Privacy notice

We may collect your personal data if you contact Crest Nicholson by email, post, telephone or otherwise in connection with any business or general matter, in order to maintain a general business relationship with you.

The information we collect

We will only collect the information you provide to us directly, such as your name and contact details or other details you might provide when corresponding with us.

Who we share the information with

Depending on the correspondence we have with you, we may share your information with businesses that provide us with services necessary in relation to what you have requested.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

We have a legitimate interest to process your personal data in order to maintain normal business operations and to fulfil the request you have made through your correspondence with us.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

As a visitor to our websites, www.crestnicholson.com and corporate.crestnicholson.com and any associated sub-domains, we will collect information related to you as required for our websites to operate, as well as giving you the opportunity to request brochures, make enquiries about our new homes, book appointments and subscribe for newsletters, press releases or other alerts.

The information we collect

News alerts and webcasts

If you chose to sign up for press releases, RNS emails, or other news alerts from our website, or to participate in investor webcasts, we will collect and store your name, email address and choice of news and information services. We use this information to provide the service you requested.

You are able to unsubscribe from the news and information service at any time and/or opt out of receiving communications by clicking the unsubscribe link in any email you are sent from us.

New home enquiries

If you make an enquiry about a new home, request a brochure and/or book a viewing appointment, we will collect your name, address, contact numbers and email address, and information about the nature of your enquiry. We may ask you about the type of property that you are interested in purchasing, such as number of bedrooms, location, price range, transport link requirements and details of your current property status, including if you are a first-time buyer and whether you are selling a property and are in a chain.

Technical information

We use cookies on our website to gather and record on our servers certain information about all users who visit the website, including without limitation, IP address, time zone setting and location, interaction with our website browser type and version, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. We may also receive technical data about you from analytics providers such as Google (for example, standard internet log information and details of visitor behaviour patterns). We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not directly identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

At any time, you can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For further information on this, please see our Cookie Policy.

The information we collect about your use of the website will be used to report on visitor numbers, administer and protect our business and websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data), to improve our websites, services and consumer experiences.

We also collect, use and share aggregated data such as statistical or demographic data (Aggregated Data) for limited purposes. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

Who we share the information with

We share the information we collect with our website providers to the extent necessary for them to perform their services to us.

If you sign up for our alert service that delivers the latest regulatory news directly to your mailbox we will share your information with our data processor for these services, The Design Portfolio Marketing Services Limited, with a registered address of Sierra Quebec Bravo, 4th Floor, 77 Marsh Wall, London E14 9SH.

If you sign up to participate in an investor webcast we will share your information with our data processor for these services, Investis Digital Limited, with a registered address of 5th Floor, The Counting House, 53 Tooley Street, London SE1 2QN.

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and we are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Please note that Crest Nicholson does not warrant, represent, endorse or hold responsibility over any external sites that may be linked to and from this site.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

Where you have agreed to provide us with your data in relation to new home enquiries and/or email alerts and/or webcasts, then you have consented to us processing that information.

We have a legitimate interest in administering, protecting and improving our website. We also have a legitimate interest to process your personal data for the purpose of providing you with the information you request when accessing and interacting with our website.

Our use of cookies is subject to consent – please see our Cookie Policy.

Direct marketing

Where you agree (or where otherwise permitted by law), we will send you information about new property developments and or services which may be of interest to you, according to your preferred methods of communication. Even after you agree and ask us to send you information, you can always unsubscribe/withdraw your consent at any time and we’ll stop sending you marketing materials. Just use the ‘unsubscribe' link at the bottom of marketing emails or inform one of our sales staff. To stop receiving SMS marketing you can text STOP to the number which sent you the latest message.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Information you provide when requesting sales and marketing information about developments and properties will be kept for up to five years after the last inbound contact we have from you, as some developments can take a number of years to plan, market and complete. Please see section 10 of this Notice to learn how you can manage marketing communications.

If you unsubscribe from the email alerts and/or webcast access, we will not retain the data you submitted when you subscribed for the service and will cease sending you news and information.

If you decide to buy a Crest Nicholson home directly from us, we will collect personal data directly from you when you:

• visit our website and/or submit online forms

• visit one of our sales and marketing suites

• call us, email us or contact us via social media

• complete questionnaires

• make a complaint

• enter into any transaction with us or request information in relation to entering into a transaction

We may also indirectly obtain personal data from third parties when you:

• visit a third-party property site (for example Rightmove or Zoopla) or an estate agent and request information about one of our homes

• engage with other property companies that we have arrangements with, for example registered providers and social landlords

• engage with solicitors, financial advisors, insurers, surveyors, and estate agents involved in your search for, and purchase of, a new home from us

• liaise with the NHBC, contractors and suppliers about your new home

If you own a Crest Nicholson home which is subject to remediation, we may collect personal data from you and other third parties associated with carrying out the works.

