Building Control /Privacy Notice (Aedis Regulatory Services Ltd)

Privacy Notice (Aedis Regulatory Services Ltd)

1. Introduction

The Aedis Regulatory Services Ltd Privacy Notice provides information on how Aedis Regulatory Services Ltd (we and us) collect, use, secure, transfer and share your data.

We are committed to protecting and respecting your personal and sensitive data.

This policy sets out the basis on which any personal data we collect, be that provided by you or a third-party, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation (GDPR), the data controller in respect of your personal data that we collect and process as further described in this Privacy Notice is Aedis Regulatory Services Ltd. We are listed on the Information Commissioner's Office (ICO) Register of Data Controllers under registration number ZA039369. Please note that we may share your information with third-parties (as described below) who each may process that information as a data controller or data processor in their own right.

2. Data collection

2.1. Method of collection

In the general conduct of business, Aedis Regulatory Services Ltd collect information relevant to the services being sought from:

  • Yourself
  • A third-party – including, but not limited to: builders, developers, project managers, architects, solicitors, surveyors, estate agents, relatives

Such data will generally be collected directly via the use of any of our standard forms, via email or via telephone conversation at the point of requesting or subscribing to any service or becoming a registered user/member with us.

In addition, you may choose to submit information/data directly to us via several methods, including:

  • In response to marketing or other communications
  • Through social media
  • In connection with an actual or potential business relationship with us
  • To report a problem or submit a comment

You may also agree to third-parties disclosing information about you to us that those third-parties have collected.

We may also collect data using cookies on our website ( Please see 3 Cookies for more details.

If you provide us with personal data about another person, you must ensure that before you provide us with their data, they are aware of the ways in which we use personal data as set out in this Privacy Notice and they agree to their information being provided to us for these purposes.

2.2. Purpose of collection

We may collect and process information about you in order to provide the service/s sought by you. This information is referred to in this Privacy Notice as personal data. In particular, we may collect and process the following information:

  • Client’s name and address
  • Company name and address (if applicable)
  • Telephone number
  • Email address
  • Site contact name
  • Site contact company name (if applicable)
  • Site contact address
  • Site contact telephone number
  • Site contact email address
  • Site address
  • Signature/s

The above list is not exhaustive and Aedis Regulatory Services Ltd reserves the right to collect and process further personal and sensitive data which we feel is relevant to providing the services sought.

Generally, we collect, use and hold your information for reasons including, but not limited to, the below:

  • Assessing applications and providing services
  • Conducting business and developing relationships
  • Processing payments/transactions
  • Provide, administer and communicate with you about Aedis Regulatory Services Ltd products, services and offers
  • Comply with industry standards and Aedis Regulatory Services Ltd policies

3. Cookies

Cookies are small text files that are sent by websites and stored on your device. They collect information about how the website is being used by those accessing it and allow websites to remember information. Our website uses cookies to distinguish you from other users to enable us to provide you with a better experience when you browse our website and to allow us to improve our site.

You can set your browser settings not to accept cookies. However, if you do not consent to cookies being placed on your device or you set your browser not to accept cookies, some of our website features may not function or you may not be able to access parts of our website.

The 'Help' menu of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie or how to disable cookies altogether.

For further information about cookies, visit or

Alternatively, please see the Aedis Regulatory Services Ltd Cookie Policy:

4. Lawful basis of processing

We process your information under the following:

  • Legitimate interests: Some information is processed by Aedis Regulatory Services Ltd as part of its legitimate interests, which include: fraud, risk assessment, due diligence, network and information security, suppressions and managing opting out of communications, profiling, direct marketing, monitoring, web analytics, cloud storage, acquisitions, updating customer details, financial services and other core products and service provided by us.
  • Performance of a contract: Where you enter into a contract with Aedis Regulatory Services Ltd and we need to process your information as part of this contract.
  • Consent: Where we process information under consent, we will seek your clear and unambiguous consent prior to processing your data.

5. Uses of your data

We use personal information held about you in the following ways:

  • To carry out our obligations arising from any contracts entered into between you and us, for example to fulfil your request for a quotation/service.
  • To manage our relationship; for instance, we will use your information to process and administer any application you make for a quotation/service.
  • To provide you with information, products or services that are similar to those previously engaged in through Aedis Regulatory Services Ltd and/or Aedis Warranties Ltd. You can subsequently unsubscribe to receiving these communications by contacting us. Please see ‘How to contact us’ for our contact details. Please note that even if you unsubscribe from these marketing communications, we may still communicate with you for other purposes (for instance, in connection with any ongoing services and/or agreements).
  • To develop, understand and improve our business, products and services.
  • To carry out market research; for example, we may contact you (including by email) to obtain your feedback on our products and services.
  • To comply with our legal and regulatory responsibilities.
  • To prevent and detect fraud and criminal activity and to prosecute and apprehend offenders.
  • To allow you to participate in any interactive features of our services, when you choose to do so.
  • To notify you about changes to our services.

