Schroders real estate privacy policy

This Privacy Policy explains how we use the Personal Data that Schroders collects or generates in the course of managing properties within our real estate services.

Where a word appears in bold text in this policy, the definition can be found here

1. Background

(1.1) Schroders collects and uses certain Personal Data. Schroders is responsible for ensuring that it uses that Personal Data in compliance with data protection laws.

(1.2) At Schroders, we respect your privacy and we are committed to keeping your Personal Data secure.

(1.3) This Privacy Policy is directed to Tenants and Suppliers whose Personal Data we handle in the course of carrying on our real estate services and related activities. This Privacy Policy is also directed to visitors to Schroders Websites.

2. Overview of circumstances in which we handle your personal data

(2.1) This Privacy Policy explains how we handle Personal Data that we collect in the following ways:

(a) Information we receive during the course of our Tenants’ or prospective Tenants’ relationship with us;

(b) Information we receive during the course of our Suppliers’ or prospective Suppliers’ relationship with us;

(c) Information we receive during the course of the use of the properties which are owned or managed by Schroders; and

(d) Information we receive through Schroders Websites. Details of how we handle the information we receive through Schroders Websites are set out in paragraph 10 of this Privacy Policy.

3. The types of personal data we collect

(3.1) We will collect and process the following Personal Data during the course of your relationship with us: 

  • Information that you provide to Schroders. This includes information about you that you provide to us. The nature of our relationship with you will determine the kind of Personal Data we might ask for, though such information may include:

    • basic Personal Data such as first name, family name, national insurance number, email address, phone number, address (including city postcode and country), occupation and job title, bank details, credit and debit card details, ID documentation, tax classifications, gender, and date of birth, and

    • sensitive Personal Data, which may be included in information we handle about your nationality, place of birth, health related information, disability status, or details of political affiliations.

  •  Information that we collect or generate about you. This may include:

    • files that we may produce as a record of our relationship with our Tenants and Suppliers, including contact history, property management matters for the administration of our property management system, know your client and anti-money laundering checks and procedures on our Tenants, energy consumption, water usage and usage of other utilities (including meter readings), payment history, authorised signatories of Tenants, health and safety information where insurance claims are made in connection with the use of properties, details of disabilities if requests are made for modifications to buildings to accommodate disabilities, CCTV and other security provisions, car registration plate number for the purpose of car park management; and

    • any Personal Data that you provide during telephone and email communications with us which we may monitor and record in order to resolve complaints, improve our service and in order to comply with our legal and regulatory requirements.

  •  Information we obtain from other sources. This may include:

    • information from publicly available sources, including third party agencies such as credit reference agencies; fraud prevention agencies; law enforcement agencies; public databases, registers and records such as Companies House; the FCA Register; the Land Registry; the DVLA, and other publicly accessible sources;

    • information obtained from sanctions checking and background screening providers; and

    • information held by local authorities, utility providers and other searches undertaken during the conveyancing process.

4. How we use your information

(4.1) Your Personal Data may be stored and processed by us in the following ways and for the following purposes: 

  • for the management and administration of properties;

  • for the administration of our property management system;

  • to set up / on-board new Tenants and/or Suppliers;

  • to keep our records up to date;

  • to effectively manage Tenant and Supplier relationships and communicate with Tenants and Suppliers in order to provide services or information to them;

  • to administer, monitor and maintain IT systems in order to uphold standards of service and protect against cyber threats or malicious activity including abuse and misuse;

  • for ongoing review and improvement of the information provided on Schroders Websites to make them user friendly and prevent potential disruptions or cyber attacks;

  • in order to comply with and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures; or

  • for the administration and maintenance of databases storing your Personal Data. 

(4.2) When we use your Personal Data, we comply with applicable law. The law allows or requires us to use your Personal Data for a variety of reasons. These include instances where: 

  • we are performing our contractual obligations;

  • we have legal and regulatory obligations that we have to discharge;

  • we may need to do so in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;

  • we have obtained your consent; or

  • the use of your Personal Data as described is necessary for our legitimate business interests, such as:

    • allowing us to effectively and efficiently manage and administer the operation of our business;

    • maintaining compliance with internal policies and procedures; or

    • offering effective, up-to-date security solutions for mobile devices and IT systems.

