GDPR Compliance

How OccuMax Partners complies with the General Data Protection Regulation

Our Commitment to GDPR

OccuMax Partners Ltd is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your data rights seriously and have implemented comprehensive measures to protect your personal information.

Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Contract: To provide our property management services
  • Consent: Where you have given explicit consent
  • Legitimate Interests: To improve our services and prevent fraud
  • Legal Obligation: To comply with legal and regulatory requirements

Your Data Protection Rights

1. Right to Be Informed

You have the right to know how your data is collected, used, and shared. Our Privacy Policy provides comprehensive information about our data practices.

2. Right of Access

You can request a copy of all personal data we hold about you. We will provide this within 30 days at no charge.

How to exercise: Email director@occumaxpartners.com with "Data Access Request" in the subject line.

3. Right to Rectification

You can request correction of inaccurate or incomplete personal data. We will update your information within 30 days.

How to exercise: Update directly in your account settings or contact us.

4. Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances. We will comply unless we have a legal obligation to retain it.

How to exercise: Email director@occumaxpartners.com with "Deletion Request" in the subject line.

5. Right to Restrict Processing

You can request that we limit how we use your data in certain situations while we verify accuracy or resolve disputes.

How to exercise: Contact us at director@occumaxpartners.com

6. Right to Data Portability

You can receive your data in a structured, machine-readable format (CSV, JSON, PDF) and transfer it to another service provider.

How to exercise: Use the "Export Data" feature in your account settings.

7. Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

How to exercise: Contact us at director@occumaxpartners.com

8. Rights Related to Automated Decision Making

Our AI assists with decision-making but does not make fully automated decisions with legal or significant effects. You always have the right to human review and can override any AI recommendation.

Data Security Measures

We implement robust technical and organizational measures:

  • Encryption: AES-256 encryption at rest, TLS in transit
  • Access Controls: Role-based access and multi-factor authentication
  • Regular Audits: Security assessments and penetration testing
  • Data Minimization: We only collect data necessary for our services
  • Pseudonymization: Where possible, we use pseudonymized data
  • Backup Security: Encrypted daily backups with restricted access
  • Staff Training: All staff trained in GDPR compliance

Data Breach Procedures

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office (ICO) within 72 hours
  • Notify affected individuals without undue delay
  • Provide clear information about the breach and our response
  • Take immediate action to contain and remediate the breach
  • Document the breach and our response for ICO review

International Data Transfers

We do not transfer personal data outside the UK. All data is stored exclusively in UK-based data centers. If we ever need to transfer data internationally, we will:

  • Obtain your explicit consent
  • Ensure adequate safeguards are in place
  • Use standard contractual clauses approved by the ICO

Data Retention

Data TypeRetention PeriodReason
Account InformationDuration of account + 90 daysService provision
Financial Records6 years after transactionLegal obligation (tax)
CommunicationsDuration of tenancy + 6 yearsLegal obligation (disputes)
Analytics DataAnonymized after 12 monthsService improvement
Marketing ConsentUntil consent withdrawnConsent-based processing

Cookies and Tracking

We use cookies for:

  • Essential Cookies: Required for authentication and security (no consent needed)
  • Functional Cookies: Remember your preferences (consent required)
  • Analytics Cookies: Understand usage patterns (consent required)

You can manage cookie preferences through your browser settings or our cookie banner.

Third-Party Processors

We work with carefully selected third-party processors who comply with GDPR:

  • Cloud hosting providers (UK-based data centers)
  • Payment processors (PCI-DSS compliant)
  • AI service providers (data processing agreements in place)
  • Communication services (GDPR-compliant)

All third-party processors have signed Data Processing Agreements (DPAs) ensuring GDPR compliance.

Children's Data

We do not knowingly process data of individuals under 18 years of age. If we become aware of such processing, we will delete the data immediately.

Making a Complaint

If you believe we have not handled your data in accordance with GDPR, you have the right to lodge a complaint with:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Helpline: 0303 123 1113

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We encourage you to contact us first at director@occumaxpartners.com so we can address your concerns directly.

Contact Our Data Protection Officer

For any questions about how we process your personal data or to exercise your rights:

OccuMax Partners Ltd

Email: director@occumaxpartners.com

Subject Line: "GDPR Request" or "Data Protection Inquiry"

Location: London, UK

We aim to respond to all GDPR requests within 30 days. Complex requests may take up to 60 days, and we will inform you if an extension is needed.

← Back to Home