The Brentford Logo
  1. IntroductionWelcome to the Ballymore privacy notice. At Ballymore we are committed to ensuring that your
    privacy is protected. This privacy notice explains how we will collect your personal data and how
    we use your personal data. This means information that relates to you as an identifiable person or
    ‘data subject’ and therefore constitutes ‘personal data’ as defined by the General Data Protection
    Regulation (“GDPR”).

    Ballymore Development Management Ltd (“BDML”), Ballymore Asset Management Ltd
    (“BAML”) and Ballymore Construction Services Ltd (“BCSL”), members of the Ballymore
    group, will act as a data controller of your personal data. Throughout this privacy notice BDML,
    BAML and BCSL are referred to collectively as “Ballymore”, “we” or “us”.

    Ballymore are committed to protecting the rights and privacy of individuals and complying with the
    GDPR. We consider your privacy to be of utmost importance and want you to be confident that your
    personal data is kept safely and securely and for you to understand how it is used. As such, this
    privacy notice sets out the following information:

    • What data we collect from you;
    • Why we collect this data and what is the legal basis for processing it;
    • Who we share your data with and why;
    • How long we will keep your data; and
    • What your rights are.
  2. Our role2.1. As data controllers of any personal data collected Ballymore will determine the purposes and
    way in which such personal data are, or will be, processed.

    2.2. Our full contact details are:

    • Ballymore Development Management Ltd, 4th Floor 161 Marsh Wall, London, England And Wales,
      United Kingdom, E14 9SJ. Our registered company number is 08874050.

    We have appointed a data protection team (DPT) who are responsible for overseeing questions in
    relation to this privacy notice. If you have any questions about this privacy notice, including
    any requests to exercise your legal rights, please contact the DPT at
    datadepartment@ballymoregroup.com</a >
    or by writing to the address at 2.2 above marked for the attention of the Data Protection Team,
    Data Department.

  3. Important information3.1. This privacy notice was last amended on 3 April 2023. It supersedes any earlier versions.

    3.2. It is important that you read this privacy notice together with any other privacy notice or
    fair processing notice we may provide on specific occasions when we are collecting or processing
    personal data about you so that you are fully aware of how and why we are using your data. This
    privacy notice supplements the other notices and is not intended to override them.

    3.3. It is important that the personal data we hold about you is accurate and current. Please keep
    us informed if your personal data changes. You can ask us to rectify or update your personal
    information at any time by contacting us at
    datadepartment@ballymoregroup.com</a >.

  4. What information do we hold?4.1. We may hold and processing the following categories of personal data:
    • Identity Data
    • Contact Data
    • Financial Data
    • Transaction Data
    • App Usage Data
    • Technical Data
    • Profile Data
    • Marketing and Communications Data
    • Health Data
    • Security Systems Data
    • Special Categories of Personal Data

    See the glossary at the end of this policy for more details of each category.

    4.2. We also collect, use and share aggregated data such as statistical or demographic data to
    help us manage services, for example to monitor access into leisure facilities or car park to
    track peak periods. This aggregated data may be derived from your personal data but is no longer
    personal data as it does not directly or indirectly reveal your identity.

  5. How do we obtain this information?We use different methods to collect data from and about you including:

    5.1. From you directly.

    This includes personal data you provide when you:

    • 5.1.1. Telephone, email us or visit us in person;
    • 5.1.2. Create an account on one of our websites or other Ballymore applications where
      available or contact us through social media;
    • 5.1.3. buy, sell, rent, let, lease, licence or reserve a property
    • 5.1.4. arrange a viewing for a property or showroom;
    • 5.1.5. request information about our properties, or related goods and services we may offer
    • 5.1.6. subscribe to our any services or publications that we offer
    • 5.1.7. Attend one of our social events;
    • 5.1.8. enter a competition, promotion or survey; or
    • 5.1.9. Provide feedback.

