This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Print Page | Contact Us | Report Abuse | Sign In | Register
Privacy Policy
Share |

The Data Controller connected with this Privacy Notice is Money Shield Limited (Company No. 11186202) whose registered office is: Arbon House, 6 Tournament Court, Edgehill Drive, Warwick CV34 6LG

1. Purpose

In this instance your data is being processed for the specific purpose of providing membership services to Money Shield Client Money Protection Scheme members.

2. Lawful basis

The collection of your data for this purpose is under the Lawful Basis of Contract, in that Money Shield requires the personal data of the Member’s representative so that Money Shield can administer the scheme and its contractual obligations to its membership.

3. Information collected

The information we will collect and process about you in connection with this purpose is:

3.1  Name
3.2  Telephone number(s)
3.3  Email address

4. Retention

Under the Lawful Basis referenced in paragraph;

Membership
We will keep your data for a period of two years post termination of membership, this is in accordance with Rule 14.2 of the Money Shield Scheme Rules 2018.

Applicants not joined to the scheme
We will keep your data for a period of 6 months, this is to ensure information can be provided as to the reason membership was not granted or application was rejected and to ensure fees are refunded. The information will be scheduled for deletion electronically using the Money Shield System.

Claims
We will keep data on claims for a period of six years post completion of the claims process. This is in accordance with the Statute of Limitations Act 1980.

5. Destruction

At the end of this retention period your data will be destroyed using an approved method unless prevented by Court order.

6. Data sharing

Whilst we control your personal data, we will need to share this data with the following parties, for the following purposes, in order to provide you with the services you are seeking from us:

6.1  YourMembership.com a company owned by Community Brand Inc, for the sole purpose of providing computer software, which facilitates the management of Money Shield’s membership database.

6.2  The Dispute Service (TDS) for the sole purpose of You joining TDS if signed up to do so during registration for Money Shield.

6.3  The Property Ombudsman (TPO) for the sole purpose of You joining TPO if signed up to do so during registration for Money Shield.

6.4  Propertymark for the sole purpose of marketing Propertymark products to You, only if you expressly agreed to this during registration for Money Shield.

7. Cookies

Cookies are small text files stored on Your computer when Your visit certain websites. For example, cookies ensure that you do not need to re-enter your details every time you visit the site. You can set Your browser not to accept cookies. However, this will result in you being directed away from the website. This is how cookies are used on the website:

Cookie Name(s) Location What Is Stored? Purpose
Ecommerce LandingTab
  • Backend Ecommerce landing page
  • Backend Donation processing page
  • Backend dues processing page
  • Backend store Order processing page
The name of the last individual commerce page visited. When an admin clicks the Ecommerce toolbar item (/ecommerce/default.aspx), the page redirects to the last commerce section they visited, which is stored in the cookie. So, if they last visited the Donations Processed page, click away, and then click Ecommerce, it will take them back to Donations Processed. If no location is stored, it defaults to taking them to the Dues Processing page.
cdlIDsToExclude
  • Backend Donation processing page AND Export engine
  • Backend dues processing page AND Export engine
  • Backend store Order processing page AND Export engine
The IDs that the admin has selected to filter/exclude from the results. On each of the three backend commerce processing pages, admins can choose to exclude records from their results. The IDs of these records is stored in a cookie and preserved so that the results do not continue to show. The IDs stored in the cookie are also used on the export engines for each of the three commerce areas to exclude these records from the exported results.
AdminSession Check
  • Backend Admin Login
The value 1. Upon loading the admin login page, we attempt to set this cookie with a value of 1 just as a test to make sure cookies are enabled. When the admin attempts to log in, one of the first things we do is check to see if this value is 1. If it is, that means the cookie value was set successfully, and therefore, cookies are enabled. If the value is not set, we redirect them back to the login page with the following error message: "Your browser does not allow Session Cookies. You must configure your browser to accept Session Cookies before signing into this website."
csVotes
  • Content Score Voting Control (i.e. anywhere we allow Content Voting, such as forum posts, blog posts, etc.)
A unique Score ID. We store a unique Score ID that tracks what items a user has voted on in order to prevent them from voting more than once.
Various Forum-Related Cookie Names (ForumLastVisited, TopicsVisited, etc.)
  • Forum Topics and Posts pages
Forum IDs, Topic IDs, Post IDs, and comma-delimited lists thereof. We store various forum, topic and post IDs in order to track the last forum/topic/post they visited and whether or not they've visited a forum/topic/post.
YmSessionId TBD TBD TBD
CsvExport_ + ExportID
  • Backend CSV Export check
The timestamp when the export was performed. We store the timestamp of a specific export, and if the administrator tries to download the CSV file again within a certain timeframe of that timestemp (60 seconds, I believe), the exporter does not regenerate the file, it simply serves up the already created export file.
regp1, regp2
  • Member registration (frontend and likely backend)
The encrypted passwords the user entered in the Password and Confirm Password fields (character shift encryption). These are stored so that if a user encounters a validation error and we reload the page they do not have keep re-typing the password twice. It populates the values into the Password and Confirm Password fields from the cookie.
EditorView PlainText

