At Commercial Property Finders (CPF) we’re committed to treating everybody’s personal information responsibly and being open and transparent about how we do that. Our privacy notice explains in detail how we use the information you share with us, and what measures we take to protect it.
Commercial Property Finders (CPF) Privacy Notice:
By using our website, social media pages, engaging in our onboarding process and providing your information you agree to our collection and use of the information you provide in the way(s) set out in this notice. If you do not agree to this notice, please do not use our website, social media pages or services.
We review our privacy notice regularly and we may make changes to it from time to time. Any changes we make to the notice will appear here and will apply to all future processing of data, including data that is already being processed by CPF. This notice was last updated on 7th March 2025.
It's important that you read the full privacy notice to understand what information we hold, how we may use it, and what your rights are – but if you don’t have time to read it all now, here’s a quick summary:
Brief overview:
We collect information that is either personal data or non-personal data.
We collect information to provide services, to provide information, for administration, research and analysis.
We do our very best to keep personal information secure. For example, we use a secure internet connection whenever we collect personal data online.
Information is stored on computers located in the UK.
We never sell your data, and we will never share it with any other company for their own marketing purposes.
We only share data where required by law or with carefully selected partners who work with us. All our partners are required by their contract or terms of service to treat your data as carefully as we would.
We may record incoming calls or online meetings in specific circumstances. A notice will always be provided before recording starts.
This notice has been designed to meet the requirements of the UK Data Protection Act 2018 (DPA), the UK General Data Protection Regulation (UKGDPR),
This notice applies to all websites we control, our use of emails and text/WhatsApp messages, and any other methods we use for collecting information. It covers what we collect and why, what we do with the information, what we won’t do with the information, and what rights you have.
1. What is personal data?
Personal data is information that can be used to identify you, such as name, identification number, location data, or online identifiers. Some categories of personal information are more sensitive and referred to as 'special category data'. This includes information relating to health, race, ethnic origin, political opinions, religious beliefs, trade union membership, genetics, biometrics, sex life and sexual orientation.
2. What information do we collect and why?
CPF collects a variety of data categories to deliver our services. This includes personal and non-personal data such as financial information and files uploaded/downloaded.
We will use the information you provide to:
review services provided, and identify any improvements that can be undertaken
fulfil your requests – such as applications as an investor, for sourcing purposes, and provision of information
process property transactions, or other payments and verify financial transactions
comply with all regulations
handle your onboarding process and communicate with you about the process
record any contact we have with you
provide tailored stewardship
prevent or detect fraud or abuses of our website and enable third parties to carry out technical functions on our behalf
provide a personalised service to you – this could include customising the content and/or layout of our pages for individual users along with email personalised to an individual’s requirements, where appropriate
CPF processes payment information by several methods. Where payments are made using a debit or credit card, CPF does not store or retain the card information.
3. Lawful Basis for Processing Your Personal Data
Personal information
Data protection law requires us to identify the lawful basis under which we collect and use your personal information. Depending on why we process your data one, or sometimes more than one of the following bases may be relevant.
Legitimate Interest - processing where we consider it is in the legitimate interest of CPF to process your data. We will always balance any potential impact on you and your rights against the identified legitimate interests.
Consent – where you have given your consent for CPF to use your personal data for a particular purpose.
Legal obligation – where the processing of personal data is required to ensure compliance with a legal obligation.
Contract - where the processing of personal data is required to meet our contractual obligations.
4. How we use your information
Using your information to provide a service to you:
We may send you communications about our news, activities and deals by post or phone unless you have previously told us that you do not want to be contacted in this way.
We will send information by text or email if you have consented to receive information this way. You can unsubscribe from these messages at any time by clicking the unsubscribe link to withdraw your consent.
We will only ever use social media platforms (such as Facebook and X) in accordance with their own terms and conditions. If you have an account on one of these platforms, you will have agreed to these terms and conditions yourself. All social media platforms must comply with data protection laws when processing or storing the personal data of individuals from the UK and Ireland and have a responsibility to store and process data in a fair and transparent way.
Sharing your information
We will only share your information if:
we’re legally required to do so, for example by a law enforcement agency legitimately exercising a power or if compelled by an order of the court
we believe it’s necessary to protect or defend our rights, property or the personal safety of our people
we’re working with carefully selected partners that are carrying out work on our behalf, such as Solicitors, Estate Agents, Tradesmen etc.
we only choose partners we can trust. We will only pass personal data to them if they have signed a contract or agreed to terms of service that require them to:
abide by the requirements of the Data Protection Act, General Data Protection Regulation and successive legislation
treat your information as carefully as we would
only use the information for the purposes for which it was supplied (and not for their own purposes or the purposes of any other organisation)
allow us to carry out checks to ensure they are doing all these things.
We never sell or share your information to other organisations to use for their own purposes.
Storing your information:
Information is stored by us online on Google Drive.
We place great importance on the security of all information. We have security measures in place to protect against the loss, misuse and alteration of data under our control. For example, we control who can access each of our systems and we use encryption on our website data before it is sent to us.
Unfortunately, the transmission of data across the internet is not completely secure. While we do our best to try to protect the security of your information, we encourage the safe sharing of data across the internet and advise that care is taken when sending personal, or sensitive data over a public connection.
We cannot ensure or guarantee that loss, misuse or alteration of data will not occur while data is being transferred.
Where you or we have provided a password enabling you to access parts of our websites or use our services, it is your responsibility to keep this password confidential. Please don't share your password with anyone.
5. How long we keep your personal information
We keep your information only for as long as we need it to provide you with the services or information you have requested.
Administer your relationship with us,
Carry out the services as outlined in the relevant sections above
Send you relevant details we believe may be of interest to you in accordance with your requirements.
When we no longer need information, we always dispose of it securely, using specialist companies if required. We have an information and data retention policy, which we review regularly.
6. Your rights
The UK General Data Protection Regulation (UKGDPR) gives you certain rights over your data and how we use it. These include the right to:
access to the personal information we hold about you, known as a subject access request
object to our processing (automated or otherwise) of your personal information
object to your information being used for marketing purposes
restrict the processing of your personal information
obtain a copy of your personal data in a portable format so that you can reuse it
rectify your personal information if you believe it is incorrect – we want to ensure that all information we hold about you is accurate and up to date so please do let us know if anything changes
request the erasure of your personal information (please note that in certain circumstances we may need to retain your data for a specified period to comply with our legal obligations).
If you make a request relating to any of the rights listed above, we will consider each request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for complying with such a request unless the request is deemed to be excessive in nature.
If you wish to exercise any of these rights please email us on: [email protected]
You can find more information about your rights under data protection legislation from the Information Commissioner’s Office at ico.org.uk.
Information and Data Retention policy
Commercial Property Finders (CPF) will retain information as follows:
Personal information - Data agreement ends plus one year
Financial information: bank statements etc. - Data agreement ends plus six months
Sophisticated Investor Statement - Data agreement ends plus one year
4. High Net Worth Investor Statement - Data agreement ends plus one year
5. Photo ID - Date agreement ends
6. Proof of Address - Date agreement ends
7. Loan Agreement - Document Always Retained
8. Non-Disclosure Agreement - Always Retained