests.

Legitimate interest is when we, or a third party have a business or commercial reason to use your information, as long as it does not override your own fundamental rights and freedoms. 

We have a legitimate interest in processing your personal information for marketing and promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

Promotional and marketing communications

We may use your personal information to send you updates (by email, text message, telephone or post) about our services and products.

You have the right to opt out of receiving promotional communications at any time by contacting the Office Administrator [email protected]

We do not share or sell personal data to third parties for promotional or marketing purposes.

Who do we share data with?

We will treat your personal information as confidential and only share in the following circumstances. We may share personal information with:

  • Third parties we use to help us deliver our services to your, e.g. consultants, contractors, suppliers, delivery companies, local authorities;
  • Other third parties we use to help us run our business, e.g. our sister company HebHomes,
  • Third parties, approved by you, e.g. third-party payment providers,
  • Our insurers and brokers
  • Our banks

We may also share personal information with external auditors, e.g. auditors of our accounts or in relation to ISO accreditation.

How long do we keep your personal information?

We will keep personal information while we are providing you with services, have an account or contract with you, or in our employment. Thereafter we will keep personal information for as long as necessary to:

  • Be able to respond to complaints or claims made by you on your behalf
  • Show that we treated you fairly
  • Keep records required by law or governing body (RIAS ARB)

We do not keep personal information for longer than necessary for the purposes of this privacy policy. Different retention periods apply for different types of personal information. Further details are available in our Document Retention Schedule.

When personal information is no longer retained we will delete it and/or dispose of it securely.

Your rights

You have the following rights which you can exercise free of charge

  • Access: The right to be provided with a copy of your personal information
  • Rectification: The right to require us to correct any mistake in your personal information
  • Not to be subject to automated individual decision making:

And in certain circumstances

  • To be forgotten: The right to require us to delete your personal information
  • Restriction of processing: The right to require us to restrict processing of your personal information
  • Data portability: The right to receive the personal information you gave to us in a structured, commonly used and machine-readable format and or transmit that data to a third party.
  • To object: at any time to your personal information being processed for direct marketing,


Our website may at times contain links to other websites that may offer useful information to our clients and visitors. Please note, that if you follow the link to any of these websites, this privacy policy does not apply, and we do not accept responsibility for liability for their policies.

You also have the right to see and correct data that we hold about you. If your details change or any other information we hold is inaccurate or out of date, please let our Office administrator know [email protected]

Transferring your personal information out of the European Economic Union (EEA).

We use a number of cloud-based applications in the pursuit of our business, such as Dropbox and OneDrive. As such, some personal information may be stored in servers outside the EEA. We only use applications and platforms that demonstrate an approved certification mechanism under the GDPR regulations. Where on occasion, it may be necessary, for example to place an order with a supplier outside the EEA, or the project is based outside the EEA, we will seek your express consent.

Security of personal information

Personal information is stored on a secure, onsite service and cloud based applications (One drive, Drop box) and access is only permitted to staff members with login accounts to access the information. All relevant security measures have been implemented to ensure that this information stays secure and all staff have been trained in the principles of data protection.

We provide free access to Wi-Fi in our Studios or our visitors. It is securely configured to separate our corporate data for internet browsing. As a guest you will be asked to logon to a secure portal that will grant you access to browse the internet only. We do not store any information about your connection or the sites you visit.

Children and young people under 16.

Generally, we do not collect any personal information from children and young people under 16. On the rare occasion where we may it will be with the prior verifiable consent from their parent or legal guardian.

Use of Automated decision-making and profiling

We do not use automated decision-making and profiling.

Data Breaches and reporting

If it become apparent that a potential data breach has occurred, we will endeavour to report this to the ICO within 72 hours of the becoming aware of the breach. This will be the case if the data breach is likely to result in damage to a person’s reputation, financial loss, loss of confidentiality, or major financial or social disadvantage.  If the breach is likely to result in the risk to your rights and freedoms of the we will also contact, you without due delay.

Data breaches will be reported to the ICO on the breach helpline 0303 123 1113

How to complain

The GDPR give you the right to complain with the Information Commissioner, or phone 0303 123 1113.

Changes to this policy

This Policy was published in January 2019

We may change this policy from time to time. When we do will inform you via our website or other means of communication, e.g. email.

How to contact us

Please contact us by post, email or telephone if you have any questions about this privacy policy.

Dualchas Architects Ltd

Fàs Building

Sabhal Mòr Ostaig

Isle of Skye

IV44 8QR

Email: [email protected]

01471 833 300