    5.2. From third parties.

    We may receive personal data about you for the following third parties and public sources:

    • 5.2.1. Technical Data from analytics providers such as Google Tag Manager, Google Analytics,
      Google Adwords, Facebook Pixel, Twitter, DoubleClick, Addthis, BlueKai, Turn Inc., DataXu,
      AdGear, Weborara, Semasio, Yahoo Analytics, Visual Website Optimiser; and from the providers
      of software which we use on our websites, including Salesforce, Google Tag Manager, Lotame,
      Crimtan, DataXu and Response Tap.
    • 5.2.2. Contact, Financial and Transaction Data from providers of technical, payment and
      delivery services such as Barclays Bank PLC;
    • 5.2.3. Identity and Contact Data from publicly availably sources such as the Land Registry,
      Companies House, and the Electoral Register.

    5.3. Automatically collected from or about you or your device.

    As you interact with our website, we may automatically collect Technical Data about your
    equipment, browsing actions and patterns. We collect this personal data by using cookies, server
    logs and other similar technologies. We may also receive Technical Data about you if you visit
    other websites employing our cookies. Please see our cookie policy for further details.

    Where we need to collect personal data by law, or under the terms of a contract we have with you
    and you fail to provide that data when requested, we may not be able to perform the contract we
    have or are trying to enter into with you. If this is the case, we will notify you at the time.

  6. How do we use your information?6.1. In the table below, we have summarised the purposes for which we may use your personal data
    and the lawful basis for this. If we need to process your personal data for a different purpose
    that is not compatible with the original purpose, then we will let you know.

    6.2. We may process your personal data for a different purpose than listed below and without your
    consent where it is necessary for us to comply with our legal obligations.

    6.3. Where our processing of your data is based on your consent, you may withdraw your consent at
    any time by contacting
    datadepartment@ballymoregroup.com</a >, at which point we will cease to process your personal data for the purposes to which the
    consent applies.

    6.4. Note that we may process the lawful basis on which we rely to process your personal data may
    vary depending on the purpose for which we are using your data. Please contact us via the Data
    Protection Team (datadepartment@ballymoregroup.com</a >) if you need details about the specific legal ground we are relying on to process your personal
    data where more than one ground has been set out in the table below.

    Purpose / Activity Type of Data Lawful basis for processing including basis for legitimate interest
    To communicate with you, handle queries and complaints, manage our relationship
    with you and administer our business.
    Identity

    Contact

    Financial

    Transaction

    Necessary for our legitimate interests in running our business, keeping our
    records updated and executing our responsibility as Managing Agent.
    To register you as a new customer Identity

    Contact

    Profile

    Marketing and Communications

    Necessary for our legitimate interests in keeping records of our customers.
    To facilitate the reservation, purchase, sale, renting, leasing, or licensing of a
    property.
    Identity

    Contact

    Financial

    Transaction

    Marketing and Communications

    Performance of a contract or potential contract with you

    Necessary for our legitimate interests

    To facilitate the collection of service charge payments and ground rent payments
    due under your contract, including collection by selected third parties.
    Identity

    Contact

    Financial

    Transaction

    Performance of a contract with you.
    To verify your identity, verify your eligibility for certain services, conduct
    credit reference checks, prevent or detect fraud or money laundering.
    Identity

    Contact

    Financial

    Transaction

    Necessary to comply with a legal obligation, where this processing is comply
    with anti-money laundering legislation.

    Otherwise, we rely on the processing being necessary for our legitimate
    interest in assessing customers’ credit-worthiness and ensuring we are not
    defrauded.

    To verify your identity in order to verify your eligibility for access to certain
    services and Ballymore properties in order to prevent or detect unauthorised use
    (such as a lease infringement).
    Identity

    Contact

    Profile

    Financial

    Transaction

    Security Systems

    Necessary for our legitimate interests in protecting property and maintaining the
    security of our estate.
    To manage our relationship with you, including:

    Asking you to leave a review or take a survey or provide feedback on our
    services.

    Notifying you about changes to our terms or privacy notice.

    Enabling you to participate in events, competitions and surveys.

