Last updated: 27th June 2018
Data Protection Principles
We employ the following key principles of data protection, that data must be:
- fairly and lawfully processed in a transparent manner;
- processed for specified, explicit and legitimate purposes;
- adequate, relevant and limited to what is required for the purposes of processing, without being excessive;
- accurate, up-to-date and rectified as necessary without undue delay;
- kept no longer than is reasonably required;
- processed in accordance with the rights of the data subject;
- processed securely and not transferred to other jurisdictions or countries without adequate protection.
Clients and Customers
As Architects, we typically keep personal data as is required to maintain contact with our Clients, who engage us for our services as their consultant or otherwise in order for us to represent them as their agent for specific purposes, typically in relation to a certain project. This data may include their home or service address, email address and phone number(s), or other geolocation data from which they might be identified. This is typically processed for the purpose of project-related correspondence.
We may be required to provide Clients’ information to authorities in order to obtain statutory approvals on our Clients’ behalf. When such approvals require a public consultation process as part of an application, such data may become public record as a matter of course. Such disclosures as may be necessary are made clear to our Clients when we are engaged to represent them as their agent, or later in the course of our service.
If our Clients engages the services of any other professional or consultant during the course of a project, we will only provide any personal data of our Client with the express permission of our Client and only when required to do so.
Clients’ personal information kept for the purposes of contact is retained for a maximum of 24 months after the completion or termination of our appointment. We will, however, retain drawings or other project information as part of our archive, pursuant to statutory limitations, which may include Clients’ information, such as addresses.
Our prospective Clients’ information is treated in the same manner as our established Clients, up until the cessation of our negotiations, at which time such personal data will be deleted. Our established Clients are those who have completed a form of appointment or agreement with us or have formally engaged us as their Architect.
Recruitment and Employees
All employment-related enquiries received are kept confidential. If no suitable vacancy is available at the time of receipt, any personal data provided as part of the correspondence, curriculum vitae or other documentation are retained, should a vacancy arise. Such information is retained for a maximum of 12 months after receipt.
The personal data of our employees is held for as long as they are employed by HLA and for no longer than 24 months after the end of their employment with HLA.
Website and Social Media
HLA maintain a website providing information in relation to its practice and past projects. HLA also maintain a number of social media accounts, such as Facebook and LinkedIn. If contacted by social media, we will treat this correspondence in the same manner as if it had been provided by email or by postal mail.
We cannot guarantee the security or privacy of third-party messaging platforms which are beyond our control.
Should you require any further clarification as to how we manage and process personal data, or if you would like to know what information we hold about you personally as a data subject, please do not hesitate to contact us.
To ensure that personal data remains secure we may require you to provide us with details sufficient for us to determine your identity before such information is disclosed.
You can find further information in relation to personal data regulations on the Isle of Man Information Commissioner’s Website.