top of page

Privacy Notice

​

Introduction to the UBIQS Privacy Notice

This privacy notice provides you with details of how we collect and process your personal data through your use of our platform at www.ubiqs.co.uk and our property management and document repository services.

By providing us with your data, you warrant to us that you are over 18 years of age and have the legal capacity to use our services.

UBIQS Property Limited is the data controller and we are responsible for your personal data (referred to as 'we', 'us' or 'our' in this privacy notice).

​

Our Full Details:

Company: UBIQS Property Limited (trading as Ubiqs.co.uk)
Email: enquiries@ubiqs.co.uk
Data Protection Officer: enquiries@ubiqs.co.uk
Address: 2 St. Thomas's Square, Salisbury, Wiltshire, England, SP1 1BA
Company Registration: 15429732 (Previously UBIQS Solutions Ltd)
ICO Registration: ZB835868 (Valid until December 2025)

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at enquiries@ubiqs.co.uk.

​

Our Dual Role: Controller and Processor

Important: UBIQS operates in two distinct roles depending on the type of data processing:

​

When We Are a Data Controller

For your user account data, platform usage, and our business operations, we are the data controller and determine how your data is processed.

​

When We Are a Data Processor

For documents containing personal data that you upload to our platform (such as tenant information), you remain the data controller and we process this data solely according to your instructions.

​

What Data Do We Collect, for What Purpose and on What Legal Ground

Data We Control (UBIQS as Data Controller)

User Account Data - includes your name, email address, password (encrypted), company/business name, contact details, and account preferences. We process this data to:

​

  • Provide you with access to our platform services

  • Manage your account and billing

  • Communicate with you about your account

  • Provide customer support

 

Legal Basis: Performance of contract and legitimate interests (service provision and customer support)

Platform Usage Data - includes login times, features accessed, document upload statistics (without accessing content), platform navigation, and technical performance data. We process this data to:

​

  • Improve our platform functionality

  • Ensure platform security and performance

  • Understand user needs and preferences

  • Develop new features

 

Legal Basis: Legitimate interests (platform improvement and security)

Communication Data - includes any communication you send to us through our contact forms, email, support tickets, feedback, or any other communication channel. We process this data to:

​

  • Respond to your inquiries and provide support

  • Keep records of our communications

  • Improve our services based on feedback

 

Legal Basis: Legitimate interests (customer service and business improvement)

Technical Data - includes IP address, browser type, device information, page visits, referral sources, and analytics data collected through tools such as Google Analytics. We process this data to:

​

  • Ensure platform security and prevent fraud

  • Analyse platform usage patterns through Google Analytics and similar tools

  • Optimise user experience and platform performance

  • Maintain system functionality and troubleshoot issues

 

You can manage your preferences for third-party analytics tools by:

  • Using Google Analytics Opt-out Browser Add-on

  • Adjusting browser privacy settings

  • Using cookie management tools

  • Contacting us to opt-out manually

 

Legal Basis: Legitimate interests (security, analytics, and service improvement)

Marketing Data - includes your preferences for receiving marketing communications, promotional materials, and information about professional services. We process this data to:

​

  • Send you relevant updates about our services

  • Provide information about new features

  • Share industry insights and compliance guidance

  • Inform you about relevant professional services (letting agents, accountants, contractors)

 

Legal Basis: Consent (where required) or legitimate interests (existing customer communications and relevant service recommendations)

Trial and Demonstration Tools - Our website may include demonstration tools to showcase platform functionality. Important: No data submitted through demonstration tools is collected, stored, or processed by UBIQS. These tools operate without data retention for maximum privacy protection.

​

Data We Process (UBIQS as Data Processor)

​

Uploaded Documents - includes any documents you upload containing personal data (address, tenant information, property documents, compliance certificates, receipts). We process this data solely to:

​

  • Provide secure document storage

  • Enable document organisation and categorisation

  • Facilitate compliance deadline tracking

  • Support data export and deletion functions


Legal Basis: Performance of contract (we process this data according to your instructions as the data controller)

Important Note: For uploaded documents containing personal data, you are responsible for ensuring you have a lawful basis to collect and process this data. You must provide appropriate privacy notices to data subjects and comply with all UK GDPR requirements.