    Identity

    Contact

    Usage

    Profile

    Marketing and Communications

    Necessary for our legitimate interests: to keep our records updated, to study how
    customers use our websites/services, and to develop and grow our business.
    To provide customer support such as Sales services, Concierge and Front of House
    services, Helpdesk services, Security services, facilities services, parking
    services, etc.
    Identity

    Contact

    Financial

    Usage

    Profile

    Security Systems

    Provision of services which are necessary to perform our contract with you.
    To provide our key authorisation service, allowing you to leave your keys with us
    for others to collect.
    Identity

    Contact

    Profile

    Security Systems

    Performance of a contract with you.
    To enable you to use our gym facilities Special Categories – health information Consent
    To administer and protect our business and network security including websites
    (including troubleshooting, data analysis, testing, system maintenance, support,
    reporting and hosting of data).
    Identity

    Contact

    Profile

    Technical

    Usage

    Security Systems

    Necessary for our legitimate interests (for running our business, provision of
    administration and IT services, network security, to prevent fraud and
    unauthorised access).
    To deliver relevant website content and advertisements to you and measure or
    understand the effectiveness of the advertising we serve to you to include
    permitting selected third parties to assist in improvement and optimisation of
    marketing material and content, our services and the websites / applications.
    Identity

    Contact

    Profile

    Usage

    Marketing and Communications

    Technical

    Necessary for our legitimate interests (to study how customers use our
    website/services, to develop them, to grow our business and to inform our
    marketing strategy).
    To use data analytics to improve our websites, products/services, marketing,
    customer relationships and experiences.
    Technical Usage Necessary for our legitimate interests (to define types of customers based on
    their age, gender and interests for our products and services, to keep our
    websites updated and relevant, to develop our business and to inform our marketing
    strategy).
    To ensure that content from our websites and our applications are presented in the
    most effective manner for you and your device.
    Identity

    Contact

    Financial

    Transaction

    Technical

    Necessary for our legitimate interests (to develop our products/services and grow
    our business and provision of administration and IT services).
    To make suggestions, recommendations and provide information to you about goods or
    services that may be of interest to you
    Identity

    Contact

    Technical

    Usage

    Profile

    Necessary for our legitimate interests (to develop and grow our business)
    where these suggestions and recommendations are made by post.

    Where these communications are electronic, we rely on your consent.

    To comply with requirements imposed by law or any court order. Identity

    Contact

    Financial & Transaction Employment Related Technical

    Usage

    Security Systems

    Necessary to comply with our legal obligations

    6.5. Marketing and promotional offers

    6.6. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what
    we think you may want or need, or what may be of interest to you. This is how we decide which
    properties, services and offers to send you (we call this marketing).

    6.7. You will receive marketing communications from us via the channels you have selected (for
    example phone, email, SMS, push notifications) where you have opted in to receiving that
    marketing.

    6.8. You can ask us to stop sending you marketing messages at any time by contacting the Data
    Protection Team or by following the opt-out links on any marketing message sent to you.

    6.9. If you do withdraw your consent to marketing, this will result in us ceasing to directly
    market goods and services to you, but we will still process your personal data in order to fulfil
    our contract with you and in accordance with our legal, accountancy and regulatory obligations.

    6.10. We will get your express opt-in consent before we share your personal data with any company
    outside the Ballymore Group for their own marketing purposes. You have the right to withdraw
    consent for us to pass your information to third parties for marketing purposes. If you no longer
    wish to be contacted by third parties for marketing purposes, please follow the instructions in
    their marketing communications, or consult their privacy policies about how to unsubscribe

    6.11. Cookies and remarketing

    Link to the Cookie Policy can be found here.

  7. Who we share your data withWe work with a number of trusted partners, suppliers, contractors and businesses in order to
    deliver the range of services we provide. We may share your personal data with the parties set out
    below for the purposes outlined in the table in section 6.

    7.1. Ballymore Group companies

    As set out in this privacy notice, we are part of the Ballymore group. The ‘Ballymore’ brand is
    licensed to a range of companies within the Ballymore Group who sell, market and manage Ballymore
    branded and co-branded property developments (which we refer to as ‘Ballymore Group’ companies).
    We share your personal data with such companies, which are based in the United Kingdom, Ireland
    and Jersey.

