NHS Property Services Ltd provides property and facilities management expertise to the NHS. We provide services centred around four main business areas; asset management, construction project management, facilities management and strategic estate planning. Our portfolio consists of around 3500 buildings. Made up of hospitals, offices, health centres and GP surgeries and represents approximately 10% of the NHS Estate. Our services are business centric and as such our collection and processing of your personal data is in regard to the fulfilment of our business aims.
We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes our policies and practices regarding the collection and use of your personal data and sets forth your privacy rights. We recognise that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.
Our registered office location is in London, in the United Kingdom. We have appointed an internal Data Protection Officer (DPO) and should you have any questions or concerns about our personal data policies or practices, you can contact us by:
NHS Property Services Ltd
99 Gresham Street
Tel: 0800 085 3015
When you become our customer we collect various pieces of information about you including (but not limited to) your name, your company name (if applicable), and your contact details.
We process your personal information under Article 6 (1)(b) of the General Data Protection Regulation in order to provide you will the product / service you have purchased and undertake standard business functions such as lease management. We may also process your information under Article 6 (1)(c) of the General Data Protection Regulation to fulfil our statutory duties for example, Land Registry reporting. We may also use this information under Article 6 (1)(f) of the General Data Protection Regulation to help us undertake and improve our core business functions, such as strategic planning.
You can find information on the article listed above on the UK Information Commissioners website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/
We offer content on our website related to the work we do. We also provide the ability for you to push this content into your Twitter and Facebook feeds. This means you may find yourself on our website or reading an email from us, and we will offer you a link to another organisation’s website. If you click on these links, we not responsible or liable for content provided by these third-party websites or personal information they may happen to gather from you.
We do not share this information with any third party other than to store the information in our cloud-hosted databases which are predominantly based in the UK.
You may manage your subscriptions to our newsletters by subscribing or unsubscribing at any time. If you have any difficulties managing your email or other communication preferences with NHS Property Services Ltd please contact us at DPO@property.nhs.uk
We use tools on our websites to track how often people gain access to or read our content. We use this information in the aggregate to understand what content our customers find useful or interesting, so we can tailor our content and services to meet your needs.
C. Your correspondence with us
If you correspond with us by email, the postal service, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of our publications, or services; or to keep a record of your complaint and the like. If you wish us to consider erasing some of your personal information or otherwise refrain from communicating with you, please contact us at DPO@property.nhs.uk
D. Purposes for processing your data
We process your data to provide you or the company you work for with the business services you have requested or purchased from us. We may also use this information to refine and improve our business services.
From time to time, we may receive personal information about individuals from third parties. However, this information is only ever requested or received in the context of our core business aims and providing you with the service or product you have requested.
You can enjoy all of the information on our website without giving us your personal data. With regards to our core business functions; some personal information is necessary so that we can supply you with the services you have purchased or requested for example the lease of one of our buildings.
Cookies are pieces of data that a Web site transfers to a user’s hard drive for record-keeping purposes.
Our Site also captures limited information (such as user-agent, HTTP referrer, last URL requested by the user, client-side and server-side clickstream) about visits to our Site; we may use this information to analyse general traffic patterns and to perform routine system maintenance. You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage cookies, please consult the privacy features in your browser.
Information about the services / products you have purchased from us are maintained in association with your account. The personal information that we hold is stored in one or more databases hosted by third parties located within the UK. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval.
We do not otherwise reveal your personal data to third-parties for their independent use unless: (1) you request or authorise it; (2) the information is provided to comply with the law (for example, to comply with a search warrant or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (3) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (4) to address emergencies or acts of God; or (5) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf.
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects. A good explanation of them (in English) is available on the website of the United Kingdom’s Information Commissioner’s Office at www.ico.org.uk.
This Privacy Notice is intended to provide you with information about what personal data we collect about you and how it is used. If you have any questions, please contact us at DPO@property.nhs.uk
If you wish to confirm that NHS Property Services Ltd is processing your personal data, or to have access to the personal data we may have about you, please contact us in writing at DPO@property.nhs.uk or by post.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside of our organisation might have received the data from us; what the source of the information was (if you didn’t provide it directly to us); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by us if it is inaccurate. You may request that we erase that data or cease processing it, subject to certain exceptions. You may also request that we cease using your data for direct marketing purposes. You have a right to lodge a complaint with Information Commissioner if you have concerns about how we process your personal data. When technically feasible, we will—at your request—provide your personal data to you or transmit it directly to another controller.
Reasonable access to your personal data will be provided at no cost upon request made to us at DPO@property.nhs.u or our postal address. If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason access is denied, we will provide an explanation as to why access has been denied.
To help protect the privacy of data and personally identifiable information you transmit through use of this Site, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
Your personal data is stored by us on our servers, and on the servers of the cloud-based database management services that we engage. We retain data for the duration of the relationship with us. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact our Data Protection Officer by email at DPO@property.nhs.uk or by post.
By using our website, you agree to the terms and conditions contained in this Privacy Notice and Conditions of Use and/or any other agreement that we might have with you. If you do not agree to any of these terms and conditions, you should not use this Site or any of our services. You agree that any dispute over privacy or the terms contained in this Privacy Notice and Conditions of Use, or any other agreement we have with you, will be governed by the laws of the United Kingdom.
As our business changes from time to time, this Privacy Notice and Conditions of Use is expected to change as well. We reserve the right to amend the Privacy Notice and Conditions of Use at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice and Conditions of Use at this Site. We may e-mail periodic reminders of our notices and terms and conditions and will e-mail customers of material changes thereto, but you should check our Site frequently to see the current Privacy Notice and Conditions of Use that is in effect and any changes that may have been made to it. The provisions contained herein supersede all previous notices or statements regarding our privacy practices and the terms and conditions that govern the use of this Site.
Please contact our privacy officer at the address below:
Data Protection Officer
NHS Property Services Ltd
99 Gresham Street
Tel: 0800 085 3015