The Company is registered under the GDPR. We are committed to protecting your privacy and providing a safe, secure website. However, before you continue using our website, we recommend that you read the following information.

 

The Company respects the privacy of its website visitors and does not share or sell any personal information with third parties. Please note that you are not required to provide any personal information to use this website. Any information you do provide will be treated in confidence and used only for the purpose for which you provided it. Where personal information can be entered, the website ensures that industry standard security measures are in place to protect it.

 

If you choose to register on the website or to send us personal details in relation to a property or information offered, you have the right to request a copy of the information you entered and any other information we hold on you at any time, and to have that information corrected if it is inaccurate. If you wish to exercise this right, please contact The Company at Suite 726, 8 Shepherd Market, W1J 7JY, London, UK By registering yourself and giving your personal data, you are consenting to our holding the data for the purposes of having access to the website. If you wish to have your data deleted then please contact us to have the data deleted. The data will be automatically deleted by us if you have not used the website for a period of time and we adjudge that you are no longer using the website

 

Contact Details

Please note that you are not required to provide any personal information to use this website. However, if you provide your contact details (name, address, telephone and fax number and e­mail address) these details will be used to provide any services which you have requested.

 

By entering your contact details you agree that we may also use them for the following purposes:

 

1. To incorporate into the The Company database.

2. To provide aggregate statistical information which may include personal information.

3. To provide you with information about our services.

 

You may at any time request us to remove your details from our computer data base or instruct us not to use the personal information which you have provided to us for any of the above purposes by notifying us by e­ mail.

 

Cookies

A Cookie is a small file which contains a unique alpha numeric number selected on a random basis. We will automatically place a Cookie on your computer which enables you to make full use of this website's functionality.

 

Kornerstone Limited retains personal data as defined in the EU Regulation 2016/679 (“GDPR”). Kornerstone Limited is required to comply with the Data Protection Principles and this Policy sets out how we are to do this. We will only collect and retain (“process”) data for the following purposes and will at all times observe the Data Protection Principles as set out below.

 

Kornerstone Limited is required to keep personal information safe, only take personal information that is necessary and destroy such personal information after the purpose of its retention has ceased.

 

Data will be processed in connection with:

1. Acting for a client in the course of property related business

2. Acting in the course of property management, which will include data on lessees both absentee and occupational in the management of buildings

3. Name and address and reasonable financial status details of potential buyers or lessees acquiring property from clients

4. Necessary data on our employees

The type of data processed will be:

1. Name address and required Identity Documents of the person to satisfy anti-money laundering requirements

2. Financial data reasonably necessary to evaluate and make decisions and recommendations upon the suitability of people to enter into obligations with clients (including bank statements, references and proof of residence) as well as ongoing monitoring for the purposes of the Proceeds of Crime legislation

3. In the case of property management, the names and addresses of lessees and their mortgagees

4. The Financial Accounts and Service Charge and Rent Demands and Statements of Account relating to the administration and obligations of lessees under their leases

5. All correspondence with clients, lessees and other parties generated by the above purposes. This will include email correspondence, replies and forwarded emails

6. Historical data in respect of the above, which will be archived and kept for the purposes of recording the prior history of property management or prior history of any matter in which a client has been a party. It is not practicable with our current management accounts system to extract for destruction data of prior lessees of properties but we can and will restrict access to those accounts that relate to properties that Kornerstone Limited no longer manage

7. Data of current employees necessary for their current employment, to include the employee’s name, address, bank details for receipt of their salaries, National Insurance number, pension plan details, attendance records. Kornerstone Limited will ensure that such data is obtained with the consent of the employee and that employees sign their consent upon starting their employment

8. Historical data of prior employees for any necessary record of the employment, including any references given. It will be our intention not to keep any record of prior employees for longer than 3 years after their leaving their employment with us.

9. Health data of employees reasonably necessary for the administration of their employment and attendance. Save for historical purposes above, health records will be destroyed as soon as possible after the cessation of employment of the individual.

Subject to the above, Kornerstone Limited will not process any data relating to revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

The Data Protection Principles, which Kornerstone Limited will at all time observe are:

Personal Data shall be:

1. processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);

3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);

6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

Processing of data by Kornerstone Limited will be only for one or more of the following purposes set out in the GDPR:

(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

(c) processing is necessary for compliance with a legal obligation to which the controller is subject;

(d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;

(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require

protection of personal data, in particular where the data subject is a child.

Kornerstone Limited will at all times retain data securely. This will be proportionate to the sensitivity of the data and what is reasonably practicable for us to do. In considering this the following will be guidelines:

1. We will not allow any data of employees to be stored outside our offices. All paper data will be secured in locked cabinets. Our computer servers will be kept in locked cabinets and suitably password protected and employee data available only to a director.

2. Other data will be generally kept within the office upon the server. Files will not be password protected and may be accessible to members of staff. The computer system will be password protected so that reasonable steps are taken to prevent outsiders hacking into the computer system. The computer system will be available to our employees remotely but will be password protected. The password of anyone authorised to have access will be changed not less frequently than once every 3 months

3. Data (apart from that on our employees) may be stored off site but only in accordance with the provisions of the GDPR

4. Kornerstone Limited will not use automated processing systems operating decision evaluation upon personal aspects relating to people which are based solely on automated processing and which produce adverse legal effects concerning, or significantly affect, those people

5. Specific financial data on anyone (e.g. bank statements of others in support of references but not bank account details for payment of money or property management accounts) will be destroyed as soon as possible and in any case within 3 months of obtaining it

6. Kornerstone Limited will not part with personal information to a third party without the written consent of that data subject, save in the circumstances of the management of a property, of which the data subject is a lessee, being taken over by a successor company.

7. Emails will be stored in the Microsoft Outlook program and will either be kept as part of that program or copied into dedicated files. In either case the data is to be kept on the Company server. It will not be practicable to extract for destruction historical emails from the system. When forwarding emails, Kornerstone Limited will ensure as far as possible that personal data in the email chain below is deleted so that personal data is not forwarded with the new email.