    7.2. External Third Parties

    We may also share your personal data with external third parties, such as:

    • 7.2.1. Joint venture partners of Ballymore branded or co-branded property developments, who
      may be based outside of the UK and EU.
    • 7.2.2. Estate agents acting as processors, such as Savills, Johns & Co, Foxtons, CBRE,
      Knight Frank, JLL based both within and outside the UK and EU who provide property marketing
      services.
    • 7.2.3. Managing agents acting for us or the Ballymore Group company that you have a contract
      with, who provide management services to Ballymore branded or co-branded properties.
    • 7.2.4. Property related businesses acting as processors for us, such as property managers and
      furniture providers such as Johns and Co and David Phillips based in the United Kingdom
      (subject to your consent).
    • 7.2.5. Professional advisors acting as processors for us or the Ballymore Group company that
      you have a contract with including lawyers, bankers, auditors and insurers based in the United
      Kingdom and Ireland who provide consultancy, banking, legal, insurance and accounting
      services.
    • 7.2.6. Service providers acting as processors for us or the Ballymore Group company that you
      have a contract with who provide database, IT and system administration services, such as
      Salesforce and Egnyte which are based in the USA.
    • 7.2.7. Freeholders (and other legal entities within the property owning structure) of the
      developments in which the property you own or rent is located.
    • 7.2.8. Marketing, communication and survey providers / advisors acting as processors for us or
      the Ballymore Group company that you have a contract with, such as MailChimp based in the USA
      or In-House Research based in the United Kingdom.
    • 7.2.9. HM Revenue & Customs, National Crime Agency, the National House-Building Council,
      local authorities, regulators and other authorities based in the United Kingdom who require
      reporting of processing activities in certain circumstances.
    • 7.2.10. Banks and payment processing companies who complete financial transfers and
      transactions.
    • 7.2.11. Anti-money laundering agencies, which may be based outside of the UK and EU.
    • 7.2.12. Human resources consultants who provide advice and support to Ballymore and its
      employees relating to matters of employment law.
    • 7.2.13. Maintenance contractors and service providers who undertake a range of activities for
      us or the Ballymore Group company that you have a contract with, such as maintenance on
      building services and systems, security services, billing services, etc.
    • 7.2.14. Third parties to whom we may choose to sell, transfer, or merge parts of our business
      or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a
      change happens to our business, then the new owners may use your personal data in the same way
      as set out in this privacy notice.

    7.3. We require all third parties to respect the security of your personal data and to treat it in
    accordance with the law. We do not allow our third-party service providers to use your personal
    data for their own purposes and only permit them to process your personal data for specified
    purposes and in accordance with our instructions.

  8. International Transfer of your data8.1. Whenever we transfer your personal data out of the UK, we ensure a similar degree of
    protection is afforded to it by ensuring at least one of the following safeguards is implemented:

    8.2. Please contact us if you want further information on the specific mechanism used by us when
    transferring your personal data out of the UK. Please be aware that there may be circumstances
    where we are able to rely on a legal derogation from the requirement to implement an appropriate
    safeguard when making a transfer.

  9. How we keep your data safe and secureOnce we have received your personal data we will use reasonable and necessary procedures and
    security features to prevent unauthorised access. For example, we limit who can access your
    personal data to those individuals and third parties who need to know it and who are subject to a
    duty of confidentiality.

    If we become aware of a data breach we will notify the Information Commissioner’s Office. If
    we believe that the data breach is serious, we may notify you in accordance with our legal
    obligations.

  10. How long we keep your data10.1. We will only retain your personal data for as long as necessary to fulfil the purposes we
    collected it for, including for the purposes of satisfying any legal, accounting, or reporting
    requirements.

    10.2. To determine the appropriate retention period for personal data, we consider the amount,
    nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or
    disclosure of your personal data, the purposes for which we process your personal data and whether
    we can achieve those purposes through other means, and the applicable legal requirements.

    10.3. Please contact us if you would like a copy of our Data Retention Policy.

    10.4. In some circumstances we may anonymise your personal data (so that it can no longer be
    associated with you) for research or statistical purposes in which case we may use this
    information indefinitely without further notice to you.

