Introduction

Sakura Property Collective (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, store, and share your information when you engage us to buy, sell, let or rent a property, or otherwise interact with us.

We act as a Data Controller for the purposes of UK data protection legislation.

This policy complies with:

The UK General Data Protection Regulation (“UK GDPR”)
The Data Protection Act 2018
The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017

Consumer Protection and Estate Agency legislation

Contact Details

Sakura Property Collective
Email: bpreece@sakuracollective.co.uk
Telephone: 07309 420423
Correspondence Address: Unit E, West Pitkerro Industrial Estate, Scott Way, Dundee, DD5 3RX

If you have any questions about this policy, please contact us.

What Personal Data We Collect

Depending on your relationship with us (seller, buyer, prospective client), we may collect:

Identity Data

• Full name, date of birth, address history, nationality

Contact Data

• Email, phone number, postal address

Property Data

• Home Report information

• Property details and photographs

• Marketing and valuation information

AML / Eligibility Data

• Official ID documents (passport, driving licence)

• Proof of address

• Financial and funding data (bank statements, mortgage DIP)

• Source of funds / source of wealth information

Transaction Data

• Offers, negotiations, terms of sale

• Solicitor details, contracts exchanged, tenancy or purchase documentation

Technical Data

• Website use (IP address, cookies, device data)

We will only collect information relevant to the purpose of providing a regulated estate agency service.

How We Collect Your Data

We may obtain information:

• Directly from you

• During viewings, communication, or offers

• Through publicly available sources (Land Registry, Companies House, social media, government websites)

• From third parties you instruct (mortgage brokers, solicitors, surveyors)

• From identity verification tools and AML service providers

Why We Process Your Data (Legal Basis)

Under UK GDPR, processing is lawful where one or more legal bases apply. We process data under:

Contractual Necessity

To:

• Market, sell, let, or value your property

• Arrange viewings, negotiate offers, prepare documentation

• Provide estate agency services as agreed

Legal Obligation

• To meet legal duties in:

• Anti-Money Laundering (AML) and Know-Your-Customer (KYC)

• Prevention of fraud and financial crime

• Property misdescription and consumer protection regulations

• Record-keeping required by HMRC

Legitimate Interests

• Where processing benefits both parties and does not override your rights, e.g.:

• Communicating progress updates

• Maintaining property marketing records

• Internal business analytics or auditing

Consent

Only where specifically required (e.g., receiving marketing emails).
You may withdraw consent at any time.

How We Use Your Data

We will use your data to:

• Verify your identity (AML)

• Carry out property valuations and listing activities

• Create marketing materials (brochures, online listings, photos)

• Respond to enquiries and arrange viewings

• Facilitate negotiations and offers

• Provide updates during ongoing transactions

• Liaise with your nominated advisers (solicitors, surveyors, mortgage brokers)

• Fulfil legal and regulatory obligations

We do not sell your personal information.

Sharing Your Data

We may share your information with trusted third parties when necessary:

Professional Third Parties

• Solicitors or conveyancers

• Surveyors

• Mortgage brokers / lenders

• Estate agent partner networks where relevant

AML & Compliance

• Identity verification services

• Third-party AML screening tools

• Law enforcement agencies, HMRC or regulators if required by law

Technology Providers

• Viewing scheduling apps

• Property portals (Rightmove, Zoopla, etc.)

• Client communication systems

• Secure storage providers or CRM software

All third parties must comply with UK GDPR and are only permitted to use your data for the services we instruct them to carry out.

International Transfers

We do not intentionally transfer personal data outside the UK.
If transfer becomes necessary (e.g., cloud services), we will ensure:

• Adequacy decisions, or

• UK-approved Standard Contractual Clauses (SCCs)

Data Retention

We retain personal information only as long as necessary to meet:

• Contractual requirements

• Legal, tax and regulatory obligations

• Anti-Money Laundering record periods

Typical periods (minimums, not maximums):

• Property transactions: up to 6 years from completion

• AML identity records: minimum 5 years

We may retain anonymised data indefinitely for analytics and compliance.

Your Rights

Under UK GDPR you have the following rights:

• Access your personal data (Subject Access Request)

• Correct inaccurate or incomplete data

• Request deletion (where lawful and possible)

• Restrict or object to processing

• Data portability (receive a copy in a structured format)

• Withdraw consent to marketing

Requests will be handled within one calendar month.

Marketing

We will not send you marketing communications unless you have given consent or we can rely on legitimate interest.

You can opt out at any time.

Data Security

We use appropriate technical and organisational measures to protect your data including:

• Encrypted cloud storage

• Access-controlled systems

• Staff confidentiality and compliance training

• Password and device security standards

If a data breach occurs, we will notify relevant authorities and affected individuals where legally required.

Complaints

If you have concerns about how we handle your data, please contact us first.

You may also complain to:
Information Commissioner’s Office (ICO)
Website: www.ico.org.uk
Phone: 0303 123 1113

Updates

We may update this policy occasionally. We will notify you where changes are material.

END OF POLICY