Referrer (Introducer) Privacy Notice

If you are a referrer working with us, then this information applies to you:

  • GOTO Group takes data protection seriously.
  • We keep to a minimum the information we hold about you
  • We use your data to manage our relationship with you, meet our legal obligations, let you know about referrer incentives and offers, information about our business and to improve our website
  • We delete your data when it is no longer needed for these things
  • You have privacy rights
  • We are happy to talk to you about how we process and protect your data

What data we hold

We may hold the following information about you:

  • Your name and contact information
  • Payment information
  • Records of calls made (inbound and outbound)
  • CCTV images if you visit our location

Details of the technical personal data that we process if you use our website is below:

  • We generate log files from various servers when you visit our website: this will include an IP address assigned to you or, more likely, to someone who provides you with Internet access.
  • Unless you have adjusted your web browser settings (if and where possible) to refuse cookies, our system will issue cookies as soon as you visit our website or related online services.
  • Some of our websites, like many others, use Google Analytics, a web analytics tool provided by Google to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google can provide more details about their cookies.

Using your information

Managing our relationship with you

We will use your data to manage our relationship with you, allow you to refer your clients to us, and fulfil our contractual obligations with you. You have a responsibility to confirm that clients that you refer to us are fully aware that their data will be transferred.

Communicating with you

We will use your data to let you know about incentives that you can partake in. This is a legitimate thing for us to do and benefits both parties. We will also keep you up to date with our offerings for the same reason.

Technical data

We use log files from our servers to assist in our firm”s security, as well as to determine visitor behaviour and help us plan our strategy (e.g. such as working out which pages on the site are most popular, or whether particular events have caused an increase in traffic).

The basis for processing this is that we have legal and regulatory obligations to protect our supplier and their information. When used for strategy planning, we do this under legitimate interest.

We use cookies to improve your experience of our website, for example to keep you logged in.

Transfers of your data

We do not transfer or process data outside the European Economic Area or other countries deemed to have inadequate protection of data by the EU.

Retention periods

Referrer contact details: for as long as we have a contractual relationship with you, plus 6 years, or for the duration of a dispute with you.

Call recordings – 12 months

CCTV recordings – 90 days

Third parties

As a general principle, we will not transfer your personal data to third parties without your permission.

We do have a small number of companies providing services to us. These are our processors and we have confirmed that they all meet the requirements of the GDPR.

Technical security

GOTO Platform

  • The GOTO platform is hosted on a widely-used and recognised secure cloud platform.
  • Access to the GOTO platform is controlled by an industry standard Authentication mechanism. With the exception of a handful of anonymous pages (such as the Login page), all areas of the system are protected by requiring Username and Password authentication.
  • If a user attempts to access the system with a login/password combination that does not exist in our database, they will not be authenticated and thus refused access.
  • The GOTO platform employs a role-based authorisation system. Logged in users are assigned permissions according to their role and are only permitted to view pages pertinent to that role.
  • All user interaction with the GOTO System is logged to facilitate security auditing.

Email and Office Documents

  • Emails and office documents are hosted and managed on a widely-used and recognised secure cloud platform.
  • Access to items is limited to users who have been authenticated by a login/password mechanism.
  • Access to emails and documents is further restricted according to role. Logged in users are only permitted to view emails and documents pertinent to their role.
  • Geographic restrictions are used where appropriate, for example to prevent access to documents by users who are off-premises.

Servers

  • Platform, email and document servers are maintained in a secure cloud environment as already stated. Administration access to the cloud environment is restricted to a small number of trusted users and limited by a recognised login/password mechanism.
  • Administration access to cloud platforms is logged.
  • Specialised servers (such as the server which maintains call recording for example) are hosted on premises.
  • On-premises servers are only accessible by a small number of trusted users whose access is limited by a recognised login/password mechanism.

Laptops

  • Access to laptops is limited to company staff, each of which has their own unique set of login credentials.
  • Laptops are centrally managed from the secure cloud platform (i.e local accounts are not used at all). This allows access to the device to be disabled from a central location in the event that the laptop is lost for example.
  • Geographic restrictions are in place for laptops which are used in secure areas. Such laptops do not have access to the GOTO platform, emails or documents outside of company premises.

If you have particular security requirements, please call us to discuss how we can support you.

Call recording

Phone calls to and from our offices are recorded to ensure we are dealing with our conveyancers in the manner that they expect. These recordings are therefore processed under legitimate interest when used for training and quality purposes. It may also be necessary to share recordings with governing regulatory bodies where we have a legal obligation to do so. If you don’t want your call to be recorded, just let us know at the beginning of the phone call.

Your rights

As a referrer (Introducer), you have rights in respect of our processing of your personal data. The relevant rights are:

  • Request a copy of your personal data and information about our processing of it
  • Request that we delete information on you, if we do not need to hold it
  • Request that we correct any personal data that we hold on you
  • Request that we stop processing your data, although we can still hold it
  • Request that we move your data to another organisation’s IT system electronically

If you want to exercise any of these rights, please contact us at humanresources@gotogroup.co.uk

You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here:

https://ico.org.uk/global/contact-us/postal-addresses

Contact us

If you want to talk to us about this, please email humanresources@gotogroup.co.uk

Join GOTO Group today

Sign up today to receive industry insights direct from GOTO Group HQ.

Learn More