Smith Property Management (“SPM” “we”, “our” and “us”) respects your privacy and is committed to protecting your personal data.
In this notice, we explain how we process and use any data we collect, or data you give us, through this website.
If we have sent you any engagement letters, privacy notices or fair processing notes, read them alongside this notice. This notice supports those documents and will give you a complete picture of how and why we are using your data.
What is Personal Data?
Personal Data is any information relating to a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Who we are and how to contact us?
In circumstances where we control Personal Data by deciding why and how that Personal Data is processed, SPM will be a “Data Controller”.
Where SPM are acting on instructions from the OMC, The OMC will be the Data Controller, and as such it will be the privacy statement or data protection policy of the OMC that will govern the collection, use and processing of your personal data.
If you have any questions about this data protection statement, including any request to exercise your legal rights, please contact us by writing to our Data Protection Officer by emailing firstname.lastname@example.org or by post to Smith Property Management, Block 36-41, Dunboyne Business Park, Dunboyne, Co. Meath.
Categories of personal data and how we use it.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data includes first name, last name, username, or similar identifier, title, and gender.
- Contact Data includes email address and telephone number.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, your interests, preferences, and feedback.
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
How we obtain your information?
We use different methods to collect data from and about you including through:
You may give us your Identity and Contact Data by filling in forms or by corresponding with us by email or otherwise. This includes personal data you provide when you:
(a) request our services;
(b) subscribe to our service or publications;
(c) request marketing to be sent to you;
(d) give us some feedback; or
(e) apply for a job with the Business.
Automated technologies or interactions
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
Third parties or publicly available sources
We may receive personal data about you from various third parties such as your Owner Management Company (“OMC”)
What Personal Data does SPM collect and use online?
SPM collects various types of Personal Data when a person uses our website. The following are examples of Personal Data collected by our website.
- SPM provides Contact Forms on its website; this enables us to deal with you query in a timely manner. We also provide a Customer Help Centre, where administration requests, maintenance request and payments can be made https://spm.ie/help-centre/ . Information on what personal data is collected via these forms are provided below.
- Access to the My Blockman portal is available through the SPM website, further information on My Blockman is provided below.
The purpose and legal basis for processing your information.
SPM collects and processes the Personal Data described below for a variety of purposes. Below is a summary of these purposes and the lawful justifications that support them:
- To enter into and perform a contract with you.
- We may process your information in order to enter into a contract with you or to provide you with a service which you have requested from us. To comply with our legal obligations
We are required to process your personal information to comply with certain legal and regulatory obligations to which we are subject. For example, we are required to obtain/retain certain business records in accordance with company and revenue law which may include your personal information.
For our legitimate business interests
We may use your personal information for the purposes of carrying out activities that are in our legitimate interests (or those of a third party). Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms.
We may use your personal information to manage our everyday business needs, including accounting, internal reporting needs, and market research, to progress and respond to legal claims, security of our premises and staff through use of CCTV, to process claims, to ensure appropriate IT security and to prevent fraud.
We may also contact you in the event of updates about our business such as opening hours, change in address, updates about our site etc. We do this in our legitimate interest to keep you updated of changes within our organisation.
With your consent
To protect your vital interests
We will in certain circumstances use your personal information to protect your vital interests.
|Purpose||Description||Lawful Basis for Processing|
|Provision of Services||We will process your personal data to provide the service you have requested.||The processing is necessary for the performance of a contract to which the data subject is party.|
|Online Payment Service||We may process your data for the purpose of providing online payment services||The processing is necessary for the performance of a contract to which the data subject is party.|
|Quality Improvement / Staff Training||All, written communications, and communications received through the web are stored by us.||The processing is in our legitimate interests in providing a high standard of services to our customers and members of an OMC by assessing and identifying areas for improvement.|
|CCTV||We operate a CCTV system on our premises to protect the safety and security of our staff and property and for health and safety purposes.||The processing is in our legitimate interests as a private company regarding Health, Safety and Security.|
|Maintenance Request /Safety Notifications||We may use your personal data to contact you regarding an urgent safety measure or where you have requested maintenance on your property||The processing is necessary for the performance of a contract to which the data subject is party.
The processing may be necessary to support your vital interests.
|Legal obligation||We may use your personal information to comply with various legal obligations including:
Multi-Unit Development Act (Mud Act)
Making a payment of VAT and revenue reporting obligations
To comply with anti-money -laundering regulations.
