• Home
  • About Us
    • About Us
    • Our Services
  • Our Properties
  • FAQs
  • More
    • Home
    • About Us
      • About Us
      • Our Services
    • Our Properties
    • FAQs
  • Home
  • About Us
    • About Us
    • Our Services
  • Our Properties
  • FAQs

Privacy Policy

1. Introduction

Time2Move (Scotland) LTD  ("we," "our," or "us"), a company registered in Scotland (804116) whose registered address is at WestPoint 4 Redheugh Rigg, South Gyle, Edinburgh EH12 9DQ is committed to ensuring the secure and safe management of data held by us in relation to customers, staff and other individuals. 

Our staff members have a responsibility to ensure compliance with the terms of this policy, and to manage individuals’ data in accordance with the procedures outlined in this policy and documentation referred to herein.

We need to gather and use certain information about individuals. These can include customers, including prospective (tenants, landlord clients etc.), employees and other individuals that we have a contractual relationship with. 

We manage a significant amount of data, from a variety of sources. This data contains “personal data” and “sensitive personal data” (known as “special categories of personal data” under the GDPR).

This policy sets out our duties in processing that data, and the purpose of this policy is to set out the procedures for the management of such data.

  

2. Legislation

It is a legal requirement that we process data correctly; we must collect, handle and store personal information in accordance with the relevant legislation.

The relevant legislation in relation to the processing of data is:

(a) the General Data Protection Regulation (EU) 2016/679 (the GDPR); 

(b) the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as may be amended by the proposed Regulation on Privacy and Electronic Communications); and

(c) any legislation that, in respect of the United Kingdom (UK), replaces, or enacts into UK domestic law, the General Data Protection Regulation (EU) 2016/679, the proposed Regulation on Privacy and Electronic Communications or any other law relating to data protection, the processing of personal data and privacy as a consequence of the UK leaving the European Union.

  

3. Data

3.1 We hold a variety of data relating to individuals, including clients, landlords (including Prospective), tenants (Including Prospective) and employees (also referred to as “data subjects”) which is known as personal data. The personal data held and processed by us is detailed within the various “fair processing notices” (FPN)  and the “employees data protection clause” of the terms and conditions of employment which has been provided to all employees.

3.1.1 Personal data is that from which a living individual can be identified either by that data alone or in conjunction with other data held by us.

3.1.2 We also hold personal data that is sensitive in nature (i.e. reveals a data subject’s racial or ethnic origin, religious beliefs, political opinions, or relates to health or sexual orientation). This is special category personal data or sensitive personal data.


4. Types of Data We Collect

We may collect the following types of personal data:

  • Identity Data: Name, title, and identification documents (e.g., passport or driver's license).
  • Contact Data: Address, email, phone number, and emergency contact details.
  • Financial Data: Bank details, credit history, and payment information.
  • Property Data: Details of property ownership, tenancy, and transaction history.
  • Technical Data: IP address, browser type, and operating system.
  • Marketing Preferences: Communication and advertising preferences.


5. How We Collect Your Data

We obtain your personal data through:

  • Direct interactions (e.g., when you fill out a form, contact us, or register for services).
  • Automated technologies (e.g., cookies on our website).
  • Third-party sources (e.g., referencing agencies or credit checks).


6. Why We Use Your Data

We use your personal data to:

  • Facilitate property transactions such as sales, rentals, or lettings.
  • Verify your identity and creditworthiness.
  • Communicate with you regarding services, contracts, or inquiries.
  • Comply with legal and regulatory obligations.
  • Improve our services and tailor marketing communications.

  

7. Data Sharing

We may share your data with:

  • Referencing agencies for tenant checks.
  • Legal and regulatory authorities when required.
  • Contractors or service providers (e.g., maintenance teams).
  • Third parties involved in property transactions (e.g., solicitors or mortgage brokers).
  • Utility Providers
  • Local Authority


8. Data storage and security 

All personal data held by us must be stored securely, whether electronically or in paper format. 

