Blocks Online is what’s known as the Controller and this privacy notice will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
This website is not intended for children and we do not knowingly collect data relating to children.
- Information you provide to us: We collect personal information when you voluntarily provide us with such information in the course of using our website or Services. For example, when you subscribe to notifications for our blog, if you make an enquiry through our website, or contact us in any other way, we will keep a copy of your communications with us.
- Information collected when we do business with you: We may process your personal information when you do business with us – for example, as a customer or prospective customer, or as a vendor, supplier, consultant, or other third party. For example, we will hold your business contact information and other communications you have with us for the purposes of maintaining our business relations with you. We also hold your bank account information if you signed up to a direct debit payment plan. We do not collect or hold card payment data.
- Information we automatically collect: We may also collect certain technical information by automatic means when you visit our website, such as IP address, browser type and operating system, referring URLs, your use of our website, and other clickstream data. We collect this information automatically through the use of various technologies, such as cookies.
- Information we process on our customers behalf: As part of using our Service, a customer will upload their clients’ data. We process this personal information on behalf of our customers in the context of supporting and providing our service. It is the customer who controls what data is collected and stored on our systems. For example, the customer uses our Service to store a record of all unit owner/lessee names and contact details of an apartment block they manage. In such cases, we are data processors acting in accordance with the instructions of our customers. You will need to refer to the privacy policies of our customers to find out more about how such information is handled by them.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. A legitimate interest includes some or all of the following:
- where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers.
- to identify and prevent fraud.
- to enhance the security of our network and information systems.
- to better understand how people interact with our websites.
- to provide postal communications which we think will be of interest to you.
- to determine the effectiveness of promotional campaigns and advertising.
Whenever we process data for these purposes we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times.
When we process your personal data for our legitimate interests, we will make sure that we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests - we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
You have the right to object to this processing if you wish, and if you wish to do so please inform us by contacting firstname.lastname@example.org.
Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.
We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We use SSL (Secure Sockets Layer) encryption – This is industry standard technology for establishing an encrypted link between a web server and a browser. Blocks Online uses the SHA-256 hashing algorithm, as used by many major corporations including Google, Amazon and eBay.
We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Third Party Processors
We do not sell or trade your personal information to third parties. We engage certain sub processors that process certain categories of personal data submitted to our Service. These sub processors are listed below and may be updated from time to time:
- Microsoft, Apple, Google, Mozilla, Yahoo, Facebook, Twitter, LinkedIn
- Companies House and HM Land Registry
Third Party Links
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- the right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of the personal information we hold (commonly known as a “data subject access request”)
- the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)
- the right to have inaccurate data rectified
- the right to object to your data being used for marketing or profiling; and
- where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Please note if your information is on our Service as part of a Customers uploaded data you will need to contact that Data Controller.
You can also unsubscribe from our marketing communications at any time by following the instructions or unsubscribe mechanism in the email message itself.
If we make material changes to this policy, we will notify Customers by email or through notice on the Service.
We have appointed a Data Privacy Manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
Data Privacy Manager: Dominic Jackson, Managing Director
Email Address: email@example.com
Postal address: 79 College Road, Harrow HA1 1BD
Telephone number: 020 3384 3418
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
The Cookies We Use
Some cookies are strictly necessary in order to enable you to move around the website and use its features. These cookies contain information about the user active session and enable us to provide our services. Without these cookies, we will not be able to provide certain features of our website. These cookies will always be enabled on our website.
We use analytic cookies to collect information about how people use our website. We do this to measure how visitors use our website and to understand how we can improve the website. Analytic cookies store information about the pages you visit, how long you are on the website, how you got there, what you click on and whether you have visited the website before.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.