COVID 19 Contact Tracing Logs
COVID 19 Return to work Safely Forms of SPM employees
*this is not an exhaustive list
|The processing is necessary for compliance with a legal obligation to which the controller is subject|
|Dealing with enquiries||To respond to correspondence, you send to us and fulfil the requests you make to us (for example requests for information about our services]
To respond to contact forms via our Help Centre
|To takes steps prior to the entry into a contract with you and for our Legitimate Business Interests|
|To understand our customers||We may use your personal information on an aggregate basis to help us understand our customer base||We rely on our legitimate interest to understand our customer base.|
|Business needs||We may also use your personal information to manage our everyday business needs, including accounting, sharing your information within our consultants, and to prevent fraud.||We rely on our legitimate interest in the effective management of our business|
|Website Security||To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud
(b) Necessary to comply with a legal obligation
|Website analytics||To use data analytics to improve our website, products/services, customer relationships and experiences||With your consent where your data has been collected through our website. We use the data to define types of visitors to our websites, to keep our website updated and relevant, to develop our business strategy|
Use of Personal Data for a Secondary Purpose
We may sometimes use the personal data we collect for a secondary purpose, that may differ from the original purpose of collection. We will only do this under the following circumstances.
- Where you have consented
- Where the secondary purpose is directly related to the original purpose, and you would reasonably expect us to use or disclose the information in this way.
- Where we are required by law, or it is in the interests of public safety to do so.
Who do we share information with?
Third Party Service Providers: We may disclose Personal Data to third parties in certain instances. For example, we use third party service providers for the processing of Personal Data for a number of purposes, including, security service providers, consultant advisors, IT service providers, printers, debt collection agencies, valuers, and administrative services. These service providers are subject to a contractual obligation to only process Personal Data obtained from us for purposes to which it was obtained and in accordance with our instructions.
In certain circumstances we may disclose personal data to other external third parties such as professional advisors as necessary in the context of the performance of their services. Such recipients may include external legal advisors, auditors, actuaries, pension and tax advisors, pension administrators and other professional advisors.
We will not sell nor provide your Personal Data to third parties who may contact you for direct marketing or promotional purposes .
Garda Síochána, Government or Quasi-Government Bodies, Courts and Tribunals: We may share your personal information with these organisations and bodies, where required to do so by law.
Potential sale or merger: If we sell any part of our business and/or integrate it with another organisation, your details may be disclosed to our advisers and to prospective purchasers or joint venture partners and their advisers. If this occurs, the new owners of the business will only be permitted to use your information in the same or similar way as set out in this data protection statement.
My Blockman: My Blockman is operated by Top Floor Systems Limited please review their Privacy Statement for further information on how they use and manage cookies https://spm.myblockman.ie/terms/privacy_policy .
Access to My Blockman is via the SPM website. You can reset your password or request that your password be re-sent to you at the login screen for Customer Login https://spm.myblockman.ie/login All information is password protected, so no one except you should be able to access your personal data.
What type of information is collected?
As a Property Management Company we need to collect many categories of personal data (about you and other parties) for the purposes set out in this Privacy Statement.
The following table is a non-exhaustive list and provides an indication of the categories and types of personal data we use to perform our duties as a Controller and as a Processor on behalf of your Owner Management Company (“OMC”).
|Purpose||Type of Data|
|Service Enquiry (Contact Form)||Name, Email, Contact Numbers|
|OMC Member Services||Name, Email, Contact Numbers, Address, Name of Development, Vehicle Registration|
|Provision of Services||Name, Postal Address, Email, Contact Numbers, Name of Development Bank Details, Vehicle Registration,|
|OMC Member Help Center (Contact Forms)||Name, Postal Address, Email, Contact Numbers, Name of Development,|
|Finance/Online Payments||Name, Email, Contact Numbers, Address, Name of Development, Bank Details (Direct Debit) Visa/Debit Card Details*|
|Security||CCTV Footage, I.P Address, Device Details|
|IT Information||We collect information about your internet activity using technology known as cookies. Your consent will be required for certain cookie types. See our cookies policies on our websites for further information.|
*Note: Information is transmitted from our servers for processing using encryption technologies to our payment processor to verify the credit/debit card and to process the payment. Credit /Debit card details are not stored by SPM.
