Privacy Notice
This Privacy Notice explains how we use your data, how long we keep it and our lawful basis for processing it.
It also informs you of your individual rights, as required under the General Data Protection Regulation.
How We Use Your Data
As an architectural practice, we hold data that includes personal details (e.g. names, addresses, contact
numbers, email addresses, location data etc) that have been supplied by clients, consultants, contractors,
suppliers, service providers and other individuals. This data is used solely as part of the Company’s legitimate
purpose of providing a service to the client, for tendering purposes and for administrative records.
For more information please contact our Representative, Derek Logue (Director) via the contact details noted
below or on our Contact page of this website.
How Long We Keep Data
The length of time we retain data is subject to legal and regulatory rules we must abide by. These are set by
authorities such as HMRC and RIBA. Lawful Bases for Processing Data
These would include the following:
Direct consent from the individual;
Necessity to perform a contract;
Protecting the vital interests of the individual;
The legal obligations of the organisation;
Necessity for the public interest;
The legitimate interests of the organisation.
Note: We do not use your personal data for marketing purposes nor do we use automated decision making,
including profiling.
Your Individual Rights
To be Informed
Information has been supplied via this Privacy Notice.
To Withdraw Consent
Where the basis of our processing your data is based on consent, we respect your right to withdraw
consent at any time. Any request must be made either verbally or in writing.
Of Access
You have the right to request access to personal data that we currently hold; such reasonable requests will
be actioned within one month. Please note that a request can be refused or charged if it proves to be
unfounded or excessive in nature.
22 Lodge Road, Coleraine, BT52 1NB
T: 028 703 56138 F: 028 703 42699 E: gmda@g-m-design.co.uk
To Rectification
Any personal data that we hold that provides to be inaccurate will be corrected or deleted immediately upon
discovery or notification.
To Erasure
You have the right to have your personal data deleted. Any request must be made either verbally or in
writing and we will respond within one month to such a request. However please note that this right is not
absolute and only applies in certain circumstances. There are legal obligations we must comply with that
would affect this right. For example, there are legal retention periods of project records of 6-12 years postcontract.
To Restrict Processing
You have the right to request the restriction of personal data; however this is not an absolute right and only
applies in certain circumstances. Any request must be made either verbally or in writing and we will
respond within one month to such a request. Please note that we can refuse to comply with a request that
proves to be unfounded or excessive.
To Data Portability
You have the right to move the personal data you have provided to another service provider (e.g. another
architectural practice). Please note this only applies to the data you have personally supplied to us. Any
such request will be responded to within one month of receipt.
To Object
You have the right to object to the processing of your personal data at any time during the course of a
project. If you have any concerns about the way we handle your data, please feel free to contact our
Representative, Derek Logue. Our contact details are noted at the bottom of this page and can also be
found on the Contact page of this website.
To Complain
If you are unhappy with our response to any request you make, you have the right to complain to the
Information Commissioner’s Office (ICO). Further information can be found on their website:
https://ico.org.uk/concerns/.
Security of Personal Data
We have procedures and policies in place that ensure the security of all data is maintained to prevent or
minimise a Data Breach. If a data breach should occur that is likely to result in a risk to your rights and
freedom, we will report it within 72 hours of discovery.
We will carry out regular reviews of our Privacy Notice to ensure that it remains accurate and up-to-date.