The information we collect

We will collect information such as proof of identity and financial status in order to help you purchase and secure your new home. We will also obtain details of any mortgage, part exchange property and your extras and choices made in relation to the home you wish to purchase, along with details of advisors appointed by you in relation to any purchase, for example mortgage brokers, solicitors, financial advisors and surveyors.

We may record or track telephone calls made to some of our sales and customer services teams for training, monitoring and quality purposes. If you visit one of our sales offices or show homes, see also section D below.

If you are a joint purchaser and give us personal data about another person, you must ensure you tell them, and please ask them to read this Notice. Please also note that when you purchase a property jointly, we may share your personal data with the other purchaser.

Who we share the information with

Your information may be shared with and processed by:

• our own employees, agents and auditors

• third-party data processors who provide support services to us and who will process your personal information on our behalf. Such third parties may include cloud services providers (such as hosting and email management), other IT service providers as well as marketing companies that we use to distribute materials on our behalf

• independent financial advisors, estate agents and solicitors that you choose to help you with your new home search and purchase

• recipients involved when you take out a mortgage including those backed by an insurance policy or product, covered by a Government Indemnity or other scheme, including credit reference agencies

• recipients involved when you purchase your home through a shared ownership or other support scheme

• warranty organisations such as NHBC

• those supplying, and those providing warranty or support services for items in your home such as appliances, technology or other special features

• after sales support providers and contractors and tradesmen who help investigate and/or carry out repairs to your new home

• agencies or providers who help us understand your experience with us, and your opinion of our Company

• parties that we have a legal obligation to disclose information to, for example regulators and law enforcement agencies

Processing for credit referencing purposes

We may undertake searches of credit reference agencies (CRAs) to verify your identity when you apply to reserve a new home. We do this by submitting your personal data to them. We need to undertake such searches in accordance with anti-money laundering laws. This is not a credit check but details of the search may appear on your credit file.

If you apply, or have a shared equity loan with us in order to process your application and manage your account, we will perform credit and identity checks on you with one or more CRAs.

To do this, we will supply your personal data to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. We will use this information to assess your creditworthiness and suitability, verify the accuracy of the data you have provided to us, prevent criminal activity, fraud and money laundering, manage your account and trace and recover debts from you.

We will continue to exchange information about you with CRAs while you have a relationship with us. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs. When CRAs receive a search they will place a search footprint on your credit file that may be seen by other lenders.

Find out more about CRAs and the ways in which they use and share personal data in this Credit Reference Agency Information Notice.

Legal basis for processing

Where you have agreed to provide us with your data in relation to purchasing a new home, then you have consented to us processing that information.

In most cases we will process your personal data because it is necessary for the performance of a contract with you (or to take steps to entering into a contract with you) i.e. the purchase of a new home and the provision of customer services after legal completion.

We may also process your personal data where it is necessary to comply with our legal obligations or for the purposes of our legitimate interests. If we are marketing to you we will only do so with your consent, or where otherwise permitted by law.

Direct marketing

Where you agree (or where otherwise permitted by law), we will send you information about new property developments and or services which may be of interest to you, according to your preferred methods of communication. Even after you agree and ask us to send you information, you can always unsubscribe/withdraw your consent at any time and we will stop sending you marketing materials. Just use the ‘unsubscribe' link at the bottom of marketing emails or inform one of our sales staff. To stop receiving SMS marketing you can text STOP to the number that sent you the most recent message.

Please see section 8 below for additional circumstances where we may disclose your data.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Information you provide when requesting sales and marketing information about developments and properties will be kept for up to five years after the last inbound contact we have from you, as some developments can take a number of years to plan, market and complete. Please see section 10 of this Notice to learn how you can manage marketing communications.

We keep the purchase record and associated records for customer services purposes for 15 years from the legal completion date.

Anti-money laundering regulations require us to keep evidence of identity checks and details of the relevant business transaction for five years.

If you start a home purchase process and do not complete it, your information will be retained for five years after your last communication to Crest Nicholson.

We may keep your data for longer if we cannot delete it for legal and/or regulatory reasons.

We store and use your information for the purposes of managing and operating our buildings and within our reporting and marketing materials.

The information we collect

If you are visiting any of our regional offices (see addresses on our Contact Us page), or a sales office at one of our development sites, we may collect personal data where necessary for security, administration and safety purposes – this may include collecting personal and contact details, as well as dietary, health or accident information. Further, we have a guest Wi-Fi network for visitors to access; however, no personal data is collected by us in relation to this.

