Effective Date: 04.01.2025

Dreytons Housing Limited ("Dreytons," "we," "our," or "us") is committed to protecting your privacy and ensuring that your personal data is handled in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, store, and share your personal data.

1. Data Controller

Dreytons is the data controller responsible for processing your personal data. If you have any questions or concerns about this policy, please contact us at:

• Email : data@dreytons.com
• Phone : 020 8088 0848
• Address : The Print House, Ashwin Street, London E8 3DL

2. Personal Data We Collect

We may collect and process the following categories of personaldata:

• Contact Information: Name, email address, phone number, and postal address.
• Identity Information: Date of birth, government-issued ID (e.g., passport or driver’s license).
• Financial Information: Bank account details, payment card information, and financial history.
• Property Information: Details about properties you own, rent, or manage through Dreytons.
• Communication Data: Correspondence via email, phone, or other communication channels.
• Technical Data: IP address, browser type, and usage data from our website.

3. How We Collect Your Personal Data

We collect personal data in the following ways:

• Direct Interactions: When you provide information through forms, contracts, or communication with us.
• Third Parties: From references, credit agencies, or public databases as part of due diligence.
• Automated Technologies: When you interact with our website or email communications.

4. How We Use Your Personal Data

We use your personal data for the following purposes:

• Property Management Services: To facilitate rental agreements, maintenance requests, and tenant communications.
• Legal Compliance: To comply with legal and regulatory requirements, such as anti-money laundering (AML) checks.
• Billing and Payments: To process rent payments, deposits, and other financial transactions.
• Marketing Communications: To send you updates, promotions, and news about our services (with your consent where required).
• Customer Support: To respond to inquiries, complaints, or service requests.

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: Where you have given clear consent for us to process your data.
• Contractual Obligation: To fulfill contracts entered into with you.
• Legal Obligation: To comply with legal or regulatory requirements.
• Legitimate Interests: To improve our services and ensure the security of our operations.

6. Data Sharing

We may share your personal data with the following parties:

• Service Providers: Third-party vendors who assist with IT, payment processing, and other services.
• Legal Authorities: To comply with legal obligations or respond to lawful requests.
• Business Partners: Where necessary for the delivery of services you have requested.
• Others: With your explicit consent or as required by law.

7. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. When the data is no longer needed, we will securely delete or anonymize it.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse. This includes encryption, secure storage systems, and access controls.

9. Your Rights

Under the GDPR, you have the following rights:

• Access: Request access to the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request the deletion of your personal data where applicable.
• Objection: Object to the processing of your data for specific purposes.
• Portability: Request transfer of your data to another service provider.
• Withdraw Consent: Withdraw your consent at any time where processing is based on consent.

To exercise these rights, please contact us using the details provided above.

10. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your information in accordance with GDPR requirements.

11. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The updated policy will be posted on our website, and we encourage you to review it regularly.

12. Complaints

If you believe we have not handled your personal data in accordance with this Privacy Policy, you can file a complaint with the relevant supervisory authority, such as the Information Commissioner’s Office (ICO) in the UK.

Thank you for trusting Dreytons with your personal data. Your privacy is important to us.