Privacy Policy

No.26 is managed by Native, therefore the privacy policy below reflects how Native will collect, protect and handle your personal information.

Native is a trading name of Go Native Ltd. This policy explains how Native protects and processes your personal information. This policy is effective from 22nd January 2020.

‘Your personal information’ means any information about you that you or third parties provide to us, or we produce in relation to our services offered or provided to you.

Our Privacy Policy is applicable to the below entities:

• customers and prospective customers
• guests and prospective guests
• our business clients or suppliers and their personnel
• visitors to our websites
• applicants for job opportunities

Where we provide products or services under contract with an organisation (for example your employer), that organisation controls the information processed by Native on your behalf until they transfer it to us, upon which point Native assumes responsibility to process your data.

Your privacy is important to us, and so is being transparent about how we collect, use, and share information about you. This policy is intended to help you understand:

1. Native’s Privacy Principles

2. What information Native collects about you

3. Why Native collects this information and how we use it

4. How we store and secure information we collect

5. How long we keep information we collect

6. How Native shares information we collect

7. How Native transfers information we collect internationally

8. Your rights and other important privacy information

9. How you can access and control your information held by Native

Please read this privacy policy carefully as it sets out the basis on which we collect any personal information from or about you, and how we use it in the operation of the:

• www.nativeplaces.com website
• www.nativemanagement.co.uk website
• www.dalston-works.co.uk website
• www.no26croydon.co.uk website
• www.kampus-mcr.co.uk website
• Online payment web pages used to collect payment
• Online shortlist pages used to offer property options by email
• Corporate portals or web pages managed by Native on behalf of our corporate clients
• Central or regional functions including asset management, direct, agent & partner, corporate and key account client services, HR, operations & estates, finance, business development, marketing and IT

By visiting any of our websites or by using any of these services, you acknowledge the practices described in this privacy policy.

1. Native’s Privacy Principles

• Native is committed to safeguarding the privacy and security of your information.
• We will only collect and use your information where we have lawful legitimate business reasons to do so.
• We will not ask for more information than we need for the purposes for which we are collecting it.
• We will update our records when you inform us that your details have changed.
• We have implemented and adhere to information retention policies relating to your information.
• We will ensure that your information is securely disposed of at the end of the appropriate retention period.
• We observe the rights granted to you under applicable privacy and data protection laws.
• We will ensure that queries relating to privacy issues are promptly and courteously dealt with.
• Our staff are trained on their privacy obligations.
• We will ensure there are appropriate measures in place to protect your information regardless of where it’s held and ensure that safeguards are in place before transferring your information to other companies or countries.

2. What information Native collects about you

The personal information we collect depends on the products and services you have, how you use them, how you made contact, enquired or booked and through which channel, partner or third party this was done. Depending on these factors, Native could hold any of the below personal information about you:

• Personal contact details such as a person’s name, title, home address, email address(es), telephone number(s)
• Other personal details such as a person’s gender, age, date of birth, place of birth, nationality, country of origin, marital status, child status
• Work contact details such as employer name, work address, job title, email address(es), telephone number(s)
• Other work-related details such as personnel Id, work grade, employment history, salary, references, length of service
• Government-issued identifiers such as passport, national insurance number, drivers licence, visas, right to rent status
• Financial details such as bank account details, payment card details, credit scores, account debt
• Online identifiers such as Cookies (see Native Cookie Policy), IP Address(es)
• Sensitive personal data required to provide appropriate and respectful levels of service such as health conditions, religious beliefs
• Social media content if provided by you in accordance and acceptance of this policy such as reviews, blogs
• User account details such as username, password (encrypted), security questions, security answers
• Contact and marketing preferences such as whether you have provided or withdrawn consent / subscribed or unsubscribed to contact methods (e.g. email, telephone), marketing campaigns, news, competitions or engaged with campaigns and promotions
• Job applicant details such as CVs, covering letters and any supporting documents
• Photos or documents that relate to any of the above points or required to manage our properties or business processes in accordance with this policy and our terms and conditions (see Native T&Cs)
• Telephone call data such as voice data for calls recorded for quality or training purposes or messages left on answering machines
• SMS / IM messages received by apps we use for sales or operational purposes

3. Why Native collects this information and how we use it

Why we collect personal information and how we use the information we collect depends in part on which services you enquire about, order or use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.

