This Privacy Notice explains how Double T (CIC) uses your data. This includes the types of personal data we may collect about you, how we store and handle that data, and how we keep it safe.

We want you to be completely confident that we are treating your personal data responsibly, and that we are doing everything we can to make sure that the only people who can access that data have a genuine need to do so.

We hope this notice provides all the information about our processes that you need, but if not, please get in touch and we will do our best to help.

We will probably need to update this notice from time to time. If you are subscribed to our database, we will notify you of any significant changes, otherwise you can always get the latest version by visiting our site.

The legal bases we rely on
The law on data protection provides several acceptable reasons why we can collect and process personal data. These include:

Contractual obligations – For example, when you place an order with Double T (CIC), we will collect your name, email, phone number and delivery address. We will keep these on file whilst we are doing work for you, but we will not pass this on to any third party. If we have to post you contracts then we may pass this information on to our couriers to ensure delivery.

Legal compliance – For example, if we detect any fraudulent or other criminal activity, we can pass details of this on to the police.

Legitimate interests – In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

Consent – where you have given clear consent for us to process your personal data for a specific purpose.

When do we collect your data?
Customer correspondence data:

  • When you place an order with Double T (CIC)
  • When you register a property to manage.
  • When you engage with us on social media
  • When you contact us to ask a question or raise a complaint
  • When you enter competitions that we run

Client eligibility and correspondence data:

  • When you enrol onto the Double T (CIC) Employability Programme
  • When you engage with us on social media
  • When you contact us to ask a question or raise a complaint
  • When you enter competitions that we run

We also collect the following data:

  • Staff employment and volunteer recruitment data.
  • Contractors’ data

What sort of personal data do we collect?
Provided we have your verbal consent, customer data that we collect relating to your property needs may include your name, billing and delivery address, email address, telephone number, and order details.

Client data relating to our Employability Programme, for the purposes of suitable support and funding eligibility*, often includes: Name, address, telephone number, email address, date of birth, benefit details, curriculum vitae, national insurance number, passport number*, birth certificate number* and driving licence number*.

We will also keep records of contact you have made with us whether that is by email, telephone or through the post, and details of your interaction with our website, social media sites and email campaigns.

We only accept payment via invoice and direct debit into our account so will never store your card payment details.

How do we process your data?
“Process” means we obtain, store, update and archive data.

  1. ​​​​Customer data (Property Enterprise) is held for the purpose of facilitating orders, organising work experience placements for our Employability Programme clients and maintaining a sales relationship.
  2. Client data (Employability Programme) is held for the purpose of providing the best possible support: Your request for employability support and our agreement to provide that support constitutes a contract.  You can, of course, refuse to provide the information, but if you were to do that we would not be able to provide support. We have a “Legitimate Interest” in collecting that information, because without it we couldn’t do our job effectively and safely. We also think that it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your employability support.  This again constitutes “Legitimate Interest”, but this time it is your legitimate interest. Only the following people / agencies will have access to your data:
    • ​​Your Employment Advisor(s)
    • Nottingham Works Plus contract team (Nottingham City Council
    • Programme funders – to confirm eligibility or during an audit
    • 'Sustrans’ (who issue free bus passes)
  3. Staff employment data is held in accordance with Employment, Taxation and Pensions law.
  4. ​​Contractors’ data is held for the purpose of managing their contracts.

​​How and why do we use your personal data?

We collect your personal data mainly for the purposes of fulfilling orders placed with us.

We may also contact you from time to time with promotions, products, services and news that are likely to interest you because you have signed up to our e-newsletter. You can unsubscribe from these at any time by using the link that is present on every email, or by emailing with “unsubscribe” in the subject line.

We may also use your data to comply with contractual or legal obligations to share data with law enforcement agencies, for example when a court order is submitted to share data.

How we protect your personal data
We treat your data with the utmost care and take all possible measures to protect it.

Access to your personal data is password protected and stored on a cloud and sensitive data such as payment card information is never held by us because we do not accept payment by card.

We regularly review, and risk assess our systems and working practices to identify any data security risks and put in place measures to mitigate these.

All communal office computers are regularly accessed to manage data you might have forgotten to delete and ‘cleaned’ on your behalf.

You have the right to see what personal data of yours we hold, and you can also ask us to correct any factual errors.  Provided the legal minimum period has elapsed, you can also ask us to erase your records.

Your records are stored:

  • On paper, in locked, fire-proof cabinets, and the offices are always locked when unattended.
  • On some laptops but files are password-protected, devices face away from the public eye when in use, files are backed up regularly, shared with agreed parties via encrypted emails, the devices are transported safely and stored in a safe, remote location out of office hours.

How long do we keep your data?
We only keep your personal data for as long as is necessary for the purpose for which it was collected.

At the end of this period, your data will be permanently deleted or fully anonymised.

In order to comply with our insurance and funders, we only store data to complete a specific project, it is then uploaded to a cloud and password protected and kept for 8 years after which it is irretrievably destroyed.

Who do we share your data with?

We will only share data if it is done securely and it is necessary to do so.

  1. Customer data may be shared with third party contractors as we use contractors to fulfil certain business functions we can’t provide in-house, such as Architects for property development projects. We are confident all our contractors are GDPR compliant and we have a GDPR compliant agreement in place with each of them.
  2. Customer data may be shared with Mailchimp for marketing purposes in future who are GDPR compliant.
  3. Employment data will be shared with government agencies such as HMRC.
  4. Unless specified in a contract with a client, we do not share data with anyone. On future contracts we may be required to engage the services of other companies that become data processors for Double T (CIC). This could include a third-party contractor for example. When we do, we will always ensure the client is aware of this at the contract stage and that any third-party contractors are fully GDPR compliant, and that we have written GDPR-compliant agreements in place with them.

What are your rights concerning your data?
You have the right to:

  1. Be informed about the personal data we hold and why we hold it.
  2. Access a copy of your data that we hold by contacting us directly: we will acknowledge your request and supply a response within one month or sooner.
  3. Check the information we hold about you is correct and to make corrections if not.
  4. Have your data erased in certain circumstances.
  5. Transfer your data to someone else if you tell us to do so and it is safe and legal to do so.
  6. Tell us not to actively process or update your data in certain circumstances.

You have the right to access any personal data we hold about you, to correct it, to withdraw your consent of its use (whether or not you consented in the first place) and the right to restrict its use. If you would like a copy of any data we hold about you, or if you would like to correct it, restrict its use, or withdraw your consent for its use, please contact us at  Alternatively, write to Double T, The Coach House, 59 Sherbrooke Road, Carrington, Nottingham, NG5 2BE.

If you would like to opt out from receiving email communications, please use the unsubscribe link which is usually present on every email, or by emailing with “unsubscribe” in the subject line. Alternatively, write to us at the same postal address shown above.

To protect your confidentiality when processing any request within this section, we will always check your identity first.


If you have any questions about our Privacy Notice, please contact us at and we will do our best to answer them.

If you have a complaint regarding your personal data and have already contacted us to resolve it but are not satisfied with the resolution, you have a right to complain to the Information Commissioner at or by calling 0303 123 1113.