Building Services Management Ltd (BSML) are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us and how it will be processed by us.  Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

This policy applies to:

The head office of BSML
All staff and volunteers of BSML
All contractors, suppliers and other people working on behalf of BSML

It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of the Data Protection Act 1998. This can include:

  • Names of individuals
  • Postal addresses
  • Email addresses
  • Telephone number

Collecting and processing data

We may collect data from you, this may arise from you filling in forms or by corresponding with us by phone, e-mail or otherwise. This includes information you provide, when you change/update your personal details, contact preferences etc. and when you report a problem with our site. The information you give us may include your name, address, e-mail address and phone number and financial information.
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping.
  • We may use the information to improve our services.
  • We may periodically send promotional emails about special offers or other information, which we think you may find interesting using the email address which you have provided.
  • For health and safety purposes.

Subject access requests

All individuals who are the subject of personal data held by BSML are entitled to:

  • Ask what information the company holds about them and why.
  • Ask how to gain access to it.
  • Be informed how to keep it up to date.
  • Be informed how the company is meeting its data protection obligations.

If an individual contacts the company requesting this information, this is called a subject access request.

Subject access requests from individuals should be made by email to the Director at

The director will always verify the identity of anyone making a subject access request before handing over any information.

Relevant legislation

Along with our business and internal computer systems, our website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
•          UK Data Protection Act 1988 (DPA)
•          EU Data Protection Directive 1995 (DPD)
•          EU General Data Protection Regulation 2018 (GDPR)

This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found at the end of the policy.

Email links

Should you choose to contact us by email link on our website, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS  (sometimes known as SSL) meaning that the email content is encrypted using  SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.

How we store your personal information

We do not store any of your information on our website.

When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it. These guidelines also apply to data that is usually stored electronically but has been printed out for some reason:

  • When not required, the paper or files should be kept in a locked drawer or filing cabinet.
  • Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
  • Data printouts should be shredded and disposed of securely when no longer required.

When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:

  • Data should be protected by strong passwords that are changed regularly and never shared between employees.
  • If data is stored on removable media (like a USB, CD or DVD), these should be kept locked away securely when not being used.
  • Data should only be stored on designated drives and servers, and should only be uploaded to an approved cloud computing services.
  • Servers containing personal data should be sited in a secure location, away from general office space.
  • All servers and computers containing data should be protected by approved security software and a firewall.

About our website’s server and website

  • This website is hosted by 1&1 who are GDPR compliant and have their own privacy policy.
  • Our website is protected and we do not have any identifiable data on our website.
  • We do not use Google Analytics on our website.
  • We have a SSL certificate for our website.

The right to be forgotten
All individuals who are the subject of personal data held by BSML are entitled to ask to be completely forgotten and for all their data to be removed from our records.

Data breaches

We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

Data controller

The data controller of this website is: Building Services Management Ltd, (Company Registration No 5783474)
Whose registered office is: 153 -155 London Road, Hemel Hempstead, Hertfordshire, HP3 9SQ
And whose operating office is: Ltd, Unit 1, The Harness Room, Whitehouse Business Centre, Gaddesden Row Hemel Hempstead HP2 6HG

Data protection officer

The Data Protection Officer in our office is Mr Daniel Price,


Questions, comments and requests regarding this privacy policy are welcomed and should be sent to

Changes to our privacy policy

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

Change log

  • 18 May 2018