Privacy Policy

  1. Aim of policy

In order to help provide you with the best and most appropriate service, we need you to help us by providing us with your detailed information.

We begin the process of collecting information about you, and if appropriate your family, when you apply to us either directly or through one of our Choice Based Letting partners.

We appreciate that some of the information you give us will be very sensitive including details about your health and any disabilities you may have. Because the information you provide us is very personal we take your privacy & confidentiality very seriously.

We aim to keep your information as up-to-date as possible so that when your needs change over time, the services we provide you can change to reflect these different needs. We will also ensure we make every possible effort to fulfil our obligations under the UK General Data Protection Regulation (GDPR).

We will keep your personal information secure and only keep it as long as we need to, although please bear in mind we are legally obliged to keep some records for an extended period of time, such as housing benefit payment details, before it’s safely destroyed.

  1. Who is responsible for your data?

Our Privacy Policy applies to all the personal data that Contour Property Servicescollects and uses.

References in this Privacy Policy to “CPS”, “we”, “us” or “our” mean Contour Property Services.

CPS is a subsidiary of Onward Group. Colleagues are employed by Onward and will provide services to CPS customers so you will often see the Onward branding in our communications. The information you provide is kept on Onward’s systems but it will be clear within those systems that you are a CPS customer and that CPS is responsible for that information.

We control the ways your personal data are collected and the purposes for which your personal data are used by CPS and are the “Data Controller” for the purposes of the UK GDPR and UK Data Protection Act (2018).

  1. What personal data do we collect about you?

When using the term “personal data” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold.

Your personal data may include, for example, your name, your contact details, information relating to your lease (e.g. your Reference Number) or information on how you use our website and online services or how you interact with us.

We collect some personal data from you, for example when you first become a leaseholder, use our website or contact us. We may also receive your personal data from our contractors/suppliers who provide services to you on our behalf and our partners Agencies.

We may collect and process the following categories of information about you:

  • Your name and contact details for use across the organisation and by our contractors/suppliers;
  • Detailed personal information, such as:
    • Bank details
    • Contact details of individuals who you want us to communicate with on your behalf
    • Landlord / agent details
  1. How and why we use your personal data

We use your personal data for the following purposes:

  1. Managing your leasehold, and contacting you about:
  • Details relating to the repair and maintenance of communal areas;
  • Records of payments for the services provided to you;
  • Details about complaints about our service or other individuals, accidents or incidents involving communal areas;
  • We may also record factual information whenever you contact us or use our services, so we have a record of what happened.
  1. To provide security and ensure health and safety:
  • We operate CCTV systems, which collect and record images, and are used in accordance with CCTV codes of practice;
  • We may hold information about your history, for example, related to offences, if we need it to look after our staff, business or anyone else.
  1. When we process information about you on behalf of another organisation you receive services from:
  • We will receive the information we need to provide a service to you;
  • We may receive information, or related information, from our partner organisations, your family, friends or neighbours, or public information sources.
  1. To communicate with you and manage our relationship with you:
  • We (including our contractors/suppliers) may need to contact you by telephone, email and/or SMS for administrative or operational reasons
  • These communications are not made for marketing purposes and as such, you will continue to receive them even if you opt-out from receiving marketing communications;
  • We will use your personal data if we contact you after you have sent us a request, filled in a web-form through our website or contacted us on social media;
  • Your opinion is very important to us, so we may send you an email or SMS to seek your feedback;
  • We will use the communications you exchange with us and the feedback you may provide in order to manage our relationship with you as our customer and to improve our services and experiences for other customers.
  1. To personalise and improve your customer service experience
  • We may also collect information on how you use our website, which pages of our website you visit most, which online services you use, in order to understand what you like. We may use this information to tailor the content and services and, if you have agreed to receiving marketing communications, to send you relevant messages;
  • If you are in the process of making a request under your account and you leave our website before your request has been completed, we may contact you in order to help you easily complete your request or make payment;
  • Your name and contact details for customer satisfaction surveys, newsletters and service information;
  • Voice recordings for quality management;
  • With your written consent, your name, photo, video or story could be used for brochures, advertising,press releases or internal news stories;
  • Your comments about our service or our suppliers’ services.
  1. To fulfil our administrative purposes and support our business interests
  • The business purposes for which we will use your information include accounting, billing and audit, credit or other payment card verification, fraud screening, safety, security and legal purposes, statistical and marketing analysis, systems testing, maintenance and development.
  1. To comply with our legal obligations
  • For example, our obligation to provide your information to HM Revenue and Customs (HMRC).
  1. Your Privacy Rights

The UK GDPR provides all UK citizens with specific privacy rights. CPS is committed to upholding these rights and takes its responsibilities regarding our customers privacy very seriously.

