Give us a call: +447714745395
Partners Careers Reviews
Free property assessment Request a quote

Partner Data Handling Policy

Rules for partners handling client and business data shared by Architect Designs.

Last updated: February 5, 2026

Applies to partners. This policy sets mandatory rules for partners, subcontractors, and suppliers who receive personal data or confidential business information from Architect Designs LTD (Company No. 15900040) (“Architect Designs”, “we”, “us”). It is designed to protect clients, partners, and Architect Designs.

1. Purpose

This policy explains:

  • what data we may share with partners;
  • permitted uses of that data;
  • required security standards;
  • retention and deletion requirements; and
  • what to do if something goes wrong (incidents/breaches).

2. Key definitions

  • Client data: personal data relating to our clients and their projects (including property address and project information).
  • Confidential information: non-public information about Architect Designs, our clients, pricing, processes, documentation, and partner arrangements.
  • Partner: any builder, engineer, consultant, supplier, or subcontractor who receives data from us.

3. When we share client data with partners

We share client data only where necessary and appropriate, for example:

  • Introductions: where a client explicitly requests an introduction and consents to us sharing their details.
  • Subcontractor delivery: where you are appointed and paid by Architect Designs to deliver a defined scope (for example, structural calculations or technical pack work).

We share only the minimum information required for the relevant purpose.

4. Permitted use (strict purpose limitation)

You must use any data shared by Architect Designs only for the purpose it was shared, and not for any other purpose. This means you must not:

  • add client contact details to marketing lists;
  • contact the client about unrelated services or promotions;
  • sell, rent, or trade client data;
  • share client data with other parties unless necessary for delivery and legally permitted; or
  • use client project details as marketing content without the necessary permissions.

5. Client contact rules (introductions)

Where you receive client details via an introduction:

  • contact the client only in relation to the introduction;
  • identify yourself accurately and do not misrepresent your relationship with Architect Designs;
  • do not pressure the client or make guarantees about planning outcomes;
  • stop contacting the client if they ask you to stop (unless required for a live contractual matter).

6. Security requirements

You must apply appropriate technical and organisational measures to protect client data and confidential information. At a minimum, you must:

  • restrict access to authorised personnel only (need-to-know basis);
  • use strong passwords and (where available) multi-factor authentication for systems containing client data;
  • keep devices and software updated with security patches;
  • store files securely and avoid unencrypted public links;
  • avoid sending sensitive client data via insecure channels;
  • ensure staff are trained to identify phishing and social engineering attempts.

7. Subcontracting and onward sharing

You must not appoint a sub-subcontractor or share client data onward without:

  • Architect Designs’ prior written approval (unless explicitly authorised for a particular engagement); and
  • ensuring the recipient is bound by confidentiality and equivalent data protection obligations.

8. Retention and deletion

You must not keep client data for longer than necessary for the purpose it was shared.

  • Introductions: if no contract is formed with the client, delete the client data within 30 days of the introduction unless the client asks you to retain it.
  • Subcontracted delivery: retain client data only for as long as needed to deliver the agreed scope and handle reasonable queries, then delete or return it unless you must retain it to meet legal obligations or to establish, exercise, or defend legal claims.

9. Incidents and breaches

If you suspect a security incident or data breach involving client data or confidential information shared by Architect Designs, you must:

  • notify Architect Designs without undue delay at legal@architectdesigns.co.uk (subject line: Data Incident);
  • include what happened, when it happened, what data may be affected, and what you have done to contain it;
  • preserve evidence where possible and cooperate with reasonable requests;
  • not contact affected individuals or regulators about Architect Designs client data unless legally required and after coordinating with us where possible.

10. Audits and evidence

Where reasonable and proportionate, we may ask for confirmation that you have complied with this policy (for example, confirmation of deletion, or a summary of security controls used). You agree to cooperate with reasonable requests necessary for compliance assurance.

11. Consequences of breach

If you breach this policy, we may suspend introductions and/or terminate the partner relationship immediately. Serious breaches may result in legal action where appropriate.

12. Contact

Questions about this policy? Contact legal@architectdesigns.co.uk.

© 2025 Architect Designs. All rights reserved.

Partners Careers Legal