 

Sensitive Data

We do not intentionally collect sensitive personal data (special categories under UK GDPR including race, ethnicity, religious beliefs, health data, etc.). If such data is inadvertently uploaded to our platform, please contact us immediately at enquiries@ubiqs.co.uk for secure removal.

 

How We Share Your Personal Data

We may share your personal data with the following parties:

​

Sub-processors:

  • Wix.com - Our hosting platform provider (stores data in EEA data centres for GDPR compliance)

  • Payment processors - When we implement paid services (PCI DSS compliant providers)

  • Customer support tools - To provide technical assistance and user support

Professional advisers:

  • Lawyers, accountants, and auditors (under confidentiality agreements)

  • Cyber security consultants for platform security assessments

Strategic Service Partners:

  • Professional Service Providers - When you request services from qualified professionals (letting agents, accountants, contractors), we may share relevant property and contact information to provide you with quotes and services

  • Other Property Professionals - Insurance providers, compliance specialists, and other property-related service providers when you specifically request such services

Legal requirements:

  • ICO or other regulatory bodies when legally required

  • Law enforcement agencies when legally obligated

  • Courts when subject to legal proceedings

Business transfers:

  • In the event of a merger, acquisition, or business sale (with appropriate safeguards)

We require all third parties to respect the security of your personal data and treat it in accordance with the law. We only allow sub-processors to handle your data for specified purposes and according to our instructions.

 

International Transfers

Data Storage: Your data is stored within the European Economic Area (EEA) through EEA data centres, ensuring GDPR compliance without requiring additional transfer safeguards.

Transfers Outside EEA: Any transfers outside the EEA will only occur with appropriate safeguards including:

  • Standard Contractual Clauses approved by the UK ICO

  • Adequacy decisions by the UK Government

  • Your explicit consent for specific transfers

 

Data Security

We implement comprehensive security measures to protect your personal data:

Technical Measures:

  • Encryption of data at rest using AES-256 standard

  • Encryption in transit using TLS 1.3

  • Multi-factor authentication for platform access

  • Regular security scanning and vulnerability assessments

  • Secure backup systems with tested recovery procedures

  • Access logging and real-time monitoring

Organisational Measures:

  • Staff security training and background checks

  • Segregation of duties and least privilege access

  • Regular security audits and penetration testing

  • Incident response procedures and breach notification protocols

  • Business continuity and disaster recovery plans

We allow access to your personal data only to employees and sub-processors who have a legitimate business need and are bound by confidentiality obligations.

 

Data Retention

We retain your personal data only for as long as necessary to fulfil our stated purposes or as required by law:

User Account Data: Duration of account plus 7 years (for business records and potential legal claims)

Platform Usage Analytics: 2 years from collection

Communication Records: 3 years from last communication

Support Tickets: 3 years from closure

Uploaded Documents: According to your retention settings and instructions as data controller, with the following system maximums:

  • Tax-related documents: 7 years maximum

  • Other property documents: According to your specified retention periods

  • System backups: 30 days after primary deletion

Legal Compliance: Some data may be retained longer where required by law (e.g., accounting records for tax purposes)

 

Multi-Party Platform Operations

Important: UBIQS operates as a property management platform with a secure collaboration system where property owners can invite relevant parties to access appropriate information.

 

Collaborative Parties Access Control

User Access Control: Different user types receive appropriate access permissions based on their relationship to the property and data.

All invited parties must accept our Terms and Conditions and Privacy Notice before accessing any information.

