Privacy Policy

How we collect, use and protect your personal information

Last updated: 1 April 2026

This privacy policy applies to chelmsfordsurveyor.com and all services provided by Chelmsford Surveyor. We are committed to protecting your personal data and processing it in a fair, lawful, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1 Who We Are

Chelmsford Surveyor is a professional chartered surveying firm based in Chelmsford, Essex, providing RICS Level 2, RICS Level 3 building surveys, property valuations, party wall agreements, and related services across Essex and the surrounding counties.

For the purposes of data protection law, Chelmsford Surveyor is the data controller responsible for your personal data collected through this website and our services.

If you have any questions about this policy or how we handle your data, please use our contact page.

2 Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: first name, last name
  • Contact data: postal address, email address
  • Property data: property address, type, age, and details you provide when requesting a survey or valuation
  • Transaction data: details about surveys and services you have purchased from us
  • Technical data: IP address, browser type and version, time zone, browser plug-in types, operating system and platform, and other technology on the devices you use to access this website
  • Usage data: information about how you use our website, products, and services
  • Marketing and communications data: your preferences for receiving marketing communications from us

We do not collect any special categories of sensitive personal data (such as health data, racial or ethnic origin, political opinions, religious beliefs, or financial data beyond what is necessary to process payments).

3 How We Use Your Data

We use your personal data for the following purposes:

  • To respond to your enquiries and provide quotes for surveying services
  • To fulfil contracts for building surveys, valuations, and related services
  • To send you your survey report and any follow-up communications related to your instruction
  • To process and collect payment for services provided
  • To send you service-related updates, newsletters, or marketing communications (only where you have given consent or we have a legitimate interest)
  • To improve our website, services, and customer experience
  • To comply with legal obligations, including financial and regulatory requirements
  • To prevent fraud and maintain the security of our systems

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

4 Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR to process your personal data:

  • Contract: where processing is necessary to perform a contract with you (e.g., delivering your survey report)
  • Legitimate interests: where processing is necessary for our legitimate business interests, such as improving our services and preventing fraud, provided these are not overridden by your rights
  • Legal obligation: where processing is necessary to comply with a legal requirement (e.g., HMRC record-keeping)
  • Consent: where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing emails

Where we rely on consent, you have the right to withdraw it at any time by contacting us through our contact page.

5 Sharing Your Data

We may share your personal data with the following categories of third parties:

  • Service providers: third-party companies that provide IT, system administration, and platform services (such as HubSpot CRM) that help us operate our business
  • Professional advisers: including lawyers, accountants, and auditors where necessary
  • Regulatory bodies: such as RICS, HMRC, and other authorities where required by law
  • Business transfers: if we sell, transfer, or merge any part of our business, your data may be shared with the new owners

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes — they may only process it for specified purposes and in accordance with our instructions.

We do not sell, trade, or rent your personal data to any third party for their own marketing purposes.

6 Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Survey reports and client files: retained for a minimum of 6 years after the date of the survey in line with professional indemnity insurance requirements and RICS guidance
  • Enquiry data (where no instruction followed): retained for up to 12 months
  • Marketing preferences and opt-outs: retained indefinitely to ensure we respect your choices
  • Financial records: retained for 7 years in line with HMRC requirements

When we no longer need your data, we will securely delete or anonymise it.

7 Your Rights

Under UK GDPR, you have a number of important rights relating to your personal data. These include:

  • Right of access: you can request a copy of the personal data we hold about you (Subject Access Request)
  • Right to rectification: you can ask us to correct inaccurate or incomplete data
  • Right to erasure: you can ask us to delete your personal data in certain circumstances ("right to be forgotten")
  • Right to restrict processing: you can ask us to suspend processing of your data in certain circumstances
  • Right to data portability: you can request a copy of your data in a structured, commonly used, machine-readable format
  • Right to object: you can object to processing of your personal data based on legitimate interests or for direct marketing purposes
  • Rights related to automated decision-making: we do not use automated decision-making or profiling that produces legal or similarly significant effects

To exercise any of your rights, please contact us using our contact form. We will respond to all legitimate requests within 30 days. If we need longer due to complexity or volume of requests, we will inform you within 30 days.

You also have the right to lodge a complaint with the UK's data protection authority, the Information Commissioner's Office (ICO), at ico.org.uk or by calling 0303 123 1113.

8 Cookies

Our website uses cookies — small text files placed on your device — to improve your browsing experience and help us understand how visitors use our site. We use the following types of cookies:

  • Strictly necessary cookies: essential for the website to function. These cannot be switched off.
  • Analytics cookies: help us understand how visitors interact with our website by collecting and reporting information anonymously (e.g., Google Analytics, HubSpot analytics)
  • Marketing cookies: used to track visitors across websites to display relevant and engaging advertisements (e.g., HubSpot tracking)
  • Functional cookies: allow the website to remember choices you make, such as your preferred language or region

When you first visit our website, you will be shown a cookie banner asking for your consent to non-essential cookies. You can accept or decline at that point. You can also update your preferences at any time by clearing your browser cookies and revisiting the site.

Most web browsers allow you to control cookies through their settings. To find out more about managing cookies, visit aboutcookies.org.

9 Third-Party Services

Our website uses the following third-party services which may process your data:

  • HubSpot: we use HubSpot for contact forms, CRM, and marketing communications. HubSpot processes data in accordance with their own privacy policy.
  • Google Fonts: we load fonts from Google's servers, which may involve Google collecting limited technical data. See Google's privacy policy.
  • Font Awesome: icons are loaded from a CDN which may collect limited technical data.

We are not responsible for the privacy practices of third-party websites linked from our site. We encourage you to read the privacy policy of any external website you visit.

10 Data Security

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. These measures include:

  • Secure HTTPS encryption across our entire website
  • Access controls limiting data access to authorised personnel only
  • Regular security assessments and software updates
  • Secure storage and handling of physical and digital files

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach and, where required, will notify you directly.

11 Children's Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will take steps to delete it.

12 Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Privacy Questions?

If you have any questions about this policy or want to exercise your data rights, please get in touch.

Contact Us