VALUATION
SEARCH
HOME

PRIVACY POLICY

Effective Date: 1st January 2021
Last Updated: 1st June 2025

This Privacy Policy (“Policy”) sets forth the principles, rights, and obligations associated with the collection, processing, storage, transfer, disclosure, and disposal of personal data by Spartan Property Estate Agents Ltd, a company incorporated and registered in England and Wales with company number 13923165 and registered office at Dobson House, Regent Farm Road, Gosforth, Newcastle upon Tyne, NE3 3PF (“Company”, “we”, “us”, or “our”), acting as a Data Controller under applicable data protection legislation, including the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018 (“DPA 2018”), the Privacy and Electronic Communications Regulations 2003 (“PECR”), and, where applicable, the EU General Data Protection Regulation (“EU GDPR”).

1. DEFINITIONS

“Data Controller” means the natural or legal person who determines the purposes and means of the processing of personal data.
“Data Processor” means a natural or legal person who processes personal data on behalf of the controller.
“Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”).
“Processing” means any operation or set of operations performed on personal data, whether or not by automated means.
“Special Category Data” means personal data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a natural person’s sex life or sexual orientation.
“Supervisory Authority” means the Information Commissioner’s Office (“ICO”) in the United Kingdom.

2. SCOPE OF APPLICATION

This Policy applies to all processing of personal data collected through our websites, online platforms, applications, communication channels, telephone, physical office visits, contractual engagements, and any ancillary service or tool offered by or on behalf of the Company.

3. LAWFUL BASIS FOR PROCESSING

We process personal data in accordance with Article 6(1) and, where applicable, Article 9(2) of the UK GDPR. The lawful bases relied upon may include, but are not limited to:

  • Consent: freely given, specific, informed and unambiguous.

  • Contractual necessity: processing required for the performance of a contract.

  • Legal obligation: to comply with legal and regulatory obligations.

  • Legitimate interests: pursuing our legitimate business interests unless overridden by the interests or fundamental rights and freedoms of the data subject.

  • Vital interests: where processing is necessary to protect someone’s life.

4. TYPES OF DATA COLLECTED

We may collect, process, and retain the following categories of personal data, including but not limited to:

4.1 Identity and Contact Data

  • Full name, date of birth, national insurance number, passport or driving licence details.

  • Residential and business addresses, email address(es), telephone numbers.

4.2 Financial and Transactional Data

  • Bank account information, credit history, mortgage details, payment card data, rental or sales transaction records.

4.3 Technical and Usage Data

  • IP address, browser type and version, time zone setting, device identifiers, location data, access logs, cookies, and other tracking technologies.

4.4 Marketing and Communication Data

  • Preferences in receiving marketing communications, contact history, customer feedback.

4.5 Special Category Data

  • Only where explicitly necessary, such as for accessibility requirements or as required for Anti-Money Laundering (“AML”) compliance.

5. SOURCES OF DATA COLLECTION

We obtain data directly from:

  • Data Subjects (e.g., via online forms, telephone, in-person interactions)

  • Public registers (e.g., Land Registry)

  • Credit reference agencies

  • Professional advisers (e.g., solicitors, accountants)

  • Regulatory and enforcement agencies

  • Social media platforms where interaction occurs

6. PURPOSES FOR DATA PROCESSING

We process personal data for the following non-exhaustive purposes:

  • To facilitate property sales, lettings, and valuations.

  • To fulfil contractual obligations to vendors, buyers, landlords, and tenants.

  • To comply with legal obligations, including AML and right-to-rent checks.

  • To respond to queries, complaints, and requests.

  • To maintain internal business records and accounts.

  • To enhance customer experience and website functionality.

  • To conduct direct marketing and promotional campaigns (subject to opt-out rights).

  • To facilitate dispute resolution and enforce legal rights.

7. AUTOMATED DECISION MAKING AND PROFILING

We do not conduct automated decision-making or profiling that produces legal or similarly significant effects on individuals without human intervention. If such practices are introduced in future, we shall update this Policy accordingly and ensure the appropriate safeguards under Article 22 UK GDPR.

8. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, scripts, and analytics tools (e.g., Google Analytics) to collect usage data. Where required, explicit consent will be sought in accordance with PECR and cookie consent requirements.

Details of the cookies in use can be found in our separate [Cookie Policy].

9. DATA SHARING AND DISCLOSURE

We may disclose personal data to the following third parties where lawful and proportionate:

  • Service providers, including IT support, marketing agencies, and CRM systems.

  • Rightmove, Zoopla, and other property platforms.

  • Legal and financial advisers.

  • Governmental and regulatory authorities.

  • Law enforcement agencies pursuant to a lawful request.

  • Utility companies or contractors, where relevant to property management.

All third parties are contractually bound by confidentiality and data protection obligations pursuant to Article 28 UK GDPR where acting as Data Processors.

10. INTERNATIONAL TRANSFERS

Where personal data is transferred outside the UK to jurisdictions without an adequacy decision, such transfers shall be governed by appropriate safeguards, including Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or other lawful mechanisms under Article 46 UK GDPR.

11. DATA RETENTION

Personal data shall be retained only for as long as is necessary to fulfil the purposes outlined herein, including legal, regulatory, tax, accounting, and reporting obligations.

Retention periods shall be determined based on:

  • Statutory requirements (e.g., AML records retained for five years)

  • Contractual necessity

  • Legitimate business needs

  • Data minimisation principles

Anonymised or aggregated data may be retained indefinitely for analytical and statistical purposes.

12. DATA SUBJECT RIGHTS

Data Subjects are entitled to exercise the following rights under UK GDPR, subject to exemptions and limitations under the DPA 2018:

  • Right of access – obtain a copy of your personal data.

  • Right to rectification – correct inaccurate or incomplete data.

  • Right to erasure – request deletion of data in certain circumstances.

  • Right to restrict processing – request a pause or limitation on processing.

  • Right to data portability – receive personal data in a structured, commonly used format.

  • Right to object – object to processing based on legitimate interests or direct marketing.

  • Right not to be subject to automated decision-making without meaningful human involvement.

  • Right to lodge a complaint with the ICO.

To exercise any of the above rights, please contact us using the details below.

13. SECURITY MEASURES

We implement robust technical and organisational measures to protect personal data, including:

  • Encrypted data storage and communications (SSL/TLS)

  • Access controls and role-based permissions

  • Regular vulnerability scans and penetration testing

  • Staff training in data protection

  • Secure destruction of physical and digital records

14. CHILDREN’S DATA

We do not knowingly collect or process personal data of individuals under the age of 18 without the verifiable consent of a parent or legal guardian. Any such data identified shall be securely deleted.

15. CHANGES TO THIS POLICY

We reserve the right to amend this Policy from time to time. Any changes shall take effect upon publication on our website or notification to Data Subjects where appropriate. Continued use of our services after such changes shall constitute acceptance of the revised Policy.

16. CONTACT INFORMATION

For questions, concerns, or to exercise your data protection rights, please contact:

Data Protection Officer
Spartan Property Estate Agents Ltd
Dobson House, Regent Farm Road
Gosforth, Newcastle Upon Tyne, NE3 3PF
Email: contact@spartanproperty.co.uk
Telephone: 0191 470 1815

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at:

https://ico.org.uk/
Tel: 0303 123 1113
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF