Qualis Group Ltd take data privacy very seriously and this privacy notice contains information about who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.
We are the Data Controller who collect, use and are responsible for certain personal data retained by us about you. When we do so we are subject to The Data Protection Act 2018.
We are registered as a data controller for the purposes of the Data Protection Act 2018. Our registration number on the register of data controllers maintained by the Information Commissioner is ZA769919.
It would be helpful to start by explaining some key terms used in this notice:
We, us, our | Qualis Group Ltd (Registered No 12250938) which consists of:
Qualis Commercial Registered No: 12551397 Qualis Property Solutions Registered No: 14556543 Qualis Community Registered No: 13281212 Qualis Homes Registered No: 11114084
whose registered address is at 323 High Street, Epping, England, CM16 4BZ |
Our Data Protection Officer | Our Group Level Data Protection Officer who oversees company compliance |
Personal data | Any information relating to a living identified or identifiable individual |
Special category personal data | Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership Payments, banking and financial data ID data Genetic data Biometric data (where used for identification purposes) Data concerning health, sex life or sexual orientation |
Data subject | The individual who the personal data relates to |
The personal data we collect about you depends on the services we provide to you and will include the following personal data about you:
We take reasonable steps to ensure your personal data remains accurate and up to date. To help us with this, please let us know if any of the personal data you have provided to us has changed, e.g. your surname or address.
Please do this by notifying the Data Protection Officer on the details above.
We collect most of this personal data directly from you—in person, by telephone, text or email and/or via our website. However, we may also collect information:
Under data protection law, we can only use your personal data if we have a proper reason. At Qualis Group Ltd the legal reasons we apply to our data processing activities are:
A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We carry out the required assessment when relying on legitimate interests, to balance our interests against your own.
The table below explains what we use your personal data for and why.
What we use your personal data for | Our reasons |
Providing services to you | To deliver the agreed contracted services Pre contract preparation |
Preventing and detecting fraud against you or us | For our legitimate interest, i.e. to minimise fraud that could be damaging for you and/or us |
Conducting checks to verify customer identity Screening for financial and other sanctions or embargoes Other activities necessary to comply with professional, legal and regulatory obligations that apply to our business. | Depending on the circumstances:
|
To enforce legal rights or defend or undertake legal proceedings | Depending on the circumstances:
|
Ensuring business policies are adhered to, e.g. policies covering security and internet use | For our legitimate interests, i.e. to make sure we are following our own internal procedures |
Operational reasons, such as improving efficiency, training and quality control | For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you at the best price |
Ensuring the confidentiality of commercially sensitive information | Depending on the circumstances:
|
Statistical analysis to help us manage our business (e.g. financial performance, customer base, service range or other efficiency measures) | For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you |
Preventing unauthorised access and modifications to systems | Depending on the circumstances:
|
Protecting the security of systems and data used to provide the services | To comply with our legal and regulatory obligations and to protect our business assets |
Updating and enhancing customer records | Depending on the circumstances:
|
Statutory returns | To comply with our legal and regulatory obligations |
Ensuring safe working practices, staff administration and assessments | Depending on the circumstances:
|
Marketing our services and those of selected third parties | For our legitimate interests, i.e. to promote our business to current/previous customers and third parties |
To share your personal data with members of our group and third parties that will or may take control or ownership of some or all our business (and professional advisors acting on our or their behalf) | Depending on the circumstances:
|
We do not sell, rent or trade your personal data and limit the access to personal data based on strict management processes and security procedures.
We do however share with a range of partners and contacts outlined below:
Where possible we aim to process data within the UK or EEA. However, the use of proprietary software packages often results in data being transferred to countries outside the UK or EEA.
Where data is transferred outside the UK or EEA we make every effort to ensure that the software we use adheres to international best practice for data security and appropriate data transfer mechanisms are adhered to.
Data protection legislation requires us to retain personal data for the minimum period required to undertake the processing activity. We therefore only retain data according to contractual or legal obligations.
Personal data related to financial transactions must legally be retained for 7 years.
Some contracts may have longer data retention periods. Where your data has been processed in relation to a specific contract that retention period will apply.
You may unsubscribe from marketing communications at any point by clicking on the link in the email or by contacting the Data Protection Officer named above.
All individuals have a set of rights relating to the control of personal data as detailed below:
To be informed | To be clearly told why, how, when and by who your personal data is being collected. Additionally, you have the right to know who has access to your data, how long it will be retained and how it will be deleted. |
Access | The right to be provided with a copy of your personal data |
Rectification | The right to require us to correct any mistakes in your personal data |
Erasure (also known as the right to be forgotten) | The right to require us to delete your personal data— in certain situations |
Restriction of processing | The right to require us to restrict processing of your personal data in certain circumstances, eg if you contest the accuracy of the data |
Data portability | The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations |
To object | The right to object:
|
Not to be subject to automated individual decision making | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you |
The right to withdraw consent | If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time You may withdraw consent by contacting our Data Protection Officer on the details above. Withdrawing consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn |
If you would like to exercise any of those rights, please contact our Data Protection Officer on the contact information above.
We take every reasonable precaution to protect against the loss, misuse or alteration of your personal data and to ensure that it will be processed in accordance with this Notice.
Unfortunately, the transmission of data via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically. You acknowledge and accept that, despite our efforts to protect your personal data, there is a risk that others may try to intercept the information you provide to us. Transmission of your personal data is entirely at your own risk.
Once we have received your personal data, we use strict procedures and security features to prevent unauthorised access. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.
If you wish to complain about this privacy notice or any aspect of our data management processes, please contact the Data Protection Officer on the contact details above.
If we are unable to resolve your complaint then you may complain to the ICO using any of the following methods:
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
This privacy notice was published in 20th March 2024 and will be updated in 20th March 2025.
We may change this privacy notice from time to time—when we do we will inform you via our website or email.
You can contact us and/or our Data Protection Officer by post, email or telephone if you have any questions about this privacy notice or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our contact details are shown below:
Qualis Group
323 High Street
Epping
Essex
CM16 4BZ
Qualis Group 0333 230 0460
