Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulations 2018, the data controller is: Medway Exchange Limited, Unit 7-8 Diamond Court, Kingston Park, Newcastle upon Tyne, NE3 2EN.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy was last updated on 3rd May 2018.
What data we collect
- Your full name.
- Your date of birth.
- Your full address and postcode.
- Your job title, profession.
- Contact information including telephone numbers and email address.
- Information and Documents in relation to the property where we are instructed to act for you during the conveyancing.
- Information in relation to the source of funds for any purchase, or information in relation to the distribution of completion monies.
- Information that you provide by filing in forms on site; www.medway-law.co.uk (“this website”). This includes information provided at the time of registering to use this site, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with this website.
- If you contact us, we may keep a record of that correspondence.
- Your IP Address.
- Details of your visits to this website and the resources that you access.
Why we collect this information
We require this information in order to understand your needs and provide you with a complete auction service, and in particular for the following reasons:
- As part of the legal requirement of any contract entered into with you
- In order to establish identity and carry out Anti Money Laundering checks as required under The Money Laundering Directives 2017.
- To allow us to effectively act for you during your transaction, such as conveyancing, auction pack generation, transfers of equity or re-mortgage.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To ensure that content from this website is presented in the most effective manner for you and your computer.
- Internal record keeping.
- We may use the information to improve our products and services.
How we use your personal information
The personal information we collect from you will be used for identification and purposes in addition to creating a profile to provide you with our relevant products or services. We use and analyse this personal information where necessary for the following purposes detailed below:
- To improve our products and services: we use your personal information to build a profile to understand your individual requirements and personalise the services we offer you.
- Processing your transaction: we use relevant personal information described above (including your name, address and date of birth) to enable us to complete a transaction with you. This information may be required to be passed on to IAM Sold Limited, your Estate Agent, solicitors, surveyors and financial advisors.
- Prevention of fraud and Money Laundering: we will use your personal information to allow us to meet our obligations in the prevention of money laundering and fraud. For this purpose, we may share your personal information with our referencing provider; LexisNexis. This is necessary for the purposes of our legitimate interests in ensuring we are not the victim of fraud and to protect our legal rights.
- Customer Support: if you contact our team, or vice versa, we will use personal information (such as your address, telephone number and email address), as well as your contact history to provide you with the best service possible. We will process your personal information in this way if it is necessary for the performance of a contract, or if it is required for us to comply with any legal obligations. If it is not necessary to process your personal data for either of these reasons we will process it as it is necessary for the purposes of our legitimate interests in ensuring, we can provide the best service possible.
- Website experience: if you are logged in to your Account on our website we may alter the way the website works to improve and/or enhance the information displayed to you, or to optimise the way you interact with the website.
With Separate Consent
- Marketing: when you sign up to receive our mailings, register as an applicant, enter in to a transaction with us, provide feedback on our service online or use our website; we will use your personal information to create a profile based on the information we hold about you. This is necessary for the purposes of our legitimate interests in ensuring we have accurate information about you in one place. We create your profile in accordance with your preferences to provide you with a personalised marketing experience.
- Notify you about changes to our service.
- Use your information to contact you for market research purposes either by email, phone or mail. We may use the information to customise the website according to your interests.
How data is stored
Your data is stored within an electronic database system accessed by employees of MEDWAY. Employees of ISG may also have access to this data on a restricted basis where necessary, for instance where technical or account support is required. Paper copies of your data may also be stored securely and accessed by employees of MEDWAY.
All digital information you provide to us is stored in the UK & Ireland on our secure (password and firewall protected) servers and all paper-based information is also securely stored in the UK. All electronic transactions and data transmissions between your Device and our Website will be encrypted using industry-standard SSL (Secure Socket Layer) technology; and our website has a SSL certificate. Unfortunately, the transmission of information via the internet is not completely secure and so we cannot guarantee the security of any data sent over the internet between your Device and our Website. Any such data transmission is at your own risk.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, as part of our secure backups and data disaster recovery procedures. The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
By submitting your personal data to us, you agree to this transfer, storing or processing.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps use analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help up provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You will be given the option to accept or decline cookies. Declining cookies may prevent you from taking full advantage of the website.
Disclosure of your information
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company (ISG) and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If all or substantially all of Medway Exchange Limited’s assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Controlling your personal information
You have the right to ask us not to process your personal data for marketing purposes, to alter your preferences for the type of marketing content you receive, such as properties for sale, information about related services etc. Or to alter the methods via which you receive marketing correspondence from us. For example: via email, text, post or phone call.
We will inform you, before collecting your data, if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a form on the website you will be asked to “opt in” where you wish for your information to be used for direct marketing purposes.
- We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
- As part of our complete auction service offering, MEDWAY may discuss services from our sister companies or third parties which may be of interest to you. However, your personal information will not be provided to these parties without your prior consent.
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org.
Right to Access and the Correction of your personal information
If you believe that any information we are holding on you is incorrect or incomplete, please write to the address above as soon as possible. We will promptly correct any information found to be incorrect.
Under the General Data Protection Regulations 2018, you also have the right to ask for a copy of your personal information and to correct any inaccuracies.
Requests can be made in writing or via email and Medway Exchange Limited will respond to your request for information within 30 days of the date your request is received. If you would like a copy of the information that we hold about you, please write to:
Data Protection Officer, Medway Exchange Ltd, 6 Floor Arden House, Regent Centre, Gosforth, Newcastle upon Tyne, NE3 3LU.
We will require 2x Certified Identification Documents to be provided in order to comply with any request in order to ensure your personal information is protected.
Medway Exchange Limited reserve the right to refuse or make a charge for requests that are manifestly unfounded or excessive and should a request be refused you will be advised as to the reasons why. Where a request is refused, you will be able to refer the matter to the Council for Licensed Conveyancers and Medway Exchange Limited will provide you with the information you will need to allow you to do so.
Right to be Forgotten
You have the right to request that your personal data is erased and MEDWAY will action your request provided there is not a lawful reason not to do so. When your request is received, MEDWAY will provide you with the date in which your data will be erased. Your data will not be processed or shared, unless there is a legal or lawful requirement for us to do so, during this time.
Personal Data Breaches
In order to comply with applicable law, MEDWAY has implemented procedures to detect, report and investigate personal data breaches. A data breach is defined by the Information Commissioner’s Office (ICO) as;
“A breach of security leading to the destruction, loss, alteration, unauthorised disclosure or, or access to, personal data.”
The ICO will be informed of any data breaches which present a high risk to our clients and customer’s rights and freedoms and in line with applicable law, a notifiable breach will be reported within 72 hours of us becoming aware of it. The individual(s) involved will also be informed.
Should you have any questions