6. Disclosure/sharing of your data

We do not sell or otherwise disclose personal or sensitive data which we collect about you, except as described in this Privacy Notice or as indicated at the time the data is collected.

We may share the data we collect with other companies, organisations and regulatory bodies, including, but not limited to:

  • Local authorities
  • Water authorities
  • Fire authorities
  • Third-party structural consultant
  • Relevant regulatory bodies
  • Aedis Warranties Ltd - registered on the Information Commissioners Office (ICO) Register of Data Controllers under registration number ZA171635.
  • Landmark Information Group
  • Formally contracted service providers to perform services on our behalf

Where required, we contractually agree that our service providers safeguard the privacy and security of personal data they process on our behalf and authorise them to use or disclose the data only as necessary to perform services on our behalf or comply with legal requirements.

Services include, but are not limited to: providing, administering, processing, and satisfying a quotation, contract or service.

These third-parties have access to personal information needed to perform their functions but may not use it for other purposes.

We may also disclose your personal information to third-parties in the following circumstances:

If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions, other agreements; or to protect our rights, property, or safety or those of our customers or other third-parties. This includes exchanging data with other companies and organisations (including credit reference agencies and the police) for the purposes of fraud protection, credit risk reduction and the prevention and detection of crime or the prosecution and apprehension of offenders.

7. International transfers of data

In relation to the above uses of your personal data and the above sharing arrangements, your personal data may be transferred to, stored and processed in, one or more countries outside the European Economic Area (EEA), including in countries which do not provide equivalent protection for personal data as the GDPR. In these circumstances, we will take reasonable steps to ensure that your personal data is adequately protected in accordance with the requirements of the regulation.

8. Security of your information

The security of your personal data is very important and Aedis Regulatory Services Ltd is committed to protecting the data we collect. We maintain administrative, technical and physical safeguards designed to protect the personal data provided to us. We also safeguard against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use of personal data.

Despite our efforts regarding security, it is important to bear in mind that the internet is not a secure means of communication. Personal data shared/communicated through the internet may be intercepted by other people. We cannot guarantee the security of personal information sent to us through this website. You accept that you use this website at your own risk. Once we have received your data, we will use strict procedures and security features in order to prevent unauthorised access.

Aedis Regulatory Services Ltd reserves the right to transfer your data in the event of a sale or transfer (wholly or partially) of our business or assets, with reasonable efforts for the acquirer to protect/use your information consistent with the GDPR. You can exercise your rights to contact the acquiring entity with questions concerning the protection and processing of your information.

9. Your rights

9.1. Data retention

We will keep information for a reasonable amount of time in order to perform the service/s agreed.

We only keep your information for as long as necessary. We generally keep personal data in line with the Building Control Performance Standards, meaning that we are currently required by the Government to keep records for a minimum of 15 years.

However, Aedis Regulatory Services Ltd reserves the right to keep information for longer if we feel that this is in the legitimate interests of Aedis Regulatory Services Ltd.

Aedis Regulatory Services Ltd stores personal data only for as long as it is necessary for the fulfilment of the purpose for which the personal information was collected, unless otherwise required or authorised by applicable law. We take measures to destroy or permanently de-identify personal information if required by law or if the personal data is no longer required for the purpose for which we collected it.

9.2. Profiling

For the purposes of business conduct, enhancement, identification of fraud, money laundering and other potential unauthorised activities, Aedis Regulatory Services Ltd may engage in profiling activities via direct use or anonymisation of sensitive personal information.

9.2.2. Direct profiling

Direct profiling may be engaged for the fair and lawful purposes, to provide Aedis Regulatory Services Ltd with the ability to enforce Aedis Regulatory Services Ltd Terms and Conditions, legal reporting as may be required by applicable laws, regulations, policies/standards or requested by any judicial process or governmental agency having or claiming jurisdiction over Aedis Regulatory Services Ltd, which may include, but is not limited to:

  • Anti-money laundering
  • Tax reporting
  • Credit defaulting/exposure
  • Financial viability analysis/reports
  • Business partner/client portfolio position, performance, risk positions

9.2.3. Indirect profiling

Indirect profiling via anonymisation of personal data may also be used for preparing and furnishing aggregated data reports showing anonymised information, including, but not limited to: analyses, analytical and predictive models and rules, and other aggregated reports.

