Privacy Policy
1. Introduction
This Privacy Policy explains how Rossenstock collects, uses, processes, and protects your personal data when you use our website www.rossenstock.com or engage with our multi-disciplined commercial real estate services (brokerage, interior re-design, and art curation).We are committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. The Data We Collect
We may collect, use, store and transfer different kinds of personal data about you, including:| Category of Data | Examples of Data Collected | Relevance to Rossenstock |
| Identity Data | Name, title, company name, job title, details from identity documents (for AML checks). | Required for contracts, professional communication, and legal compliance. |
| Contact Data | Residential or office address, email address, telephone number. | To contact you regarding properties, valuations, or design projects. |
| Financial Data | Banking details, source of funds, mortgage details, or financial standing. | Required for anti-money laundering (AML) checks, contract performance, and security deposits. |
| Property Data | Details of properties you own, wish to sell/buy/lease, preferences (size, location, use type). | To provide targeted brokerage and valuation services. |
| Usage Data | IP address, browsing patterns on our website, time zone, and how you use our services. | To improve website functionality and service delivery. |
| Service Data | Details about your interior re-design requirements, art preferences, and specific project briefs. | To perform our contracted re-design and sourcing services. |
| Marketing Data | Your preferences in receiving marketing from us and our third parties. | To inform you about new listings and relevant services. |
3. How We Collect Your Data
We use different methods to collect data from and about you, including:- Direct Interactions: When you fill in forms on our website (e.g., valuation request, property alerts), correspond with us by email, phone, or post, or during contract negotiations for brokerage or re-design services.
- Third Parties: We may receive Identity and Financial Data from third parties such as solicitors, credit reference agencies, or property portals for legal or contractual purposes.
- Automated Technologies: We collect Usage Data about your equipment, browsing actions, and patterns using cookies and server logs when you visit our website.
4. Lawful Basis for Processing (GDPR)
Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following:| Lawful Basis | Purpose for Processing | Relevant Services |
| Performance of a Contract | To perform the contract we are about to enter into or have entered into with you (e.g., buying/selling/leasing a property, carrying out a re-design). | Brokerage, Leasing, Interior Re-Design, Art Sourcing. |
| Legal Obligation | To comply with our legal duties, especially the Money Laundering Regulations 2017 (AML). | Seller/Buyer Verification, financial checks. |
| Legitimate Interests | To manage our business, improve our services, prevent fraud, and send relevant property alerts (where your rights do not override ours). | Marketing updates, website security, service improvement. |
| Consent | For direct marketing communications where required, or for processing specific special category data (rare). | Direct email/SMS marketing (you can withdraw consent anytime). |
5. How We Use and Share Your Data
We will only share your personal data with third parties when necessary for the purposes of our services or to comply with the law. These third parties include:- Professional Advisers: Solicitors, surveyors, valuers, accountants, and lenders/mortgage brokers.
- Property Service Providers: Contractors and designers involved in our Interior Re-Design services, sourcing partners, and maintenance companies.
- Regulatory & Legal Bodies: HMRC, police, and regulatory authorities (e.g., ICO) where legally required.
- IT Service Providers: Cloud storage, email providers, and website analytics providers (e.g., Google Analytics).
6. Data Security and Retention
- Data Security: We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way.1
- Data Retention: We will only retain your personal data for as long as nec2essary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements (typically 6 to 7 years following the completion of a transaction or end of a contract).
7. Your Legal Rights
Under UK GDPR, you have rights regarding your personal data. You have the right to:- Access: Request access to your personal data (a Data Subject Access Request).
- Rectification: Request correction of inaccurate personal data we hold about you.
- Erasure: Request deletion of your personal data in certain circumstances.
- Object: Object to the processing of your personal data based on legitimate interests.
- Restriction: Ask us to suspend the processing of your personal data.
- Data Portability: Request the transfer of your data to you or a third party.
To exercise any of these rights, please contact us using the details below.
8. How to Contact Us
If you have any questions about this privacy policy or our data practices, please contact us:Email: hello@rossenstock.com
Address: Suite 362, 17a Highgate High Street, London, England, N6 5JT