    10.5. In some circumstances, you can ask us to delete your data: Please contact us for further
    information.

  11. What are your rights11.1. Under data protection laws you have the right to protect and look after your personal data.
    You have the right to:

    • 11.1.1. ask us for the personal data that we hold and process about you (this is often
      referred to as a data subject access request)
    • 11.1.2. object to the use of your personal data for marketing purposes;
    • 11.1.3. ask that any inaccurate information we hold about you is corrected;
    • 11.1.4. ask that we delete the personal data we hold about you in certain situations;
    • 11.1.5. ask that we stop using your personal data for certain purposes;
    • 11.1.6. ask that we do not make decisions about you using completely automated means; and/or
    • 11.1.7. ask that personal data we hold about you is given to you, or where technically
      feasible a third party chosen by you, in a commonly used, machine-readable format;
    • 11.1.8. complain to the Data Department at Ballymore
      datadepartment@ballymoregroup.com if
      you have any complaints or concerns about the way in which your personal data is processed.
      You can escalate your complaint to the Information Commissioner’s Office (the UK’s data
      protection supervisory authority) or the Data Protection Commission (the Irish data protection
      supervisory authority) if you are not satisfied with the company’s response.

    11.2. If you wish to exercise any of the rights set out above, please contact us at
    datadepartment@ballymoregroup.com. The rights listed above may apply only in certain
    circumstances, and so we may not always be able to comply with your request to exercise these
    rights.

    11.3. We will usually respond to a request from you to exercise your rights within 1 month of
    receipt, but it might take longer if your request is particularly complex or if you have made a
    number of requests. Please be aware that we may need to process your personal data and/or request
    specific information from you to help us comply with your request. You will not usually have to
    pay a fee to exercise these rights, but we reserve the right to charge a fee if your request is
    clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your
    request.

  12. Our responsibilities and how you can contact us about your dataAs detailed in Section 1, Ballymore will act as data controller in relation to personal data. This
    means that we have responsibilities in relation to that personal data. You can find out more and
    exercise the rights set out above by contacting us. In order to ensure that any such enquiry is
    dealt with promptly and efficiently, we recommend that in the first instance you contact our Data
    Protection Team at datadepartment@ballymoregroup.com and tell us what your enquiry relates to in
    the subject line.

    Should you feel that your personal data has not been processed in accordance with this privacy
    notice or that your data protection rights have been infringed, you can complain directly to the
    Information Commissioner’s Office who is the UK supervisory authority for data protection issues.

  13. Glossary of Data Categories
    • Identity Data
      • Full name;
      • Title;
      • Marital status;
      • Age / date of birth;
      • Gender;
      • username or similar identifier.
    • Contact data
      • Property address;
      • Alternative address;
      • Contact numbers and email address;
      • Place of employment;
    • Financial Data
      • Payment card details,
      • information contained within bank statements and bills and other information provided
        for anti money laundering checks;
      • Financial information (service charge demands, payments, arrears records, etc.);
      • Bank details;
    • Transaction Data
      • Transaction history including details about payments to and from you and other details
        of properties, goods or services you have purchased or rented from us or the Ballymore
        Group;
      • Conveyancing information;
    • App Usage Data
      • Information about how you use Ballymore websites and applications;
      • When you use Ballymore websites and applications (including date and time);
      • Download errors; Lengths of visits to certain pages;
      • Page interaction information;
      • Methods to browse away from our websites;
      • Information relating to behaviour and routine;
      • Information relating to activities and bookings;
      • Records from residents clubs and forums;
      • Vehicle details;
      • Data on energy usage;
      • Incident, Accident and Near Miss Reports;
      • Communications and complaints records
    • Technical Data
      • Internet Protocol (IP) address;
      • Log-in data;
      • Browser type ad version;
      • Time zone setting;
      • Location data;
      • Device cookie and identification;
      • Browser plug-in types and versions;
      • Operating system and platform;
      • Other identifying information required for your device to communicate with our
        websites.
    • Profile Data
      • Application or website usernames and passwords;
      • Purchases, orders or requests made by you;
      • Profession, age, gender;
      • Interests and preferences;
      • Feedback and survey responses.
    • Marketing and Communications Data
      • Preferences in whether you wish to receive marketing from us;
      • Communication preferences.
    • Health Data
      • Personal Metrics e.g. height/weight data
      • Medical Conditions;
      • Emergency Contacts.
    • Security Systems Data
      • CCTV images and recorded CCTV footage;
      • Audio recordings;
      • Access control registration details and access logs;
      • Vehicle database (ANPR).
    • Special Categories of Personal Data
      • Biometric data (for example, facial images or dactyloscopic data);
      • Data concerning health or special circumstances;
      • Health and fitness information;
      • Sexuality and marital status;
      • Criminal history or records of police communications.