At some developments we operate CCTV for the purposes of detecting and preventing crime and general estate management. We may also receive information from law enforcement agencies if criminal activity is alleged or suspected in the publicly accessible areas of our portfolio. Our CCTV feeds provide a 24/7 live feed, which is retained for a period of 30 days after which it is automatically overwritten, unless we are aware of a particular incident, where the footage may be kept for longer to share with law enforcement agencies (see section 8 for further information on why we might share your personal data).

We may also take photographs or videos within a property or public space, in which case we may capture the image of visitors. If you have any concerns or do not wish to be photographed, you should raise this with a member of our team. Where specific or close up images of individuals are taken (for example, for use on our social media or website), your consent will be sought.

We may also collect aggregated footfall and visitation data across our developments. No personal data is collected through this.

Who we share the information with

We share the information we collect with the following third parties:

• our suppliers to the extent necessary to perform their services to us

• where access control information or fire evacuation information is required to be shared with an occupier

• where the information relates to health and safety incidents, security events or any matter giving rise to an insurance claim or relevant to our insurance coverage, our lawyers, insurance brokers and other professional advisors

• when requested to do so by relevant authorities such as the police, in the event of criminal conduct

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

We have a legitimate interest in wishing to interact with you in order to manage and operate our buildings effectively and ensure that these are safe and secure. The processing we undertake is limited and concentrates on the use of the building.

In the case of photography, the processing we undertake will either be on the basis that we have a legitimate interest in undertaking the processing or that your consent has been obtained.

In some instances, for example for health and safety purposes, we are required by law to hold certain records to comply with this obligation.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

We have active social media accounts that are used to answer enquiries received from followers, reshare photos tagged to our account and to promote our developments. Please refer to our social media terms for more information.

The information we collect

By contacting or interacting with us through our social media accounts, you share with us your details on your social media account, which can include your social media username/handle, public profile, public posts, and any personal information included as part of your enquiry such as your name, email address, place of work and job title.

Who we share the information with

We only share the information we collect with our suppliers to the extent necessary for them to perform their services to us. In this instance the main suppliers will be our marketing agents.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

When you contact us through our social media channels, we have a legitimate interest in responding to your query.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

We collect and process personal data about you to consider your application for a vacancy. This includes:

• to assess your suitability for any vacancy you apply for

• to make offers of employment and provide contracts if you are successful in your application

• to meet legal obligations (such as payroll, tax, benefits)

• to determine that you are eligible to live and work in the UK

• to monitor compliance with anti-discrimination legislation and our policies

• to consider you for alternative vacancies

• to help us improve our recruitment practices

If you are unable to provide us with sufficient personal data, we may be unable to assess your suitability for the job applied for or to communicate with you. As your application progresses, we may need to ask you for more personal data. We will let you know what the consequences will be if we are unable to obtain and process personal data about you.

The information we collect

CVs may be submitted to us through recruitment agencies, in job applications either via our own external website or third-party advertisements, via third-party job boards, sent to our general enquiries inbox, or to individuals within our organisation. If a CV is submitted to any Crest Nicholson email address other than that of an HR specialist, it will be passed to our HR department, and the individual who received it will be required to delete it from their email.

Throughout the recruitment process information collected may include:

• biographical information about you – such as your name, address, date of birth, gender, nationality, marital status, details of family members, preferred languages

• your contact details – telephone numbers, email address, postal address

• employment history – your CV or résumé, application form details, records of education, qualifications, skills and training

• information to identify you – National Insurance or other identification number, your visa, passport or permission to work documentation

• sensitive personal information – health details (including any disabilities that affect your ability to perform your work and that we need to assess and help us consider your workplace needs)

• suitability for employment – interview notes, references, proof of professional qualifications, the results of criminal records (we will ask for your consent to do this at the reference/pre-employment stage if it is required)

• equal opportunities and anti-discrimination – we may ask you to provide details of your ethnic origin via our Equal Opportunities Form and whether you have been long-term unemployed. You do not have to supply this information. We process it strictly for the purposes of providing equality of opportunity for all, and for monitoring compliance with anti-discrimination legislation

Who we share the information with

We may share your information with third parties used to process personal data on our behalf such as IT hosting or recruitment software companies. We have contracts, policies and procedures in place to ensure these companies safeguard personal data entrusted to them, and to only use it under our instructions and for the purposes outlined in this Notice.

If we elect to contact your referees and/or previous employers directly, we will share information with them to the extent necessary to confirm the details provided in your CV.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

Where you have agreed to provide us with your data in relation to a job application, then you have consented to us processing that information.

