GO Lettings Ltd
- Who We Are
GO Lettings Ltd is the Data Controller responsible for your personal data.
Registered Address:
10 Blackhorse Lane, North Weald, Epping, Essex, United Kingdom, CM16 6EP
Email: info@golettings.co.uk
ICO Registration Number: ZA629454
We are registered with the Information Commissioner’s Office (ICO) under the Data Protection Act 2018 and UK GDPR.
- What Personal Data We Collect
We collect and process personal data relating to:
• Prospective tenants
• Tenants
• Former tenants
• Guarantors
This may include:
• Full name
• Date of birth
• Current and previous addresses
• Telephone number and email address
• Employment and income details
• Bank account details
• Credit history and referencing information
• Identification documents (passport, driving licence)
• Right to Rent documentation
• CCTV footage (in communal areas where installed)
• Call recordings (where applicable)
• Correspondence via email, SMS or WhatsApp
We do not intentionally collect special category data (such as health or biometric data) unless legally required.
- Lawful Basis for Processing
We process personal data under the following lawful bases:
a) Performance of a Contract
To:
• Assess tenancy applications
• Prepare and manage tenancy agreements
• Collect rent
• Arrange repairs and maintenance
• Communicate regarding tenancy matters
b) Legal Obligation
To:
• Carry out Right to Rent checks
• Protect tenancy deposits
• Comply with housing legislation
• Respond to HMRC, local authority or court requests
c) Legitimate Interests
To:
• Protect our property and business
• Recover unpaid rent or damage costs
• Conduct due diligence and referencing
• Maintain accounting records
• Prevent fraud
We do not rely on consent where another lawful basis applies.
- Who We Share Data With
We may share your data where necessary with:
• Referencing agencies
• Deposit protection schemes
• Letting agents (where instructed)
• Maintenance contractors
• Accountants
• Solicitors
• Debt recovery agents
• Utility providers
• Utility switching services
• Local authorities
• Licensing bodies
We ensure all third parties process data securely and lawfully.
- International Data Transfers
We use Microsoft 365, SharePoint and related cloud services. These services may involve processing or storage of data outside the UK.
Where data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR, including:
• Standard contractual clauses
• Adequacy decisions
• Approved data protection frameworks
- How We Store Your Data
Your personal data may be stored:
• Within Microsoft 365 and SharePoint systems
• Within our in-house property management system
• On secure local devices
• On website systems
• In limited paper format for legacy files
• Via CCTV systems
• Via business telephone systems capable of call recording
We use password protection, restricted access controls and secure cloud infrastructure to protect your data.
- Data Retention
We retain personal data only for as long as necessary for the purpose it was collected.
Typical retention periods:
• Tenancy records: Up to 6 years after tenancy ends
• Financial records: 6 years (for tax and legal purposes)
• Right to Rent documentation: 12 months after tenancy ends
• CCTV footage: Retained for a limited period unless required for investigation
We maintain a documented retention policy.
- Your Rights
Under UK GDPR you have the right to:
• Be informed about how your data is used
• Access your personal data
• Request correction of inaccurate data
• Request erasure (where legally applicable)
• Restrict processing
• Object to processing
• Request data portability
Requests should be made in writing to the contact details above.
If you are dissatisfied with how your data is handled, you may contact the Information Commissioner’s Office at:
Information Commissioner’s Office
Tel: 0303 123 1113
- Updates
This Privacy Notice may be updated from time to time. The most recent version will always be available upon request or via our website.