Privacy Policy
This Privacy Policy (together with our Terms and Conditions of Appointment) defines how Fern process and use your “Personal Data” as a Client or Contact and our obligations under the General Data Protection Regulations [GDPR].
The provision of Personal Data is a contractual requirement of the Appointment documents and is necessary for the delivery of your project. Failure to provide this Personal Data could result in an inability of Fern to undertake this project delivery and could result in the frustration, and therefore termination, of the Appointment contract.
Definitions:
Personal Data – Any information relating to an identified or identifiable natural person (Data Subject).
Special Categories of Personal Data – The special categories of Personal Data specifically include genetic data, and biometric data where processed to uniquely identify an individual. Other examples include racial and ethnic origin, sexual orientation, health data, trade union membership, political opinions, religious or philosophical beliefs.
Data Subject – A natural person who can be identified directly or indirectly by reference to identifiers such as a name, an email address, home address, online identifiers such as an IP address or to other factors specific to that natural person.
Data Controller – A natural or legal person / body who determines the purposes and means of Processing the Personal Data.
Data Processor – A natural or legal person / body who processes the Personal Data on behalf of the Data Controller.
Processing – Any operations performed on Personal Data, whether or not by automatic means, such as collection, recording, storage, consultation, use, disclosure, erasure, etc.
Third Party – Any natural person or legal person / body other than the Data Subject, Data Controller or Data Processor.
Data Controller
Fern Architecture Limited is a limited company registered at 60 New Hey Road, Brighouse, HD6 3PZ, and acts as the Data Controller.
Our Contact details are:
Fern Architecture, 60 New Hey Road, Brighouse, HD6 3PZ
Tel: 01422 525 026
Email: info@fernarchitecture.com
Christopher Chapman (director) is the Data Protection Officer within the company.
Legal Basis for Processing Your Personal Data
Our legal basis for Processing your Personal Data is:
Contract – The Processing is necessary for the Appointment contract Fern have with you, or because you have asked us to take specific steps (including offering quotation) before entering into the Appointment contract;
Legitimate Interest – The Processing is necessary for the delivery of your project as outlined below.
Personal Data
Fern collect the following Personal Data:
Name
Personal email address
Job Title
Contact address including postcode
Project address including postcode
Personal telephone number
Medical needs (only where Fern are designing to accommodate such needs)
Basic family information (where Fern are designing to accommodate your family)
Other information which Fern are designing to accommodate specifically.
Personal Data Use
Information Fern collect may be used for:
Responding to your enquiry by supplied contact details via email, telephone or post;
To maintain contact and communications with you during the course of your project or potential project;
For the administration of your project or potential project;
Completion of applications on your behalf (eg. planning applications, building regulations applications, etc);
Preparation of quotations, appointment documents, tender documents and building contracts;
For identification on all construction documents;
For attaining quotations from Consultants / Contractors on your behalf;
To maintain our own records and accounts; or
To purchase goods or services from you.
Fern do not use your Personal Data for any form of automated decision making in our business.
Transfer of Personal Data
Fern do not sell or share your Personal Data to other Third Parties for uses outside of this project.
Fern do not sell or share your Personal Data to Third Parties for marketing purposes.
Where your project is used for marketing purposes as outlined in the Terms and Conditions of Appointment, all Personal Data will be removed prior to publication unless you give us your written consent.
Personal Data may only be shared with a Third Party where they are directly involved (or are being considered for direct involvement) in your project where it is necessary for us to fulfil our Appointment obligations.
Fern may transfer personal data outside the EEA, as encrypted cloud backups, as part of a cloud based collaboration system, or on a project by project basis where the Client or main supplier is based outside the EEA, in which case project team contact details may be shared with them for communication purposes only.
Personal Data Retention Period
Fern may retain your personal data for a period defined by the period of liability as stated in the Appointment documents, or for a minimum of 6 years from the end of the last company financial year (whichever is longer) for legal and accounting purposes.
Data Subject Rights
Unless subject to an exemption under GDPR, you have the following rights with your Personal Data:
to be informed of how your data will be Processed;to request a copy of the Personal Data Fern hold about you;to request rectification where data is found to be out of date or inaccurate;
to request erasure of your Personal Data where it is no longer necessary to retain such data (please see Personal Data retention period);
to withdraw your consent to Processing your Personal Data where consent was the lawful basis for Processing;
to request restrictions of the Processing of your Personal Data where there is a dispute relating to the accuracy or Processing of your Personal Data;
to provide you with your Personal Data and where possible, to transmit that Personal Data directly to another Data Controller (the right to data portability). This is to be provided in .pdf format by email;
to object to the processing of Personal Data where applicable.
Data Breach
Any Personal Data breach should be reported immediately to the Data Protection Officer.
If a breach of Personal Data is likely to result in a risk to your freedoms and rights, the Data Protection Officer must inform the Information Commissioner’s Office without delay, and in any event, within 72 hours of becoming aware of it. The Data Protection Officer must also inform you without undue delay.
Complaints
If you have any queries about your privacy rights under GDPR, or you are not satisfied with the Processing of your Personal Data, you can contact the Data Protection Officer (Christopher Chapman) at:
Address: Fern Architecture, 60 New Hey Road, Brighouse, HD6 3PZ
Tel: 01422 525 026
Email: info@fernarchitecture.com
If you are still not satisfied with the Processing of your Personal Data, you have the right to lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk/make-a-complaint/