top of page

FOBEA Property Management & Investment Privacy Policy

1. Who We Are

FOBEA Ltd (“FOBEA”, “we”, “our”, “us”) is a company registered in England & Wales (No. 13853173). We provide property‑investment, letting, and management services.

  • Postal address: 3.03 - 3.04, Neo, 9 Charlotte St, Manchester M1 4ET

  • Email: privacy@fobea.co

  • Telephone: +44 (0)161 388 7840
     

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, FOBEA Ltd is the ‘data controller’ of the personal information described in this notice.

2. Scope of This Policy
 

This Policy explains how we collect, use, share, store, and protect personal data when you:

  1. browse or interact with https://www.fobea.co (the “Site”);

  2. subscribe to our newsletters or marketing updates;

  3. engage us as an investor, landlord, buyer, vendor, tenant, or guarantor;

  4. communicate with us by phone, email, social media, or otherwise.
     

It does not cover websites we link to. For information on our cookie practices please see our Cookie Policy.

3. The Data We Collect
 

  • Identity & Contact: title, name, postal address, email, phone, DoB, nationality, ID documents.

  • Financial: bank details, proof of funds, credit data, income evidence, deposit information.

  • Transaction: tenancy agreements, purchase offers, rent statements, invoices.

  • Marketing Preferences: opt-in/out flags, preferred channels.

  • Usage & Technical: IP address, browser, device ID, pages viewed, time-on-site (via cookies).

  • Special Category Data: only where required for reasonable adjustments or legal duties.

 

4. How We Collect Data
 

  • Direct interactions – forms on our Site, email, phone calls, meetings, property‑inspection apps, tenancy referencing portals.

  • Automated technologies – cookies, server logs, analytics tags.

  • Third parties / publicly available sources – credit‑reference agencies, tenant‑referencing services, HM Land Registry, Companies House, social‑media platforms, AML screening tools.

5. Lawful Bases for Processing

Under Article 6 UK GDPR we rely on:

  1. Contract – processing needed to enter into or perform a contract with you.

  2. Legal obligation – e.g., right‑to‑rent checks, AML regulations, tax laws.

  3. Legitimate interests – running and protecting our business, network security, informing clients of similar products/services (balanced against your rights).

  4. Consent – for email marketing to new subscribers, or where we process special‑category data. You may withdraw consent at any time.

6. How We Use Your Data
 

  • To respond to enquiries and provide quotations.

  • To source tenants, negotiate offers, collect rent, arrange maintenance, or sell/acquire property.

  • To conduct identity, credit, and AML checks.

  • To manage client accounts, invoice, and process payments.

  • To send service messages (e.g., tenancy updates, inspection notices).

  • To deliver newsletters, promotions, and investment insights (you may opt out).

  • To administer and protect our Site (troubleshooting, data analysis, testing, fraud prevention).

  • To comply with legal or regulatory requirements.

We do not use your personal data for automated decision‑making that produces legal or similarly significant effects.

7. Marketing Communications

We send marketing emails only:

  • if you expressly consent; or

  • if you are an existing customer and the message relates to similar services (“soft opt‑in” under PECR).
     

You may unsubscribe at any time by:

  • clicking “Unsubscribe” in an email; or

  • emailing info@fobea.co with “Opt Out” in the subject line.

8. Sharing Your Information

  • Government/regulators (HMRC, ICO, Home Office) – legal obligations.

  • Property portals, referencing agencies, credit bureaux – contract performance, legitimate interests.

  • Approved contractors (trades, inventory clerks, cleaners) – works at managed properties.

  • Professional advisers (solicitors, accountants, tax, insurance, mortgage brokers) – legitimate interests.

  • IT & cloud providers (hosting, CRM, email) – under written agreement.

  • Redress scheme / deposit-protection scheme – legal requirement.

  • Prospective buyers/landlords/tenants – limited details for negotiations.

  • All third parties must keep data secure and process only for specified purposes.

9. International Transfers
 

Some service providers (e.g., cloud hosts, email platforms) may store data outside the UK. Whenever we transfer data internationally, we ensure an adequate level of protection by using:

  • UK “adequacy regulations”;

  • ICO‑approved Standard Contractual Clauses; or

  • other valid transfer mechanisms under UK GDPR.

10. Data Security
 

  • ISO‑27001‑compliant cloud infrastructure.

  • TLS encryption for data in transit.

  • Role‑based access controls and multi‑factor authentication.

  • Regular vulnerability scans and staff data‑protection training.

  • Incident‑response plan aligned with ICO breach‑notification rules.

     

11. Data Retention

AML/KYC/tenancy records: 5 years after relationship ends.
Accounting/tax records: 6 years plus current FY.
Marketing data: until you unsubscribe, then on a suppression list.
Enquiry data (no contract): 2 years from last contact.
CCTV/call recordings (if used): up to 30 days unless required for investigation.
We may retain data longer to establish, exercise, or defend legal claims.

 

12. Your Rights
 

Under UK GDPR you have the right to:
 

  1. Access – obtain a copy of your personal data.

  2. Rectification – correct incomplete or inaccurate data.

  3. Erasure (“right to be forgotten”) – where no lawful reason to continue processing applies.

  4. Restriction – suspend processing in certain circumstances.

  5. Data portability – receive data in a structured, machine‑readable format.

  6. Object – to processing based on legitimate interests or direct marketing.

  7. Withdraw consent – at any time, where processing relies on consent.

  8. Complain – to the ICO at ico.org.uk or via 0303 123 1113.
     

To exercise any right, email info@fobea.co. We may need proof of identity.

 

13. Cookies & Similar Technologies
 

We use first‑party and Google Analytics cookies to:

  • make the Site function;

  • understand how users navigate pages;

  • improve speed and relevance of content.
     

See our separate Cookie Policy for full details and opt‑out options.
 

14. Third‑Party Links
 

Our Site contains links to third‑party websites and plugins (e.g., social‑media sharing). We do not control these sites and are not responsible for their privacy statements. Clicking those links may allow third parties to collect data about you; we encourage you to read their policies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will:

  • post the new version on the Site; and

  • where material changes are made, notify you by email or prominent notice.

Please check back periodically to stay informed.

16. Contact & Complaints

Questions, requests, or complaints regarding this Policy should be directed to the Data Protection Lead at info@fobea.co or by post to the address above.

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office.

bottom of page