We will process personal data in the CVs we receive, either directly from you or through a recruitment agency, on the basis of our legitimate interest in recruiting suitable candidates for our roles or where the processing is necessary to perform a contract or to take steps at your request, before entering a contract.

If you provide us with any information about reasonable adjustments you require under the Equality Act 2010 the lawful basis we rely on for processing this information is to comply with our legal obligations under the Act.

We request that CVs do not contain special category data (such as medical information) – to the extent that you voluntarily provide such information, any processing by us will be incidental and we will rely on the fact we have obligations in employment and the safeguarding of your fundamental rights. In other limited circumstances we may ask for your specific consent.

How long we keep information for

If you are successful in your job application, we will collect further details from you in line with your employment with Crest Nicholson, and a separate Privacy Notice will be communicated to you.

If your application is not successful, we will keep your personal data for up to three years after the recruitment process has ended. We do this so we can consider you for other suitable vacancies that might become available. You can ask us to erase this data at any time if that is your preference – see section 10 of this Notice.

If you send us your personal data on an unsolicited basis, for example, submitting a CV that is not connected to a specific role for which we are recruiting, we will retain your personal data for 12 months.

The information we collect

When you are engaged with Crest Nicholson as a supplier or subcontractor, we collect relevant information about you through our engagement with you in order to enter into a contract with you or your organisation for the provision of goods or services. This data may include:

• contact details for your business and your team, so that we liaise with the correct people

• bank account details, Unique Tax References and/or company registration number

• evidence of competency relevant to any works/services being discussed and undertaken

• site induction and other training records, including details pertaining to health and safety incidents and references, should we wish to follow them up

• your National Insurance details as required to comply with HMRC rules

We will also take minutes during meetings over the course of our relationship, which may include names, job titles and contact details.

All visitors and workers on our sites will be required to sign in and out each day. Some locations may use CCTV (see part D above) and a form of biometric/fingerprint access for safety and security purposes.

Who we share the information with

We only share the information we collect with our suppliers, contractors and professional advisors to the extent necessary for them to perform their services to us.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

Where you have agreed to provide us with your data in relation to acting as a supplier to Crest Nicholson, then you have consented to us processing that information.

In most cases we will process your information because it is necessary for the performance or award of a contract with you. We will also process your information where it is necessary to comply with our legal obligations.

We have a legitimate interest in processing this data from you in order for us to undertake necessary due diligence and to ensure that the invoice details match your account details. The data that we collect from you may also be used to ensure we comply with legal requirements.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Documents including contracts, designs, drawings and specifications relating to developments, buildings or schemes built after June 2002 will be retained for 17 years. Documents relating to developments, buildings or schemes built before June 2022 will be retained for 32 years.

We collect and process your personal data as a shareholder so we can manage your shareholding in Crest Nicholson Holdings plc to comply with our statutory and regulatory obligations and keep your record on the share register up to date; to make shareholder communications and shareholder meeting materials available to you; to pay you dividends; to allow you to exercise your rights as a shareholder including the right to vote, and to respond to any correspondence you send us.

The information we collect

As a shareholder of Crest Nicholson Holdings plc, we may collect your name, registered address, bank sort code and account number, email address, number of shares, date of death, corporate action election options, identification numbers, phone number, communication method preference and voting instructions.

It is important to ensure that the personal information we hold about you is accurate and up to date, and you should let us know if anything changes, for example if you move home or change your phone number or email address. You may be able to update some of the personal information we hold about you through the MUFG share portal at cn.signalshares.com. Alternatively, you can contact our Registrar, MUFG Corporate Markets (UK) Ltd at the address below or by phone on 0371 664 0300.

Who we share the information with

We will share your information with our data processor for these services, our Registrar MUFG Corporate Markets (UK) Ltd, with a registered address at Central Square, 29 Wellington Street, Leeds LS1 4DL.

We may also share your information with any other professional advisors and third-party service providers as required in order to communicate with shareholders (such as printing and mailing services). These providers process your personal information in accordance with our instructions and subject to data processing agreements in accordance with applicable data protection law.

In compliance with our legal obligations (such as s.811 Companies Act 2006), we may share your data with those who request a copy of the register of members of Crest Nicholson Holdings plc.

Please see section 8 below for additional circumstances where we may disclose your data.

Legal basis for processing

We are under a statutory obligation to process your personal details on our share register. Other than this, we process your information on the basis of our legitimate interest.

Your information may also be aggregated to conduct data analytics studies to review and better understand shareholder purchase, retention and attrition rates for our legitimate interest in order to improve as a company.

How long we keep information for

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, where there is no legal requirement to retain it for longer, we will retain your data for a period of 12 years after you cease to hold shares.