Privacy Policy

• information that you provide by filling in forms on https://www.chrispotter.co.uk, e.g. enquiry forms and online job applications
• information when you engage with us on our social media channels
• if you contact us by email, post, fax or phone, we may keep a record of the correspondence
• information relating to third party contracts (contractors, consultants, suppliers & clients) e.g. names and contact details, contractual information and payment details.

The Practice processes this data for a number of reasons

• To enter into a professional contract and to meet its obligations under the contract. For example, it needs to process data to provide clients with  terms of service, to pay invoices, to ensure legal compliance for matters such as health and safety and to check credit information where necessary.
• In other cases, the Practice has a legitimate interest in processing personal data.  Processing this data allows the Practice to
• Keep clients informed on key information regarding a project
• Inform all third parties of information relating to key business changes that may affect them
• Respond to any queries and complaints
• Maintain accurate and up-to-date supplier, contractor/consultant and client contact details (including details of who to contact in the event of an emergency)

Photography may also be taken as part of the standard project process- this may include pictures of both internal and external spaces (including residential sites). Consent will always be relied upon in these instances.

From time to time Chris Potter Associates where appropriate will use social media to engage with its following and to update the community on key business activities which may include details from your organisation, any posts containing personal data will be subject to us receiving consent from that party.

• Your information may be shared internally, including with the Partners, Managers and  technical staff working on the specific project, the accounts department and the IT Manager if access to the data is necessary for performance of their roles.
• The practice may complete a business credit check of financial reliability of a client; this is processed using  ‘Risk disk’.
• The practice may share your information with a supply chain sub contractor working with us if it is necessary to complete the work.
• The Practice will not transfer your data to countries outside the European Economic Area.

The Practice takes the security of your data seriously. The Practice has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed by anyone that is not authorised to.

Where the Practice engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

The Practice will hold your personal data for the following time periods:

• Contact information and relevant correspondence relating to the project it is associated to- 6 years for legal requirements.
• Bank Details and payment records- 6 years for accounting purposes.
• Contact details of residents that we have been contracted to work on- on completion of the contract.
• Photography of personal homes for the purpose of surveys and other relevant project work- 6 years for legal requirements.

As a data subject, you have a number of rights. You can:

• access and obtain a copy of your data on request
• require the Practice to change incorrect or incomplete data
• require the Practice to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
• object to the processing of your data where the Practice is relying on its legitimate interests as the legal ground for processing.
• If you would like to exercise any of these rights, please contact the Practice where we will look to resolve the issue. If you believe that the Practice has not complied with your data protection rights, you can complain to the Information Commissioner.

We may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. Some of the cookies we use are essential for the site to operate. If you continue to use our site, you agree to our use of cookies.

You can block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies as soon you visit our site.

In addition, we may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.