The period for which we will keep your personal information will depend on the lawful use of your personal data. The retention period may be longer than the period for which we are providing services to you where, for example, we have a legitimate interest in retaining such information that is not outweighed by your fundamental rights and freedoms, or where we have statutory or regulatory obligations to retain personal information for a longer period, or where we may need to retain the information in the event of a legal claim.
SPM endeavors to ensure that Personal Data is retained for an appropriate period and no longer than necessary. Retention of data is detailed in our Data Retention Policy.
Transfers outside the European Economic Area
We may transfer, store, or process your personal information to countries outside the European Economic Area. Where the laws of such countries do not afford an equivalent level of protection of personal information as the laws of Ireland, we will take specific steps in accordance with data protection law to protect your personal information.
We will use one of these safeguards:
- Transfer to a non-EEA country with privacy laws that give the same protection as the EEA.
- Put in place a contract (in a form that is approved by the European Commission) with the recipient of the personal information that means they must protect it to the same standards as the EEA.
- Transfers to organisations that are part of an EU Framework that sets privacy standards for data sent between countries. These frameworks make sure those standards are like what is used within the EEA.
Processing for Security Purposes
SPM has closed circuit television cameras (“CCTV”) located throughout its premises covering buildings, internal spaces, car parks, roads, pathways, and grounds. The CCTV system is implemented in a proportionate manner as necessary to protect our property against theft or pilferage and for the security of employees, customers, members, and visitors to our premises (to protect their vital interests). Whilst CCTV footage is monitored by SPM, senior management, security staff or contractors, access to recorded footage is strictly limited to authorised personnel. Footage is retained for 30 days, except where incidents or accidents have been identified in which case such footage is retained specifically in the context of an investigation of that issue. CCTV footage may be used in the context of disciplinary proceedings involving SPM employees and to detect, establish and/or defend legal proceedings (to protect the vital interests of our, staff and affected individuals). CCTV footage is not disclosed to third parties except where disclosure is required by law (such as for the purpose of preventing, detecting, or investigating alleged offences) and in such instance’s disclosure is based on a valid request. Signage indicating that CCTV is in use is displayed throughout SPM premises.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
Inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
In accordance with applicable laws, we ensure that all Personal Data controlled by us is held securely using appropriate security measures including the following:
- Physical measures such as locked filing cabinets and offices containing Personal Data;
- Provision of targeted annual data protection training to employees who have access to and process Personal Data;
- Time limits on retention of personal data;
- IT security systems;
- Business Continuity Plans ,Disaster Recovery and Back Ups;
- Access Controls;
- Password restrictions on access to Personal Data; and technical measures including:
- Encryption on SPM laptops/portable devices and endpoint security
- Logging mechanisms which record access to Personal Data and alteration and other processing of Personal Data.
In the event of a personal data breach, SPM will comply with applicable reporting and notification obligations under data protection law. SPM has in place a Breach Notification Policy.
Terms and Conditions
Please visit our terms and conditions section which provide information on the use, disclaimers and limitations of liability governing the use of our website https://spm.ie/terms-conditions/
In certain circumstances, you have the following rights under data protection law in relation to your personal data:
A right to access Personal Data held by SPM.
- Any individual has a right to make an access request, in writing, under data protection law for a copy of their Personal Data controlled by SPM, we may ask for further identification details to confirm your identity before the relevant information is provided.
- It should be noted that there may be specific exemptions relating to accessing Personal Data. If we utilise any of the exemptions, we will provide you with details and our justification for their use.
Other data protection rights
- Rectification of inaccurate personal data;
- Erasure of personal data (also known as the “right to be forgotten”);
- Restriction of processing of persona data;
- Right to data portability;
- Right to object to processing of personal data.
If you wish to exercise any of these rights, please contact our Data Protection Officer, IDPAA Limited using the contact details below. We will endeavor to respond to your request within a month. If we are unable to deal with your request within a month, we may extend this period by a further period of two months, and we will explain why. If your request is related to the processing of your personal data on behalf of your Owner Management Company (“OMC”) SPM will notify you of same and will also notify the Controller of your request.
By Post: Block 36-41, Dunboyne Business Park, Dunboyne, Co. Meath A86 XY27
By Email: email@example.com
By Phone: + 353 (0) 1 8255423
You also have the right to lodge a complaint to the Office of the Data Protection Commission. For further information please see www.dataprotection.ie
This Data Privacy Notice may be updated from time to time (Latest update 30th May 2021). You will always find the most up to date version on our websites at https://spm.ie/privacy-statement/.