 

Invitation and Consent Process

When you invite others to UBIQS:

  • Invited third parties receive controlled access through our secure collaboration system

  • All parties must accept our terms and privacy policy

  • Participants are informed of their data protection rights

  • All parties can withdraw consent and leave the platform at any time

Data Controller Responsibilities:

  • Property owners remain data controllers for tenant and property information they upload

  • Agents become joint controllers when they upload or significantly modify tenant data

  • All controllers must ensure lawful basis for processing tenant personal data

  • Privacy notices must be provided to tenants before invitation

 

Data Export and Sharing

CSV Export Functionality:

  • Users can export their data in machine-readable format

  • Exports include only data the user has legitimate access to

  • Exported data may contain personal information of tenants/other parties

  • Users remain responsible for data protection when sharing exports

  • Export logs maintained for audit purposes

Third-Party Professional Sharing:

  • Users may share exported data with their chosen professional advisers (accountants, legal advisers, consultants)

  • Users must ensure third parties have appropriate data protection measures

  • Sharing occurs outside UBIQS platform and is user's responsibility

  • Users should obtain appropriate consent for sharing personal data with third parties

 

Automated Decision Making

We do not engage in automated decision-making or profiling that significantly affects your legal rights. Our compliance deadline calculations are tools to assist your decision-making, not automated decisions about you.

 

Managing Your Data Preferences

Account Settings: If you have an account with us, you can manage basic preferences by logging into your account, where you can:

  • Update your communication preferences

  • Control marketing email subscriptions

  • Update your contact information

  • Manage your account details

For other data management requests, please contact us at enquiries@ubiqs.co.uk using the procedures outlined in the "Data Breach and Urgent Requests" section above.

Cookie Usage: Our website uses both essential and non-essential cookies:

Essential Cookies:

  • Session management and security (Wix platform)

  • User account functionality

  • Anti-fraud protection (XSRF tokens)

Analytics & Marketing Cookies (Require Your Consent):

  • Google Analytics (_ga) - Website traffic analysis

  • Facebook Pixel (_fbp) - Social media advertising

  • Google Ads (gcl*) - Advertising conversion tracking

  • HubSpot (hs) - Marketing automation

You can control non-essential cookies through our cookie consent banner or your browser settings. Essential cookies cannot be disabled as they're required for site functionality.

 

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right to Access - Request copies of your personal data

Right to Rectification - Request correction of inaccurate personal data

Right to Erasure - Request deletion of your personal data (subject to legal retention requirements)

Right to Restrict Processing - Request temporary suspension of processing

Right to Data Portability - Receive your data in machine-readable format

Right to Object - Object to processing based on legitimate interests

Right to Withdraw Consent - Where processing is based on consent

Right to Complain - Lodge complaints with the ICO

 

Exercising Your Rights

Making Data Requests: You have the right to access, correct, or delete your personal data. To make a request, please contact us at enquiries@ubiqs.co.uk with:

  • Your full name and account email address

  • Specific details of your request (access, correction, deletion, etc.)

  • Proof of identity (for security purposes)

  • Preferred format for data delivery (where applicable)

We will respond to your request within one month in accordance with UK GDPR requirements, though complex requests may take longer with appropriate notification.

Self-Service Options: Many data management tasks can be completed directly through your account:

  • Download your data using our export functionality

  • Update personal information in account settings

  • Manage communication preferences

  • Control data sharing with invited parties

  • View your platform activity history

You will not be charged for exercising your rights unless requests are clearly unfounded, repetitive, or excessive.

 

Professional Services and Third-Party Access

Invitation-Based Access - You can invite third parties (agents or tenants or landlords) to access specific property information through our secure collaboration system. Each invited party receives restricted access based on their intended purpose and must accept our terms and privacy policy.

Data Controller Relationships - For professional services (agents), you enter into direct relationships with service providers who become independent data controllers under UK GDPR and the Data Protection Act 2018. Each provider is independently responsible for their data handling practices and has their own privacy policy and data protection obligations. UBIQS is not responsible for how these third parties process your data.

Your Control - You maintain complete control over which professionals to engage, what data to share, and can revoke access at any time. Declining professional services does not affect your use of core UBIQS platform features.