8.1 Paper storage

if personal data is stored on paper it should be kept in a secure place where unauthorised personnel cannot access it. Employees should make sure that no personal data is left where unauthorised personnel can access it. When the personal data is no longer required it must be disposed of by the employee so as to ensure its destruction. If the personal data requires to be retained on a physical file then the employee should ensure that it is properly secured within the file (e.g. stapled) which is then stored in accordance with our storage provisions.

8.2 Electronic storage

personal data stored electronically must also be protected from unauthorised use and access. Personal data should be password protected when being sent internally or externally to our data processors or those with whom we have entered in to a data sharing agreement. If personal data is stored on removable media (CD, DVD, USB memory stick) then that removable media must be stored securely at all times when not being used. Personal data should not be saved directly to mobile devices and should be stored on designated drivers and servers.

  

9. Breaches

9.1 A data breach can occur at any point when handling personal data and we have reporting duties in the event of a data breach or potential breach occurring. Breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach require to be reported externally in accordance with clause 9.3 hereof.

9.2 Internal reporting

We take the security of data very seriously and in the unlikely event of a breach will take the following steps:

· As soon as the breach or potential breach has occurred, and in any event no later than six (6) hours after it has occurred, the data protection coordinator (DPC) must be notified in writing of (i) the breach; (ii) how it occurred; and (iii) what the likely impact of that breach is on any data subject(s);

· we must seek to contain the breach by whatever means available;

· the DPC must consider whether the breach is one which requires to be reported to the Information Commissioner's Office (ICO) and data subjects affected and do so in accordance with this clause 7;

· notify third parties in accordance with the terms of any applicable data sharing agreements

9.3 Reporting to the ICO

Time2Move (Scotland) LTD is registered with the ICO - Registration Ref - (ZB738923). 

The DPC is required to report any breaches which pose a risk to the rights and freedoms of the data subjects who are the subject of the breach to the ICO within 72 hours of the breach occurring. The DPC must also consider whether it is appropriate to notify those data subjects affected by the breach.

  

10. Data protection coordinator 

10.1. The data protection coordinator (DPC) is an individual who has an over-arching responsibility and oversight over compliance by us with data protection laws. The DPC details are noted are contained within the FPN.

10.2 The DPC will be responsible for:

10.2.1 Monitoring our compliance with data protection laws and this policy;

10.2.2 co-operating with and serving as our contact for discussions with the ICO;

10.2.3 reporting breaches or suspected breaches to the ICO and data subjects in accordance with part 7 hereof. 


11. Archiving, retention and destruction of data

We cannot store and retain personal data indefinitely. We must ensure that personal data is only retained for the period necessary. We shall ensure that all personal data is archived and destroyed timeously and at the point that we no longer need to retain that personal data in accordance with the periods specified within the Time2Move (Scotland) LTD Retention Schedule. 


12. Your Rights

As per GDPR, you have the right to:

  • Access your personal data and request a copy.
  • Rectify incorrect or incomplete information.
  • Request the erasure of your data ("right to be forgotten").
  • Restrict or object to data processing.
  • Data portability (where applicable).
  • Withdraw consent for marketing at any time.


Cookies and Website Data

We use cookies to enhance your browsing experience. You can manage cookie preferences through your browser settings.


Policy Updates

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. The latest version will always be available on our website.

 

Contact Us

If you have questions about this policy or wish to exercise your rights, please contact us:

Time2Move (Scotland) Ltd

WestPoint, Regus, 4 Redheugh Rigg, South Gyle, Edinburgh, EH12 9DQ

enquiries@t2mproperty.com

07359 728867


Data Protection Co-Ordinator (DPC)

Callum McQueenie

07359 728867

callum@t2mproperty.co.uk

Time2Move (Scotland) LTD Registration Reference - ZB738923

Copyright © 2025 TIME2MOVE (Scotland) Limited - All Rights Reserved.

Powered by

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept