Church Projects Limited (Head Office)
First Floor, Unit A3
Chaucer Business Park
Tel: 01323 416900
Church Projects Limited (Northern)
Tel: 01323 416900
Registered Office: Chantry House, 22 Upperton Road, Eastbourne, East Sussex, BN21 1BF,
Company Registration No: 02531374. VAT Registration No. 562 0613 67
CPL Chartered Architects is committed to protecting the privacy of all our clients and we always act in full compliance with the current UK Data Protection Act.
You do not need to provide any personal information when you browse our website www.cplarchitects.co.uk.
Personal information is only collected when you contact us by post, telephone, email, visit or become a client of our business, and we only use this information to process your enquiry and to provide the services you have requested.
- We will not request more information than we need or store your information for longer than necessary.
- We will not share, disclose or sell any of your personal details to any third party unless you have given us your express permission to do so.
- We will not use your email address to send unsolicited emails.
- We will take reasonable steps to protect your personal data from access by unauthorised parties.
- We will provide on request with full details of any data that we store about you. On receipt of a request for information held, we will provide an initial response with an assessment of the time we anticipate will be required to search our records and provide the information required and we will also advise if any nominal administration charge will apply. This will depend upon the information details requested, the method and location of storage and the time required for retrieval. If a nominal administration charge applies, we will send an invoice and upon receipt of payment of the administrative charge we will then carry out the search and endeavour to provide the requested information within the timescale we have advised. On occasions the time required to retrieve the information may take longer than the initial estimate and if this is the case, we will keep you informed of progress.
Links to other websites
Our website may contain links to other websites. If you follow a link to any of these websites, please note that they may have their own privacy policies and we do not accept responsibility or liability for these policies. We recommend that you check the privacy policies of any sites you visit. Please note that the presence of a link to another website on our website does not imply any kind of endorsement or recommendation of that site.
Intellectual property rights
Unless otherwise indicated, we are the owner or the licensee of all intellectual property rights in our website, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.
If you have any questions relating to this policy, please contact us:
Tel: 01323 416900; firstname.lastname@example.org
What Is GDPR
General Data Protection Regulation ((EU) 2016/679) is the European legislation, which is effective from 25th May 2018. GDPR is replacing the existing UK Data Protection Act and it provides additional legal rights for individuals against organisation who process their personal data.
Who Are We and How to Contact Us
We are CPL Chartered Architects and we can be contacted using the following details: Email – email@example.com, Phone – 01323 416900, Address – First Floor Unit A3, Chaucer Business Park, Dittons Road, Polegate, East Sussex, BN26 6QH
We are committed to ensuring that your personal data is processed in accordance with this policy so please read it carefully and let us know if you have any queries.
How We Will Process Your Personal Data
- Lawfully, Fairly and Transparently
We are processing your data because you have provided us consent by agreeing to this policy or to meet our legal requirements.
You can withdraw your consent at any time by contacting us using the details above, OR We have a legitimate interest to do so in order for us to continue to provide you our services or to meet our legal requirements.
- Why Are We Holding Your Data
We will only process your personal data for the following purposes;
- to enable us to provide you with services
- to send an invitation to an exhibition, such as the Christian Resources Exhibition
- to send a Christmas card
- What Data Are We Holding
We will only hold sufficient personal data to enable us to undertake the purposes set out in clause 2 above. If you believe the personal data we are holding is excessive then please contact us.
- Is All The Personal Data We Hold Relevant
We shall only hold the amount of data necessary to provide you the services. If you feel that any Personal Data we request is excessive or not required then please contact us.
- Keeping Your Personal Data Accurate
You are responsible for ensuring that all personal data provided by you is accurate, and advise us as soon as possible of any amendments required.
We may request that you confirm the accuracy of your personal data, which you are required to respond to within 14 days.
Failure to provide or keep your personal data up to date may result in us ceasing to provide the services to you.
- Storing And Deleting Your Personal Data
We shall store all electronic personal data on a separate server. We shall not store your personal data on any hard-drive of any IT hardware owned or used by us.
We store paper copies of personal data in a secure location.
We shall store your personal data for the duration of the services we provide you with (including any renewal or extension periods) plus 7 years.
If you wish your personal data to be deleted prior to the timescales above, you should contact us and we will action such request within 7 working days.
- Protecting Your Personal Data
We are undertaking all reasonable security measures including but not limited to, storing and backing up the personal data on a separate server, ensuring all IT hardware is password protected and runs both anti virus and security software.
What To Do If You Believe There Is A Personal Data Breach
If you suspect there has been a potential or actual breach of your personal data then you should contact us as soon as possible detailing the nature of the breach (Notice of Breach).
We will acknowledge your Notice of Breach within 3 working days and investigate the breach within an additional 7 working days.
If through the investigation we determine that there has been a personal data breach, then we will take all necessary action in order to rectify the situation and minimize any potential or actual damage caused through such a personal data breach.
We will communicate with you regarding the action being taken.
We will comply with any guidelines issued by the Information Commissioners Office (ICO) in relation to Personal Data Breach’s, including notifying the ICO when required to do so.
Do We Share Your Personal Data
We shall not transfer or share your personal data with any third parties except as follows;
In respect of Clients:
- Client’s contact details are passed to Consultants and Contractors where necessary in order to provide the architectural services for a project.
- Outsourced IT services – KPIT.
- Website design and management – Barkweb.
- We may use the following software to process your personal data:
Xero – for invoicing purposes
NBS Contract Administration – to administer JCT/SBCC contracts and all official RIBA contracts
In respect of Employees:
- Employee’s details are passed to the Company’s Accountants to process the payroll and accounts.
- We may use the following software to process your personal data.
Xero – for accounts
Sage – for payroll
We will use reasonable endeavours to ensure that the third parties stated above comply with GDPR and we will advise you if any third parties change.
When We Act As A Data Processor For You
When you are the data controller who has permitted us to process personal data held by you, then you shall ensure that you have the full consent / rights of the data subject that their personal data being passed to us. You are fully responsible for ensuring that the personal data processed by you and passed to us complies with all principles of GDPR.
If you are a business or organisation then by signing this policy your business / organisation is committed to being GDPR compliant and has taken all reasonable actions to achieve this.
Changes To This Policy
We reserve the right to amend this policy at any time.