EditorViewInnova
Any page (frontend or backend) that employs a content editor with a mode switch A 0 or a 1 to indicate Editor Mode. Used to determine the user's preference for content editor mode (RadEditor, Innova Editor or Plain Text). Each mode corresponds to different cookie values:

Rad Mode: Using RadEditor; EditorViewPlainText = 0; EditorViewInnova = 0

Innova Mode: Using Innova Editor; EditorViewPlainText = 0; EditorViewInnova = 1

PlaintText Mode: Using Plaint Text Editor; EditorViewPlainText = 1; EditorViewInnova =
AdminEditMode
  • Admin Nav Bar at bottom of browser when admin is logged into frontend as member
A 0 or a 1 to indicate Admin Edit Mode. Used to store the administrator's preference for Edit Mode when logged into the frontend as a member. If Edit Mode is turned on (i.e. the cookie value is 1), then any content areas will be linked to the backend Edit Content Area page for that content area.
CFORM_ + CustomFormID
  • Custom form rendering
A custom form dataSet GUID. Used to remember a dataset GUID when a custom form is configured to be split into multiple pages instead of a single page.
FbFeedParams
  • Any frontend pages that use FacebookConnect for sharing content via the FBConnect API
Various parameter settings relating to FacebookConnect (e.g. OnLoadPath, Action, ActionLink, Context, Story, Prompt, Message). Used to store various FBConnect feed parameters in order to pass data to the FBConnect API.
FbcLogoutPrompt
  • Logout
A 0  or a 1 to indicate whether the member has been logged out of FacebookConnect. Used to to the user log out of FBConnect when they log out of the site.
datDontSendUntil
  • Mailer/Notification Class, and therefore anywhere a notification could be sent
The "Don’t Send Until" date for the buffering of notifications (currently set at 1 hour). Used for the buffering of notifications, in other words to prevent multiple notifications of the same type from being sent in rapid succession.
Registration BatchGuid
  • Frontend Event Registration
The Registration Batch GUID for an in-process event registration. Used to persist the event registration batch GUID for use throughout the event registration process.
GUID_Referrer
  • Member registration (frontend)
The referrer GUID Used to persist a referrer GUIDE so that the referrer gets credit when a member completes registration.
Admin

Any backend pages that display/record Recently Accessed Profiles, including:

  • Directory Search (displays)
  • Non-Member Edit (records)
  • Member Edit (records)
  • Member Profile View (records)
  • Member Referrals (records)
A comma-delimited string of Website Member/Non-Member IDs of recently accessed profiles. Used to persist the Website Member/Non-Member IDs of recently accessed profiles in order to display the Recently Accessed Profiles widget on the Directory Search page.

8. Transfer of personal data outside the European Economic Area (EEA)

8.1  We draw your attention to the fact that YourMembership.com is based in the USA and therefore in using their services your personal data will leave the EEA. Community Brand, which owns YourMembership.com is a member of the EU – US Privacy Shield Framework. This scheme is approved by the EU’s supervisory authority, which therefore authorises the transfer of data outside of the EEA under this Framework.

9. Rights of the Data Subject

9.1  Under the General Data Protection Regulation you, the Data Subject have certain rights regarding the control and processing of your personal data. Details regarding your rights can be found on the Information Commissioner’s Office (ICO) website.

9.2  Should you wish to contact Money Shield in order to exercise any of these rights, please email msdpo@money-shield.co.uk. Alternatively, please call 01926 417763 and ask to be put through to the Data Protection Officer.

10. Security

10.1  Recognising the importance of personal data to our consumers, we endeavour to put in place appropriate organisational and technical measures to protect that data.

10.2  The personal data we hold on electronic media is full names and email addresses.

10.3  The personal data we hold on non-electronic media is claimant information, supporting evidence for fit and proper person tests (this may include criminal convictions and or information on personal insolvency events).

10.4  Data Subjects should be aware that not all electronic communications are secure. We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government advice. However, if your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

10.5  We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

11. Additional services

Money Shield provides a Client Money Protection Scheme. However, there are other services associated with operating a property business, which we believe may be of assistance to our members. We may share your details with these other organisations. However, we shall seek your consent separately before doing so.

12. Data protection concerns

Should you have any concerns regarding the way an organisation is processing your personal data, the ICO recommends that in the first instance you contact the organisation concerned. If the organisation does not address those concerns in an appropriate manner, you then have the option to escalate the issue to the ICO. If you wish to contact us because you have concerns about our use of your personal data, please contact us using the details provided in paragraph 8.2.

13. Updates

This Privacy Notice is kept under review and it is update as appropriate. It was last updated on 9 July 2018.