These include, your rights to request that CPS:

  • Responds to your Subject Access Requests and confirm what personal data we hold about you, if any, and for what purposes;
  • Corrects any inaccurate or incomplete personal data which CPS holds about you;
  • Provides you with a copy of your personal data for you to move elsewhere;
  • Stop processing your personal data, whilst an objection from you is being resolved;
  • Permanently erase all your personal data promptly, and confirms this has been done, although there may be reasons why we may be unable to fulfil your request;
  • Responds to your objections about any automated decisions made about you using the personal data you’ve provided.

If you have questions in relation to exercising any of your privacy rights, please contact the Data Protection Officer in the first instance at

If, for any reason, CPS does not address your request, or fails to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office (ICO) to make a complaint. They can be contacted via their website or by telephone 0303 123 1113.

  1. Security of your personal data

CPS are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. When you provide your personal data through our websites or online portal, this information is transmitted across the internet securely using appropriate strength encryption.

As detailed in this Policy, we may in some instances disclose your personal data to third parties. Where CPS does disclose your personal data to a third party, we require that third party to have appropriate technical and organisational measures in place to protect your personal data; however in some instances we may be compelled by law to disclose your personal data to a third party, such as the Police, and have limited control over how it is protected by that party.

The information that you provide us will be held in our systems, which are located on our premises or those of a contractually appointed third party. We may also allow access to your information by other third parties who act for us for the purposes described in this Privacy Policy or for other purposes approved by you. Your personal data may be accessed by and processed outside the UK – Where this occurs we require that appropriate safeguards are in place.

We will retain your personal data for as long as we need it in order to fulfil our purposes set out in this Privacy Policy and in order to comply with appropriate laws and standards.

  1. Sharing your personal data

On occasions it’s in everyone’s best interests for us to share some of the information we have about our customers with other organisations. This may be to fulifil a legal obligation or to ensure you get the best service possible.

If you decide to end your leasehold without paying or arranging to pay any arrears you are in we may decide it’s necessary to share your details with a Debt Collection Agency to help us recover our money.

We may also provide some details to our contractors/suppliers, so they can contact you in relation to communal repairs or scheduled improvement work, to arrange a suitable time to visit.

In exceptional circumstances we may feel it’s necessary to provide your details to the Police or the Local Authority Social Services Department where there has been a case of criminal activity, or we have concerns for any individuals health and safety.

We’d like to stress that under no circumstances do we ever sell or pass on your information to business or organisations so they can get in touch with you directly either by phone, email or in writing in order to sell you their products or services.

Listed below are the categories of third parties we may share some of your personal information with. Where required, we will ensure that any information sharing is supported by UK GDPR compliant contract or there are appropriate information sharing protocols in place.

  • Banks and Financial Service providers to process secure payments;
  • Contractors and suppliers who:
    • Provide services on our behalf;
    • Undertake repairs or improvements;
    • Provide Technology & Telephony software, services & equipment;
    • Manage out-of-hours service calls;
    • Provide printing and mailing services
  • Debt Collection Agencies
  • External Auditors
  • Insurance companies
  • Organisations that support CPS and the services we provide including
    • Local Authorities
    • Statutory agencies
  • Solicitors
  • Survey & Research organisations
  • Utility companies

In some cases we may also have a duty to disclose your information by law to:

  • Central Government Departments
  • Courts & Tribunals
  • Statutory agencies
  • Local Authorities
  • Organisations who support crime prevention or detection, the prevention and detection of fraud, and for the purposes of the National Fraud Initiative
  • Members of Parliament or Local Councillors
  • Regulators

CPS will not share or disclose your information with anyone who claims to represent you or be acting on your behalf unless we have verified you have appointed them or they are acting in some recognised official capacity.

  1. Updates to our Privacy Policy

We may make changes to our Privacy Policy from time to time. Any updates to the Privacy Policy will be published on our website where we will publish a new version of this Policy.

  1. Contact information

Any questions or requests regarding this Privacy Policy should be addressed to Data Protection Officer at

Next review: May 2023
Reference number: PRIV01