This document serves as the GDPR (General Data Protection Regulation) Description for ShortLetMart (referred to as “the Website”). It outlines the measures and practices implemented by the Website to ensure compliance with the GDPR, which governs the protection and processing of personal data of individuals within the European Union (EU) and the European Economic Area (EEA). The Website is committed to safeguarding the privacy and data protection rights of its users and visitors.
The Data Controller responsible for the processing of personal data on the Website is RealEstMart, with registered address at 26 Adebisi Omotola St, Isolo, Lagos and 14 Orsett Road, Grays, England, RM17 5DL.The Data Controller determines the purposes and means of the data processing on the Website.
Categories of Personal Data:
The Website collects and processes the following categories of personal data:
User Account Information: When users create an account on the Website, we collect personal data such as their name, email address, phone number, and password.
Booking Information: When users make a booking, we collect personal data such as their name, contact details, payment information, and any other necessary details related to the booking.
Communication Data: We may collect personal data contained in communications between users and the Website, including emails, messages, and other forms of communication.
Legal Basis for Data Processing:
The legal basis for processing personal data on the Website is as follows:
Contractual Necessity: Processing personal data is necessary for the performance of a contract with the user, such as processing bookings and providing requested services.
Consent: With the user’s explicit consent, we may process personal data for additional purposes beyond the scope of contractual necessity, such as sending marketing communications or improving our services.
Legal Obligations: The Website may process personal data to comply with applicable legal obligations, such as tax or regulatory requirements.
Personal data will be retained for as long as necessary to fulfill the purposes outlined in this GDPR Description, unless a longer retention period is required or permitted by law. Users’ personal data will be securely deleted or anonymized when it is no longer needed.
Data Security Measures:
The Website implements appropriate technical and organizational measures to protect personal data from unauthorized access, accidental loss, or destruction. These measures include encryption, restricted access controls, regular security assessments, and staff training on data protection.
As a user of the Website, individuals have the following rights regarding their personal data:
Right to Access: Users can request access to their personal data held by the Website.
Right to Rectification: Users can request the correction or update of their inaccurate or incomplete personal data.
Right to Erasure: Users can request the deletion of their personal data, subject to legal obligations and legitimate interests.
Right to Restriction: Users can request the restriction of processing their personal data under certain circumstances.
Right to Data Portability: Users can request to receive their personal data in a structured, commonly used, and machine-readable format.
Right to Object: Users can object to the processing of their personal data based on legitimate interests or direct marketing.
For any inquiries or to exercise your rights under the GDPR, please contact our Data Protection Officer (DPO) at:
Name: Olaiya Tolufashe
Address: 13 Odiyan Street, Ikate, Lekki, Lagos
The Website is committed to maintaining the highest standards of data protection and privacy. This GDPR Description aims to provide transparency regarding our data processing activities. We continuously review and update our practices to ensure compliance with the GDPR and other applicable data protection laws.
Date of Last Update: May 27, 2023