• To respond to enquiries about our company or services from you.
• To provide products and services to you
• To bill and collect funds or debt for products and services and to run credit checks
• To communicate with you about the services
• To market, promote and drive engagement with existing or potential services to existing or potential customers who have provided consent
• To personalise and customise your experience
• To provide customer support to you
• To provide account management to you or your employer
• To identify you and ensure safety and security of your data
• To comply with client or third party contracted requirements
• To engage with or procure services with third party providers for services relevant to your enquiry, order or service
• To protect our legitimate business interests and legal rights
• To report on and analyse the performance of our portfolio
• To develop our business and build a better understanding of what our customers want
• For research and development purposes
• To help protect you against fraud or other criminal activity
• To comply with any legal or regulatory obligations
• To respond to any law enforcement agencies
• To respond to any data access requests from you
• Any other reason that complies with our obligations that we can justify as a legitimate business reason

4. How we store and secure information we collect

Native uses a multi-data centre infrastructure hosting service in the United Kingdom for all personal information we collect, whether on our file network, websites or apps. This infrastructure is ISO 27001 certified and provides enterprise class resilience and security.

Access to our network and apps is controlled by an enterprise level 2 Factor Authentication solution.

Our websites have up to date SSL certificates that provide robust authentication and encryption, to reassure you that your data and transactions are secure.

We restrict access to personal information so that only controllers and processors of the data that need it for legitimate business purposes have access to it.

We also have data use policies and training in place to ensure all our staff are responsible with your data and understand their obligation to protect it.

5. How long we keep information

How long we keep information we collect about you depends on the type of information and the type of interaction you have had with Native, as specified by the retention periods below. Prior to or at the point of the retention period being met, we will either delete or anonymise your information as applicable. Where more than one of the below categories applies to a piece of data, the longest retention period shall be enforced.

Sign-ups for news, offers or marketing campaigns – If you have provided your contact details and confirmed that you have provided consent to receive news, offers or marketing campaigns, we will retain your personal information for no longer than 5 years from the point you last expressed an interest/opened a communication without unsubscribing/provided consent/contacted us/subscribed or unsubscribed. We retain information derived from cookies and other tracking technologies for no longer than 5 years.

Personal Information related to Enquiries and Orders – If you have made an enquiry about or order for products or services or a third party has done so on your behalf, we will retain your information for no longer than 7 years from the point of your last enquiry or order.

Billing – If you have been billed by Native for any products or services, we will retain your information for no longer than 7 years from the point of billing of your last invoice.

Account Information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our products and services.

Client contracts – If you’re an employee of a corporate client that specifies in our contract that data must be retained for reporting purposes on their behalf for a particular period, we will comply with that length of time where possible and where they have confirmed their responsibility as data controller in that regards.

Job Applicant details – CVs, covering letters, application forms and interview notes for unsuccessful candidates will be retained for no longer than 1 year. Successful candidates will have these files transferred to their personnel file, for which our retention period will not be covered by this document.

Other files and emails – We retain active, undeleted electronic files and emails for a period of no longer than 7 years, unless they have been identified as business critical and set to not be deleted.

Complaints – We retain complaints and responses to them for no longer than 6 years from closure.

Telephone call and SMS / IM data -  We retain recorded calls and messages no longer than is required for quality, training or legal reasons or will retain no longer than 1 year, whichever is greater.

In other cases, we’ll store personal information for the periods needed for the purposes for which the information was collected or for which it is to be further processed. And sometimes we’ll keep it for longer if we need to by law. Otherwise we delete it.

6. How Native shares information we collect

We only share your personal information where it is necessary for us to do so for legitimate business purposes, or if that is not the case, when you have provided consent for us to do so. We will only share personal information with other companies in our supply chain that we have verified are handling your details securely.