 

Marketing Communications

Existing Customers: We may send service updates, feature announcements, and relevant industry information based on our legitimate interests in keeping customers informed.

Professional Service Information: We may occasionally inform you about relevant services from qualified professional providers (letting agents, accountants, insurance providers, contractors) based on your expressed interests or platform usage. You can opt-out of these communications separately from core service updates.

Marketing Consent: For promotional marketing, we will obtain your explicit consent and provide easy opt-out mechanisms.

Opt-out: You can opt out of marketing communications at any time by:

  • Using unsubscribe links in emails

  • Emailing enquiries@ubiqs.co.uk

  • Adjusting preferences in your account dashboard

 

Cookies and Tracking

Our website uses cookies to enhance your browsing experience and provide essential platform functionality. You can manage your cookie preferences through the cookie banner displayed when you first visit our site. This allows you to accept or decline specific types of cookies, such as analytics or marketing cookies.

Essential Cookies: Required for platform functionality, account authentication, and security features (always active)

Analytics Cookies: Help us understand how users interact with our platform to improve services (optional)

Marketing Cookies: Used for targeted communications and measuring marketing effectiveness (optional, requires consent)

We may use third-party tools, such as Google Analytics, to collect data about your interactions with our site. You can manage your preferences for these tools directly through their settings or opt out via browser extensions like Google Analytics Opt-out Browser Add-on.

For detailed information about our cookie usage, please see our Cookie Policy.

 

Changes to This Privacy Notice

We may update this privacy notice periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Email notification to registered users

  • Prominent notice on our platform

  • Updated "Last Modified" date below

Continued use of our services after notification constitutes acceptance of the updated privacy notice.

 

Contact Us

Data Protection Queries: enquiries@ubiqs.co.uk
General Inquiries: enquiries@ubiqs.co.uk
Address: 2 St. Thomas's Square, Salisbury, Wiltshire, England, SP1 1BA

 

Data Breach and Urgent Requests

For suspected data breaches, urgent data protection matters, or formal data subject requests:

Email: enquiries@ubiqs.co.uk

Required Subject Line: Your email subject line must contain one of the following keywords:

  • "URGENT" - for time-sensitive data protection matters requiring immediate attention

  • "BREACH" - for suspected or actual data breaches affecting personal data

  • "DATA REQUEST" - for formal data subject access requests under GDPR Article 15

Response Commitments:

  • BREACH matters: We will acknowledge receipt within 3 working days and begin immediate investigation to meet GDPR's 72-hour ICO reporting requirement where applicable

  • URGENT matters: We will respond within 3 working days during business hours (Monday-Friday, 9 AM-5 PM GMT)

  • DATA REQUEST: We will acknowledge receipt within 3 working days and provide a full response within 30 days as required by GDPR

  • All other data protection inquiries: We will respond within 3 working days

What to Include in Your Email:

  • Clear description of the issue or request

  • Your contact details for follow-up

  • For breach reports: approximate time, scope, and nature of the suspected breach

  • For data requests: specific information you're seeking and verification of your identity

Emergency Contact: For genuine data protection emergencies outside business hours, mark your email subject as "URGENT BREACH" and we will monitor for these on a priority basis.

Note: Emails without the required subject line keywords may experience delayed processing. This system ensures urgent matters receive immediate priority attention while maintaining efficient handling of all data protection communications.

 

Complaints

If you have concerns about our handling of your personal data, please contact us first at enquiries@ubiqs.co.uk.

If you remain unsatisfied, you have the right to complain to the Information Commissioner's Office (ICO):

ICO Contact:
Website: www.ico.org.uk
Telephone: 0303 123 1113
Email: casework@ico.org.uk

 

Last Updated: 22 June 2025
Next Review: June 2026
Version: 1.0

This privacy notice applies to UBIQS Property Limited trading as Ubiqs.co.uk - a Property Management and Document Repository Service.

bottom of page