Data Protection Policy – ilyjahomes.co.uk

ILYJA HOMES LIMITED
1. Introduction
ILYJA HOMES LIMITED is committed to protecting the privacy and security ofpersonal data. This Data Protection Policy explains how we collect, use, store,and protect personal data in accordance with the UK General Data ProtectionRegulation (UK GDPR) and the Data Protection Act 2018, and in line withguidance issued by the Information Commissioner’s Office (ICO).
2. Scope
This policy applies to all personal data processed by ILYJA HOMES LIMITED,including data relating to investors, clients, suppliers, and other businesscontacts. It applies to all data processed electronically, in paper form, or by anyother means.
3. Data Protection Principles
ILYJA HOMES LIMITED processes personal data in accordance with thefollowing principles:
3.1 Lawfulness, Fairness, and Transparency
Personal data is processed lawfully, fairly, and transparently. Individuals areinformed about how their data is collected, used, and stored.
3.2 Purpose Limitation
Personal data is collected for specified, explicit, and legitimate businesspurposes and is not processed in a manner incompatible with those purposes.
3.3 Data Minimisation
Only personal data that is adequate, relevant, and necessary for the intendedpurpose is collected and processed.
3.4 Accuracy
Reasonable steps are taken to ensure personal data is accurate and kept up todate. Inaccurate data will be corrected or erased without undue delay.
3.5 Storage Limitation
Personal data is retained only for as long as necessary to meet legal, regulatory,or business requirements.
3.6 Integrity and Confidentiality
Appropriate technical and organisational measures are in place to protectpersonal data against unauthorised access, loss, alteration, or destruction.
3.7 Accountability
ILYJA HOMES LIMITED takes responsibility for compliance with data protectionlegislation and maintains appropriate records of data processing activities.
4. Collection and Use of Personal Data
4.1 Data Collected
We may collect personal data including, but not limited to: – Names and contactdetails
– Identification information
– Financial and investment-related information
– Correspondence and communications
4.2 Legal Basis for Processing
Personal data is processed on one or more of the following legal bases: -Performance of a contract
– Compliance with legal or regulatory obligations
– Legitimate business interests
4.3 Use of Data
Personal data is used solely for providing property deal packaging services,managing client relationships, meeting legal obligations, and communicatingrelevant service-related information. Personal data is not used for marketingpurposes without explicit consent.
5. Data Storage and Security
5.1 Data Security
Personal data is stored securely using appropriate physical, technical, andorganisational safeguards, including password protection, secure storagesystems, and restricted access.
5.2 Third-Party Processors
Where third-party service providers are used, ILYJA HOMES LIMITED ensuresthat appropriate data processing agreements are in place and that such partiescomply with UK GDPR requirements.
5.3 International Transfers
If personal data is transferred outside the UK or European Economic Area (EEA),appropriate safeguards will be implemented in accordance with data protectionlegislation.
5.4 Data Breaches
In the event of a personal data breach, appropriate procedures are in place toassess, manage, and report the breach. Where required, the ICO and affectedindividuals will be notified within statutory time limits.
6. Individual Rights
Individuals have the right to: – Access their personal data
– Request rectification of inaccurate data
– Request erasure of data (where applicable)
– Restrict or object to processing
– Request data portability
Requests relating to personal data should be made in writing to:
Email: dataprotection@ilyjahomes.co.uk
Requests will be responded to within one month, in line with legal requirements.
7. Responsibility and Training
The Director of ILYJA HOMES LIMITED is responsible for data protectioncompliance. Appropriate measures are taken to ensure awareness of dataprotection obligations and secure handling of personal data.
8. Retention of Data
Personal data is retained only for as long as necessary for legal, regulatory, andbusiness purposes, typically for a period of up to six (6) years, unless a longerretention period is required by law.
9. Review of Policy
This Data Protection Policy is reviewed annually and updated as necessary toensure continued compliance with applicable legislation and ICO guidance.