9.3. Your rights and choices

Your rights regarding the sensitive/personal data we maintain about you enable you to exercise choices about what personal data we collect from you, how we use that information, and how we communicate with you.

9.3.2. Access and correction

You may have the right to:

  • Obtain confirmation that we hold personal data about you
  • Request access to and receive information about the personal data we maintain about you
  • Receive copies of the personal data we maintain about you

The right to access personal data may be limited in some circumstances by local law requirements.

9.3.3. Update and correct inaccuracies in your personal data

If you feel the data we hold about you is incorrect or inaccurate, you can contact us outlining the information you feel is incorrect or inaccurate.

If we refuse to correct your personal data, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint.

9.3.4. Object to the processing of your personal data

If you would like to object to any processing of your data by Aedis Regulatory Services Ltd, you can contact us outlining what processing of data you would like to object to.

If you would like us to delete, block or anonymise data we hold about you, you can contact us outlining what data you would like deleted, blocked or anonymised.

9.3.5. Opting out of processing

You have the right to ask us not to process your personal data for marketing purposes. Please contact us by either telephone, email or post. Our contact details can be found in the ‘How to contact us’ section below. Aedis Regulatory Services Ltd and/or Aedis Warranties Ltd may market to you by telephone, email or post. We will only contact you in relation to comparable products and services and will not share your information with any third-party companies for the purposes of marketing.

9.3.6. Withdrawal of consent

If we obtain your data by consent, you have the right to withdraw any consent you previously provided to us.

If we process your data under legitimate interest, you can object at any time, on legitimate grounds, to the processing of your personal information.

Aedis Regulatory Services Ltd will apply your preferences going forward.

Doing so will mean that you cannot take advantage of certain Aedis Regulatory Services Ltd and Aedis Warranties Ltd products, services and promotions.

The right to consent removal may be limited in some circumstances by local law requirements and you will be informed appropriately.

9.4. Identification and verification

Any person submitting a request regarding their data may be subject to identity and verification procedures at the discretion of Aedis Regulatory Services Ltd.

To update your preferences, ask us to remove your information from our mailing lists or submit a request to access, update, correct or delete your personal data, please contact us as specified in the ‘How to contact us’ section below.

10. Anti-money laundering

In addition to helping you with the service requested, we must comply with certain regulations, for example: The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (referred to as ‘the Regulations’).

Aedis Regulatory Services Ltd are required to obtain certain information from you to comply with the Regulations. The information provided will only be used by Aedis Regulatory Services Ltd in relation to complying with the Regulations and will not be shared with any other party outside of those stated within this Privacy Notice unless we are required to do so under law.

If you decide to enter in to a business relationship with Aedis Regulatory Services Ltd, you are required to comply with certain regulations.

We may require two separate Identification documents; one primary and one secondary document. The information may be required at various stages of the process but, ideally, will be limited to one occasion.

Primary identification:

  • Valid passport
  • Valid full UK photo driving licence

Secondary identification:

  • UK bank/building society statements/bills showing activity (dated within the last six months)
  • UK mortgage statement (dated within the last 12 months)
  • Utility bill, including: electricity, gas, satellite TV, internet services or water (dated within the last 6 months)

11. How to contact us/complaints and feedback

If you:

  • Make a complaint about a breach of your personal data, applicable privacy laws/principles or a concern about Aedis Regulatory Services Ltd privacy practices
  • Would like access to and/or update the data or preferences you provided to us

Please contact us by:

Telephone: 0800 622 6903
Post: Aedis Regulatory Services Ltd, Aedis House, 3 Pioneer Court, Morton Palms Business Park, Darlington, DL1 4WD

If we fall short of your expectations in processing your personal data or you wish to make a complaint about our privacy practices, please contact us.

To assist us in responding to your request, please give full details of the issue. We attempt to review and respond to all complaints within a reasonable time.

If we cannot, for lawful reasons, complete your request, we will explain this to you to the extent that we lawfully can. 

If you have any questions, comments or requests regarding this Privacy Notice, please feel free to notify us using any of the above contact details.

Aedis Regulatory Services Ltd reserves the right to change this Privacy Notice from time to time where necessary. Previous versions of our Privacy Notices will be kept within Aedis Regulatory Services Ltd. The version found at will remain the most recent and current version.

Please log in to your building control account

Forgot your Password? Logging in for the first time?