We do use third party service providers to process personal information on our behalf for the kinds of purposes set out below:

• process payment or refund transactions
• provide customer-service, marketing, infrastructure, financial, audit, operational or technology services
• personalise our service and make it work better
• carry out tenancy related services such as referencing or deposit protection
• carry out fraud and credit checks and collect debts
• analyse and improve the information we hold (including about your interactions with our service)
• run surveys
• to comply with legal, regulatory or law enforcement requirements
• for quality and training purposes
  

Where we use another organisation, we still control your personal information.

If there’s a change (or expected change) in who owns us or any of our assets, we might share personal information to the new (or prospective) owner. If we do, they’ll have to keep it confidential.

7. How Native transfers information we collect internationally

Native does not currently share personal data outside the EU for data related to aparthotel/serviced accommodation, however we are a growing company with plans for expansion outside of the UK. Wherever possible we will minimise sharing data internationally, however it’s possible that we will have legitimate business reasons to do so. If that’s the case we reserve the right to share personal data internationally and will update our Privacy Policy if that becomes the case to reflect this. As with all our providers we will have strict controls in place to make sure it’s properly protected.

8. Your rights and other important privacy information

Native is committed to compliance with Data Processing Laws and respecting your privacy. “Data Processing Laws” means (a) the Data Protection Act 1998 and any laws or regulations implementing Directive 95/46/EC; and/or (b) the General Data Protection Regulation (GDPR); and/or any corresponding or equivalent national laws or regulations; and any applicable laws replacing, amending, extending, re-enacting or consolidating any of the above DP Laws from time to time; For the purposes of the Data Processing Laws Native is the data controller.

GDPR provides you with 8 rights concerning the processing of your personal data. These are listed below:

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object, and
• Rights related to automated decision making and profiling

To find out more information about these rights and our obligations, please visit the Information Commissioner’s Office website https://ico.org.uk

9. How you can access and control your information held by Native

If you have any questions or require details related to the personal information we hold about you, get in touch with our Data Protection Officer by

Emailing: dataprotection@nativeplaces.com

Or write to us at:

Data Protection Officer

Native

11th Floor, Newcombe House

45 Notting Hill Gate

London

W11 3LQ

If you are requesting access to your information, by law you will need to provide the below in your communication for us to be able to legally issue a full response to your request to access information, which we will do within one calendar month, free of charge.

• Full name

• Email address

• Telephone number

• Proof of ID (certified copy of passport, driving licence or government issued ID)

If you want to make a complaint on how we have handled your personal information, please contact our data protection officer who will investigate the matter and report back to you.

If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work. For the UK, that’s the Information Commissioner’s Office – https://ico.org.uk 

Cookie Policy

The Native website does not capture or store personal information, but merely logs the user’s IP address which is automatically recognised by the web server. This is used to record the number of visitors to our site and to help monitor the performance of individual web pages.

These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often and if they get error messages from web pages. These cookies do not collect information that identifies a visitor; all information collected by these cookies is anonymous. We only use such information to improve our services and our website. Examples of performance cookies used on the website are listed below.

When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, your computer or mobile phone. These include small files known as cookies. They provide anonymous information and cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

Enabling a service to recognise your device so you don’t have to give the same information several times during one task.

Recognising that you may already have given a username and password so you don’t need to do it for every web page requested. This requires a session cookie and this expires when a visitor closes their browser.

Measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast.

Analytics cookies

Native uses Google Analytics to monitor the performance of www.no26croydon.co.uk.

Google Analytics sets cookies to help us accurately record the number of visitors to the website and volumes of usage. This helps us to identify where visitors to the site may be encountering problems and also gives us an indication of the types of content visitors find particularly useful.

The site uses the following analytics cookies:

Name: _utma

This cookie stores each user’s amount of visits, and the time of the first visit, the previous visit, and the current visit.

Expires: 2 years

Name: _utmz

This cookie records where a visitor has come from (e.g. directly or via a link, organic search or paid search).

Expires: 6 months

Name: _utmb and _utmc

These cookies measure how long a visitor remains on the site and tracks when a visit starts and when it ends.

Expires: _utmb expires after 30 days, _utmc expires when the browser is closed.

For more information about Google Analytics visit the Google Analytics website.

Please also see our Privacy Policy.

Removing and disabling cookies

If you do not wish to accept cookies on to your machine you can disable them by adjusting the settings on your browser. However, this will affect the functionality of the websites you visit.