PRIVACY POLICY

Pureserviced Ltd is committed to protecting the privacy and personal data of all guests, visitors, and users of our services. This Privacy Policy outlines how we collect, use, share, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable legislation.

Who We Are

Pureserviced Ltd (Company Registration Number 10715211) is a serviced apartment provider based in the United Kingdom, offering short- and long-term accommodation. Our registered office is located in the UK at Imperial Plymouth, 3 Windsor Villas, Plymouth, PL1 2QD, and we operate under the data protection laws of England and Wales.

Pureserviced Ltd is the Data Controller for all personal information you provide. In some cases, where we operate properties on behalf of landlords, those parties may act as joint controllers under specific contractual agreements. If you have any questions about this policy or your data, you can contact us at hello@pureserviced.com.

What Information We Collect

We collect a range of personal data during the course of providing our services. This includes your full name, email address, phone number, home address, payment card details, and identity verification documents such as a passport or driver’s licence. We also collect your IP address and other technical data when you visit our website. Where necessary, we may process information related to accessibility requirements, health conditions, or disabilities—strictly for the purpose of ensuring your comfort and safety during your stay.

How We Collect Your Data

We collect your data through a variety of channels. This includes bookings made through our website, third-party travel platforms (such as Airbnb or Booking.com), email or telephone communications, and check-in procedures. We also use CCTV in communal and external areas of our properties, and this data may include visual recordings of guests, visitors, or contractors.

Why We Collect and Use Your Data

We process your personal information to manage bookings, facilitate check-in/check-out, take payments, and communicate with you before, during, and after your stay. Your data is also used to comply with legal requirements (such as identity verification), manage damage deposits, and deliver customer support services.
Where you provide information about a disability or health condition, we will only use that information with your explicit consent, and only to ensure we are able to meet your specific needs.
We may also use your data for our legitimate interests, including improving our services, maintaining property security, and preventing fraud or misuse of our apartments.

Lawful Basis for Processing

We rely on a combination of legal bases under the UK GDPR:

Contractual necessity, where processing is essential to deliver our accommodation services.
Legal obligations, such as record-keeping or compliance with local authority regulations.
Legitimate interests, for internal administration, security, and service improvement.
Consent, where you voluntarily provide sensitive information or opt-in to marketing.

Use of CCTV

CCTV is in operation in external and communal areas of our buildings. The purpose of this system is to ensure the safety of our guests, protect property, and deter unlawful activity. The lawful basis for this processing is our legitimate interest in maintaining a secure environment. CCTV recordings are retained for 30 days unless required in connection with an incident or legal request.

Who We Share Your Data With

We may share your data with trusted third-party service providers, including payment processors, booking platforms, property maintenance providers, and marketing platforms. Where relevant, we may also share limited guest information with property landlords in accordance with our operating agreements, particularly in relation to damages, complaints, or regulatory matters.
All third parties are contractually required to process your data in accordance with applicable data protection legislation.

International Data Transfers

Some of our service providers, such as cloud hosting or analytics providers, are based outside the UK or European Economic Area (EEA). In such cases, we ensure your data is protected by implementing appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO).

Data Retention

We only retain your personal data for as long as is necessary to fulfil the purposes outlined in this policy, or to comply with legal requirements. For example:

Guest booking and payment records are retained for 6 years for accounting and legal compliance.
CCTV recordings are typically stored for 30 days, unless required for investigation.
Damage deposit information is retained until resolution and financial reconciliation are complete.
Data that is no longer needed will be securely deleted or anonymised.

Marketing and Communication Preferences

With your consent, we may send you marketing communications by email or text, including offers, service updates, or feedback surveys. You can withdraw your consent at any time by clicking the ‘unsubscribe’ link in our emails, or by contacting us directly at hello@pureserviced.com.

Security of Your Data

We take appropriate technical and organisational measures to protect your personal data. This includes secure data storage, encryption, restricted access to sensitive information, staff training, and routine audits. Only authorised personnel have access to personal information, and all processing is conducted in accordance with UK GDPR standards.

Your Rights

You have the following rights under the UK GDPR:

To access a copy of the personal data we hold about you
To request correction of inaccurate data
To request erasure (‘right to be forgotten’)
To restrict or object to processing
To withdraw consent (where applicable)
To request data portability

If you wish to exercise any of these rights, please contact us at hello@pureserviced.com. If you are dissatisfied with our handling of your data or your request, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

Children’s Data

We do not knowingly collect data from individuals under the age of 18. All bookings must be made by an adult. If a guest under 18 will be staying, a waiver or authorisation form must be signed by a responsible adult guest.

olicy Review and Updates

This policy is reviewed annually or sooner if significant changes to our business practices or legal requirements occur. Any changes will be reflected in an updated version published on our website.