This Privacy Policy explains how hoestates.com (the “Website”) collects, uses, and protects personal data submitted through the contact form on the Website.
Data controller
The personal data collected through this Website is controlled by the owner/operator of hoestates.com (the “Controller”).
This policy applies to the Website available at https://hoestates.com/.
Personal data collected
The only personal data intentionally collected through the Website is the information that visitors provide via the contact form in the “Working With Us” / “Contact” section.
Based on the current version of the Website, the contact form requests the following fields:
- Name (required)
- Surname (required)
- Email address (required)
- Phone number (optional)
- Message content in the free-text field “How can we help” (required)
Visitors may include additional personal data in the message field, and such information will also be processed in line with this policy.
The Website does not intentionally collect special categories of personal data (such as health data, political opinions, or similar sensitive information), and visitors are asked not to include such information in the contact form.
Purpose and legal basis of processing
Personal data submitted through the contact form is processed solely for the following purposes:
- To receive, manage, and respond to enquiries, proposals, or contact requests
- To communicate with landowners, investors, contractors, professional consultants, housing associations, local authorities, prospective buyers, and other interested parties regarding the services described on the Website
- To keep a record of communications and enquiries for business and administrative purposes
Where the General Data Protection Regulation (GDPR) or similar laws apply, the legal bases for processing this personal data may include:
- The data subject’s consent, given by voluntarily submitting the contact form
- The performance of pre-contractual steps at the request of the data subject, where the enquiry relates to potential collaboration or services
- The Controller’s legitimate interests in managing and developing its business and property projects, provided such interests are not overridden by the data subject’s rights and freedoms
Data retention
Contact form submissions are retained only for as long as necessary to:
- Respond to and manage the enquiry
- Maintain appropriate business and project records
- Comply with applicable legal, regulatory, or reporting obligations
When personal data is no longer needed for these purposes, it should be securely deleted or anonymised.
Data sharing and recipients
Personal data submitted via the contact form is not sold.
It may be shared with:
- Service providers that support the operation of the Website (such as hosting providers, email service providers, or IT support), acting as processors on behalf of the Controller and bound by appropriate confidentiality and data protection obligations
- Professional advisers (such as legal or financial advisers) where reasonably necessary
- Public authorities or other third parties where required by law or to protect the rights, property, or safety of the Controller, its partners, or others
If the Controller is part of a group of companies, personal data may also be shared within the group where necessary for internal administrative or business purposes, subject to appropriate safeguards.
International data transfers
If any service providers or systems used to store or process personal data are located outside the United Kingdom or the European Economic Area, appropriate safeguards will be implemented where required by applicable data protection law (for example, standard contractual clauses or equivalent protections).
Security
Appropriate technical and organisational measures will be used to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access, having regard to the nature of the data and the risks involved.
However, no method of transmission over the internet or method of electronic storage is completely secure, and absolute security cannot be guaranteed.
Cookies and analytics
This policy covers the personal data visibly collected through the contact form on the Website.
Data subject rights
Where GDPR or similar data protection laws apply, individuals whose personal data is processed may have the right to:
- Request confirmation of whether their personal data is being processed and access to that data
- Request correction of inaccurate or incomplete personal data
- Request deletion of personal data in certain circumstances
- Request restriction of processing in certain circumstances
- Object to certain types of processing, including processing based on legitimate interests
- Request the portability of their data, where applicable
- Withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
- Lodge a complaint with the relevant data protection authority
How to exercise rights or contact us
To exercise any of these rights or to ask questions about this Privacy Policy, individuals may contact the Controller using the contact details provided in the Website’s contact section and clearly state their request.
Changes to this Privacy Policy
This Privacy Policy may be updated from time to time, for example to reflect changes in legal requirements or in how the Website operates. The most current version will be published on this page with an updated effective date.