Privacy Policy Property 24-7

At Property24-7 your privacy is of utmost importance to us

We set out below our Privacy Policy. At Property24-7 we are committed to compliance with Data Protection legislation and regulations including the 2018 GDPR regulations.

Under GDPR regulations we are deemed “Data Processors”. Property24-7 is a “business to business” software platform for property professionals (our clients). As such Property24-7 does not control customers personal information i.e. we are not “Data Controllers” under GDPR regulations. Customers information on the platform is controlled by our Estate Agency clients.

This privacy statement relates to private information that may be stored on our technology platform used by Data Controllers (property professionals). Customers of our clients may upload their client data to Property24-7 with the consent of their appointed agent (our client, the property professional).

This Privacy Statement applies to personal information that we may hold on our software platform on behalf of our clients.

About Us

We are a software development and sales company providing and hosting software for property professionals

Our business is located at Station Road, Ennis, Co. Clare, Ireland where we may be contacted. Contact details; support@propertycrm.ie; +353 (0) 656844448. Our Data Protection Officer, Philip O Reilly, may be contacted at philip@propertycrm.ie; +353 (0) 656844448

Personal Information.

This is collected from customers by our property professional clients to whom you provide your personal and property information.
The information recorded may include your name, address, e-mail address, phone number, personal description and financial, property or other business information, employment information (current and past) and may include family information.

Use of Information

We never share or process personal information.
In the course of our business with our clients and acting on their instructions we may use your information in the performance of our contract, account set up, delivering our technical and customer support including account management, and investigating complaints.
We may exceptionally share personal information in the following circumstances;

  1. When required to do so by legal or court demands
  2. When required to report to Government Bodies.
  3. If requested and properly authorised to do so by a client.
  4. If required to do so to assist with a data subject request from a customer (a client firm’s customer).
  5. If necessary to provide technical support or investigate a data breach.
  6. To ensure the security of our systems and networks.
  7. If necessary to improve our products and services.
  8. If necessary to monitor users’ abuse on our systems.
  9. For the purposes of fraud protection/prevention.
  10. For systems or financial audit purposes.
Communications

We do not envisage communicating with clients’ customers on our platform except in the following circumstances;

  1. Where we are instructed to do so by our client
  2. Where we are required to do so by law, court order or in the public interest.
  3. If instructed to do so by a Public Body, duly authorised.
  4. Where a client’s customer requires us to do so for legitimate reasons and the client is not available to instruct us in the matter.
  5. Where legitimate circumstances exist.
  6. If we sell or buy any business or assets, in which case we may disclose personal information to the prospective seller or buyer of such business or assets.
  7. We contract with a third-party processor, contractor or subcontractor to process personal information on our behalf in relation to the delivery of our services.
Cookies

Property24-7 does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.

Information Security

Property24-7 utilises some of the most advanced technology for internet security available today. The system uses a code-signing certificate to ensure you are accessing a registered and secure application. When users access our site using industry standard Secure Socket Layer (SSL) technology, your information is protected using both server authentication and data encryption, ensuring that data is safe, secure, and available only to registered authorised users. Individual data is completely inaccessible except to users authorised by the individual client firm.

Property24-7 provides each user with a unique user name password and PIN (number) that must be entered each time a user logs on. These details are stored in an encrypted fashion in the database and can only be validated using a valid key. Property24-7 issues a session "cookie" only to record encrypted authentication information for the duration of a specific session. The session "cookie" does not include either the username or password of the user. In addition, Property24-7 is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders.

Where does your data reside?

Property24-7 application and database are hosted on servers in a data centre operated by Azure in Dublin. Azure, a Microsoft company, are a SAS AE 16 compliant company. Our contract with
Azure is for a "managed hosting" service – this means that Azure have full responsibility for security and maintenance of the hardware. Azure offers a combination of dynamic security solutions which enable us to proactively maintain defensible networks. Our layered approach to addressing these complex issues is to employ a defence-in-depth strategy, which means no one solution is solely relied upon.
The Azure IDS solution provides defence in depth by analysing network traffic and either blocking, replacing or alerting when suspicious activity is detected. The system utilises a rules-based language, which combines the benefits of signature, protocol and anomaly-based inspection methods. Rules are used to examine packets at both the IP protocol level and at the application level and can be set to look for specific occurrences of attacks against a protocol or set to look for the conditions of an attack.
Azure has selected a Tier 1 Managed Security Services Provider (MSSP) to monitor its intrusion detection system (IDS). The MSSP complements Azure's existing inhouse capabilities and technologies with around-the-clock analysis, expertise and processes. This enables Azure to measure the effectiveness and efficiency of its security controls, ensure business operations are not disrupted by threats and comply with legislation and reduce organizational risk.

Customer Rights

If a client firms process personal information based upon consent to do so, that consent may be withdrawn at any time by their customer.
Customers may object to processing of personal information where processing is based upon our legitimate interests. Where required under applicable law client firms should stop any such processing and notify their customer if that changes.

Profiling

If a decision affecting a customer was based solely upon the automated processing of personal information, including profiling, and that decision produces a legal effect for the customer or similarly significantly affects the customer, they may have the right to contest that decision and ask for human review by the broker.

Customer Data Requests

Customers may request disclosure of certain details regarding the processing of personal information, or that it be corrected, amended, deleted, or restricted in processing or may be requested to provide to customers, details of the personal information held. Where required under applicable law, client firms will notify any third-party recipients of this, where possible. Please note, though, that requests are subject to any applicable legal and ethical reporting or data retention obligations imposed on firms.

Upon receipt of a written request and enough information to permit client firms to identify the relevant personal information, they should respond to such requests without undue delay. If a delay is necessary, where permitted by applicable law, clients will notify customers of this, together with the reasons for the delay. If they are unable to act on the request, they will, as required by applicable law, annotate the personal information under their control with a note that action was requested but not made. In this event, they will notify customers without undue delay of the reasons for not taking action, and customers have the right to lodge a complaint with the relevant supervisory authority and ability to seek to enforce their rights through a judicial remedy.

Client Firms may charge a reasonable fee, where allowed by applicable law, based on any unusual administrative costs in complying with customer requests; for instance, where further copies of the information held are requested, or where requests are unfounded or excessive.

Customers may exercise these or any other rights available to them under applicable law by emailing their client firm with any specific request, or by otherwise contacting them.

Data Retention

Client firms are governed by GDPR and in their day to day activity by Property Services Regulatory Authority procedures. Generally, customers data is retained for 6 years after cessation of a customer’s relationship with a client firm. In the event of no business being transacted this may be for a period of one year, subject to the application of the laws in such matters.

Linked Web Sites

We provide links to various independent websites for the convenience of client firms in dealing with their customers.

We take no responsibility for the data or any other features on these sites.

Privacy Statement Changes

If we change our privacy changes they will be reflected in a revised version of this document. Please check for changes on our website www.Property24-7.ie

Contact

Our business is located at;
Money Trees (MPT) Ltd trading as Property24-7 Registered Office: Station Road, Ennis, Co. Clare, Ireland, Eircode: V95 FN79.

Contact details; support@propertycrm.ie; +353 (0) 656844448.

Our Data Protection Officer, Philip O Reilly, may be contacted at philip@propertycrm.ie; +353 (0) 656844448