(4.3) Within Schroders, your Personal Data is accessed only by employees of Schroders that have a need to access it for the purposes described in this Privacy Policy. 

5. Disclosure of your information to third parties

(5.1) We may share your Personal Data within Schroders for the purposes described above.

(5.2) We may also share your Personal Data outside of Schroders as further described below: 

  • with business partners of ours where they are contractually obliged to comply with appropriate data protection obligations;

  • with third party agents, contractors and service providers for the purposes of them providing services both to us and to Tenants or Suppliers, for example:

    • accountants and auditors;

    • professional advisors;

    • insurance brokers and providers;

    • letting agents and property management agents;

    • banks and lenders;

    • investors and joint venture partners;

    • property maintenance, cleaning, facilities and security providers;

    • research analysts and performance benchmarking providers for the real estate industry for the purposes of market analysis;

    • business rates advisors;

    • registrars and trustees of the relevant Schroders entity; and

    • IT and communications providers.

These third parties will be subject to appropriate data protection obligations:

  • to the extent required by law or regulation, for example if we are under a duty to disclose your Personal Data in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators, auditors or public authorities), or to establish, exercise or defend our legal rights; and

  • if we sell any part of our business or our assets, in which case we may need to disclose your Personal Data to the prospective buyer for due diligence purposes. 

6. International transfers of personal data

(6.1) Schroders is a global business with operations around the world. As a result we collect and transfer Personal Data on a global basis. That means that we may transfer your Personal Data to locations outside of your country.

(6.2) Where we transfer your Personal Data to another country it will be protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside of the European Economic Area (the “EEA”), for example, this may be done in one of the following ways:

  • the country to which we send your Personal Data might be approved by the European Commission as offering an adequate level of protection for Personal Data;

  • the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging it to protect your Personal Data;

  • where the recipient is located in the US, it might be a certified member of the EU-US Privacy Shield scheme; or

  • in other circumstances the law may permit us to otherwise transfer your Personal Data outside the EEA.

(6.3) You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA by contacting us as described in paragraph 12 below.

7. How we safeguard your personal data

(7.1) Data is a critical business asset and must be protected appropriate to its risk as well as its importance or value. We operate layers of safeguards and defences designed to ensure that Schroders is able to operate safely. We have extensive controls and mechanisms in place designed to detect, respond and recover in case of any adverse events that may arise.

8. How long we keep your personal data

(8.1) The length of time for which we hold your Personal Data will vary as determined by the following criteria:

  • the purpose for which we are using it (as further described in this Privacy Policy) – we will need to keep the data for as long as is necessary for that purpose; and

  • our legal obligations – laws or regulation may set a minimum period for which we have to keep your Personal Data.

9. Your rights

(9.1) In all the above cases in which we collect, use or store your Personal Data, you may have the following rights and, in most cases, you can exercise them free of charge. These rights include:

  • the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;

  • the right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason for doing so. For example, we may need to retain your Personal Data to comply with a legal or regulatory obligation or to satisfy our internal audit requirements;

  • in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit such data to a third party where this is technically feasible. Please note that this right only applies to Personal Data that you have provided directly to Schroders;

  • the right to request that we rectify your Personal Data if it is inaccurate or incomplete;

  • the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are required or entitled to retain it;

  • the right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are required or entitled to refuse that request; and

  • the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us.

(9.2) You can exercise your rights by contacting us using the details provided at paragraph 12 below.  

10. Schroders websites and other websites

(10.1) If you use a Schroders Website, we may collect technical information through the use of cookies. For example, what websites were visited by each user, any documents downloaded, security incidents, and prevention measures taken by the gateway. For more information on the cookies used by Schroders, please see our Cookie Notice at http://www.schroders.com/en/cookies/

(10.2) If you use a Schroders Website and follow a link from it to another website (including a website operated by Schroders), different privacy policies may apply. Prior to submitting any Personal Data to a website you should read the privacy policy applicable to that website.

11. Changes to this privacy policy

(11.1) Any changes we make to our Privacy Policy in the future will be posted on this website and where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy. 

12. Questions and concerns

(12.1) If you have any questions or concerns about Schroders’ handling of your Personal Data, or about this Privacy Policy, please contact us using the following contact information: 

Privacy@schroders.com

We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, we will provide you with the contact information for that regulator.