Privacy Policy
Your privacy matters to us. Learn how we collect, use, and protect your personal data in accordance with UK GDPR regulations.
1. Who We Are
Convert to HMO is a UK-based company specializing in HMO (House in Multiple Occupation) conversion services. We are committed to protecting your privacy and handling your personal data in accordance with UK GDPR and the Data Protection Act 2018.
2. Information We Collect
We collect different types of information depending on how you interact with our services:
Personal Information You Provide
- Contact Details: Name, email address, phone number, postal address
- Property Information: Property address, type, current use, conversion requirements
- Financial Information: Budget range, financing details (when relevant to service provision)
- Communication Records: Emails, phone calls, meeting notes, consultation records
- Service Preferences: Preferred contact methods, consultation type, timeline requirements
Information Collected Automatically
- Website Usage: IP address, browser type, pages visited, time spent on site
- Device Information: Device type, operating system, screen resolution
- Cookies: Essential, functional, and analytics cookies (with your consent)
3. How We Use Your Information
We use your personal information for the following purposes:
Service Delivery
- Providing HMO conversion services and consultations
- Assessing property suitability and feasibility
- Creating architectural drawings and planning applications
- Managing building regulations and compliance
- Project management and coordination
Communication
- Responding to your enquiries and requests
- Scheduling consultations and site visits
- Providing project updates and progress reports
- Sending service-related notifications
Business Operations
- Processing payments and managing accounts
- Maintaining client records and project files
- Quality assurance and service improvement
- Compliance with legal and regulatory requirements
Marketing (with your consent)
- Sending newsletters and service updates
- Informing you about new services and offers
- Market research and customer feedback
4. Legal Basis for Processing
We process your personal data based on the following legal grounds under UK GDPR:
- Contractual Necessity: To provide the services you've requested
- Legitimate Interest: To operate our business, improve services, and ensure security
- Consent: For marketing communications and non-essential cookies
- Legal Obligation: To comply with building regulations, planning requirements, and tax obligations
5. Sharing Your Information
We may share your information with trusted third parties in the following circumstances:
Service Providers
- Architects and Surveyors: For property assessments and drawings
- Planning Consultants: For planning applications and council liaison
- Building Control Bodies: For regulatory compliance and approvals
- Contractors and Trades: For project delivery and construction work
Professional Advisors
- Legal advisors for contract and compliance matters
- Accountants for financial and tax requirements
- Insurance providers for professional indemnity coverage
Regulatory Bodies
- Local planning authorities for planning applications
- Building control departments for regulatory compliance
- HMRC for tax and financial reporting
Important Note:
We never sell your personal data to third parties. All data sharing is strictly for service delivery, legal compliance, or with your explicit consent.
6. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy:
- Client Records: 7 years after project completion (for tax and legal requirements)
- Project Files: 7 years (to support warranty claims and building regulations)
- Marketing Communications: Until you unsubscribe or withdraw consent
- Website Analytics: 26 months maximum
- CCTV Footage: 30 days (where applicable)
After retention periods expire, we securely delete or anonymize your data unless we have a legal obligation to retain it longer.
7. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your data (in certain circumstances)
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a portable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: For consent-based processing
To exercise any of these rights, please contact us using the details in the "Contact Us" section. We'll respond within one month of receiving your request.
Right to Complain:
If you're unhappy with how we handle your data, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk or call 0303 123 1113.
8. Data Security
We implement robust security measures to protect your personal data:
Technical Measures
- SSL encryption for data transmission
- Secure password policies and multi-factor authentication
- Regular security updates and vulnerability assessments
- Encrypted data storage and backups
Organizational Measures
- Staff training on data protection and privacy
- Access controls limiting data access to authorized personnel
- Data breach response procedures
- Regular privacy impact assessments
While we implement strong security measures, no system is completely secure. We encourage you to take steps to protect your own data, such as using strong passwords and keeping your contact information up to date.
9. Cookies and Tracking
Our website uses cookies to enhance your browsing experience and provide relevant services:
Types of Cookies We Use
- Essential Cookies: Required for basic website functionality
- Functional Cookies: Remember your preferences and improve usability
- Analytics Cookies: Help us understand website usage (with your consent)
- Marketing Cookies: Enable targeted advertising (with your consent)
You can manage your cookie preferences through your browser settings or our cookie consent tool. Disabling certain cookies may affect website functionality. For more information, see our Cookie Policy.
10. Third-Party Services
We use carefully selected third-party services to enhance our operations:
- Google Analytics: Website usage analysis (anonymized data)
- Email Marketing Platforms: For newsletter and marketing communications
- CRM Systems: For customer relationship management
- Payment Processors: For secure transaction processing
- Cloud Storage: For secure data backup and accessibility
All third-party providers are carefully vetted and must meet our data protection standards through contractual agreements.
11. International Data Transfers
We primarily process data within the UK and EU. When international transfers are necessary:
- We ensure adequate protection through adequacy decisions or appropriate safeguards
- We use Standard Contractual Clauses approved by the UK authorities
- We conduct transfer risk assessments
- We obtain your explicit consent where required
12. Children's Privacy
Our services are intended for adults and property owners. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices, services, or legal requirements. When we make significant changes:
- We'll notify you by email if you're an active client
- We'll post the updated policy on our website with a new "Last Updated" date
- We'll highlight significant changes in our communications
Continued use of our services after changes indicates acceptance of the updated policy.