If you are a conveyancer working with us, then this information applies to you:
- GOTO Group takes data protection seriously.
- We keep to a minimum the information we hold about you
- We use your data to refer clients to you who require your services, manage our relationship with you, meet our legal obligations, and improve our website
- We delete your data when it is no longer needed for these things
- You have privacy rights as an individual
- We are happy to talk to you about how we process and protect your data
What data we hold
We may hold the following information about you:
- Your name and contact information
- Records of calls made (inbound and outbound)
- CCTV images if you visit our location
Details of the technical personal data that we process if you use our website is below:
- We generate log files from various servers when you visit our website: this will include an IP address assigned to you or, more likely, to someone who provides you with Internet access.
- Some of our websites, like many others, use Google Analytics, a web analytics tool provided by Google to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google can provide more details about their cookies.
Using your information
Managing our relationship with you
We will use your data to manage our relationship with you, refer our clients to you, and fulfil our contractual obligations with you.
Dealing with your enquiry
If you give us a ring or make contact by email, we will follow up on your enquiry and see if there is a way in which we can help you. We keep a record of enquiries received, so that we know what we have said to whom. It is also legitimate for us to keep track of what we said to you so we can understand further business need and plan our strategy accordingly.
We use log files from our servers to assist in our firm”s security, as well as to determine visitor behaviour and help us plan our strategy (e.g. such as working out which pages on the site are most popular, or whether particular events have caused an increase in traffic).
The basis for processing this is that we have legal and regulatory obligations to protect our supplier and their information. When used for strategy planning, we do this under legitimate interest.
Transfers of your data
We do not transfer or process data outside the European Economic Area or other countries deemed to have inadequate protection of data by the EU.
Conveyancer contact details: for as long as we have a contractual relationship with you, plus 6 years, or for the duration of a dispute with you.
Call recordings – 12 months
CCTV recordings -90 days
As a general principle, we will not transfer your personal data to third parties without your permission.
We do have a small number of companies providing services to us, including you. These are our processors and we have confirmed that they all meet the requirements of the GDPR.
- The GOTO platform is hosted on a widely-used and recognised secure cloud platform.
- Access to the GOTO platform is controlled by an industry standard Authentication mechanism. With the exception of a handful of anonymous pages (such as the Login page), all areas of the system are protected by requiring Username and Password authentication.
- If a user attempts to access the system with a login/password combination that does not exist in our database, they will not be authenticated and thus refused access.
- The GOTO platform employs a role-based authorisation system. Logged in users are assigned permissions according to their role and are only permitted to view pages pertinent to that role.
- All user interaction with the GOTO System is logged to facilitate security auditing.
Email and Office Documents
- Emails and office documents are hosted and managed on a widely-used and recognised secure cloud platform.
- Access to items is limited to users who have been authenticated by a login/password mechanism.
- Access to emails and documents is further restricted according to role. Logged in users are only permitted to view emails and documents pertinent to their role.
- Geographic restrictions are used where appropriate, for example to prevent access to documents by users who are off-premises.
- Platform, email and document servers are maintained in a secure cloud environment as already stated. Administration access to the cloud environment is restricted to a small number of trusted users and limited by a recognised login/password mechanism.
- Administration access to cloud platforms is logged.
- Specialised servers (such as the server which maintains call recording for example) are hosted on premises.
- On-premises servers are only accessible by a small number of trusted users whose access is limited by a recognised login/password mechanism.
- Access to laptops is limited to company staff, each of which has their own unique set of login credentials.
- Laptops are centrally managed from the secure cloud platform (i.e local accounts are not used at all). This allows access to the device to be disabled from a central location in the event that the laptop is lost for example.
- Geographic restrictions are in place for laptops which are used in secure areas. Such laptops do not have access to the GOTO platform, emails or documents outside of company premises.
If you have particular security requirements, please call us to discuss how we can support you.
Phone calls to and from our offices are recorded to ensure we are dealing with our conveyancers in the manner that they expect. These recordings are therefore processed under legitimate interest when used for training and quality purposes. It may also be necessary to share recordings with governing regulatory bodies where we have a legal obligation to do so. If you don’t want your call to be recorded, just let us know at the beginning of the phone call.
As a Conveyancer, you have rights in respect of our processing of your personal data. The relevant rights are:
- Request a copy of your personal data and information about our processing of it
- Request that we delete information on you, if we do not need to hold it
- Request that we correct any personal data that we hold on you
- Request that we stop processing your data, although we can still hold it
- Request that we move your data to another organisation’s IT system electronically
If you want to exercise any of these rights, please contact us at firstname.lastname@example.org
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here:
If you want to talk to us about this, please email email@example.com