Privacy Notice (Buyer)

The Data Controller connected with this Privacy Notice is Johns & Co Real Estate Ltd

1. Purpose

In this instance your data is being processed for the specific purpose of buying a property through Johns & Co.

2. Lawful Basis

The collection of your data for this purpose is under the Lawful Basis of Contract, because we require this information in order to manage the formation and execution of a contract between you, the Buyer and the Vendor (Seller) of the property, who has appointed Johns & Co to act as their Agent in this matter.

3. Information Collected

The personal data we will collect and process about you in connection with this purpose is:

Name
Address
Telephone number(s)
Email Address
Proof of ID
Proof of Address
Proof of funds

In addition, we may collect other non-personal data such as:

Solicitor’s details
Financial Adviser’s / Mortgage Broker’s details
Details regarding any associated sales “Chain” if you are selling a property in order to make the purchase.

4. Retention

Under the Lawful Basis referenced in paragraph 2, your data will be retained to the end of the financial year in which your property purchase is completed and for a further 6 years thereafter in accordance with HMRC requirements for financial record keeping. Thereafter some details of the property will be retained indefinitely for historical record keeping purposes, to aid any future evaluation of the property, past sales activity and property value.

5. Destruction

At the end of this retention period your data will be destroyed using an approved method unless prevented by Court order.

6. Data Sharing

Whilst we control your personal data we will need to share this data with the following parties, for the following purposes, in order to provide you with the services you are seeking from us:

Eurolink Technology Ltd and Bespoke Systems Ltd for the sole purpose of providing Johns & C^o with IT services to maintain and store a consumer database so we can provide you with our service.
The Vendor for the purpose of expediting the purchase.
The Buyer’s and Vendor’s solicitors for the sole purpose of facilitating the purchase. The details of these firms will be made known to you in the Memorandum of Sale, which will be issued to all parties at the point at which the purchase is agreed, subject to contract.
The other Agents in the “Chain” of sales / purchases associated with the sale, for the sole purpose of managing the sale.
Identity and fraud prevention suppliers to ensure we are compliant with our legal responsibilities in relation to Anti Money Laundering and other legislation.
The Property Ombudsman for the sole purpose of administering any investigation by them.
Digital Ethos Limited and dotdigital EMEA Limited for the purpose of email marketing.

7. Rights of the Data Subject

Under the General Data Protection Regulation, you, the Data Subject have certain rights regarding the control and processing of your personal data. Details regarding your rights can be found on the Information Commissioner’s Office (ICO) website.
Should you wish to contact Johns & Co in order to exercise any of these rights, please email the Data Controller’s representative using the following email address: smoir@johnsand.co. Alternatively, please call +44 (0)20 7118 0200 and ask to speak with Sophie Moir.

8. Security

Recognising the importance of personal data to our consumers, we endeavour to put in place appropriate organisational and technical measures to protect that data.
Personal data we hold on electronic media is encrypted and stored in a secure data centre located in the UK.
We do not generally hold personal data on paper. Where we do take it, we shred it just as soon as the details have been transferred onto our IT systems. In the few instances where we have some legacy files covering historic transactions these are secured in lockable cabinets in secure offices.
Data Subjects should be aware that not all electronic communications are secure. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government advice. However, if your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

9. Additional Services

As a consumer of our services we may occasionally contact you to make you aware of other similar services we offer, which we feel could be of assistance to you. Such communications will be sent to you under the Privacy and Electronic Communications Regulations and you will be given the option to opt out of similar communications on each occasion.

10. Data Protection Concerns

Should you have any concerns regarding the way an organisation is processing your personal data, the ICO recommends that in the first instance you contact the organisation concerned. If the organisation does not address those concerns in an appropriate manner, you then have the option to escalate the issue to the ICO. If you wish to contact us because you have concerns about our use of your personal data, please contact us using the details provided in paragraph 7.2.

11. Updates

This Privacy Notice is kept under review and is updated as appropriate. It was last updated on 6th July 2023.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
csrftoken	1 year	This cookie is associated with Django web development platform for python. Used to help protect the website against Cross-Site Request Forgery attacks
giosg_chat_id_3374	2 years	A generic cookie that helps manage the Giosg chat function.
giosg_gid_3374	2 years	A generic cookie that helps manage the Giosg chat function.
giosg_gsessid_3374	30 minutes	A generic cookie that helps manage the Giosg chat function. Specifically, sessions.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
LoadChatScript	1 day	This script loads the Giosg chat bot.
PHPSESSID	1 month	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
sgid	2 years	Used by Giosg as a generic cookie identifier.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjid	1 year	This is a Hotjar cookie that is set when the customer first lands on a page using the Hotjar script.
_hjIncludedInPageviewSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjTLDTest	session	To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.
AnalyticsSyncHistory	1 month	No description
CONSENT	16 years 2 months 19 days 15 hours 4 minutes	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
gid	2 years	Google Analytics installs this cookie to store a unique value when the user visits each page.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
desktopPoweredLink01112020	1 year	Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement.
fr	3 Months	Used by Facebook to provide ad delivery or retargeting.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
li_gc	2 years	Used by LinkedIn to store consent of guests regarding the use of cookies for non-essential purposes.
li_sugr	3 months	LinkedIn cookie that is used to store browser details.
NID	6 months	NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Privacy Policy (Buyer)