Introduction

MacRae Stephen & Co respect your privacy and are committed to protecting it throughout our compliance with this website General Data Protection Regulations Policy (“Policy”).

Maintaining protection of the information entrusted to our care by our clients is of the utmost importance to MacRae Stephen & Co.

This Policy describes the types of information we may collect from you or that you may provide when we carry out work on your behalf or when you visit our website www.macraestephen.co.uk (our “Website”), and our practices for collecting, using, protecting and disclosing that information.

When MacRae Stephen & Co knowingly collects your personal information (also called ‘personal data’), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) (‘GDPR’) and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, ‘EU Data Protection Law’).

This Policy, which should be read in conjunction MacRae Stephen & Co’s Privacy Policy, provides further information as required under EU Data Protection Law on how we handle or process the personal data we collect and who we may share it with.

This GDPR Policy also provides information on your legal rights under EU Data Protection Law and how you can exercise them.

If MacRae Stephen & Co provides direct communications to individuals regarding services which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual’s consent.

Scope of the Policy

This Policy applies to information we collect:

• where you have freely provided your specific, informed and unambiguous consent for MacRae Stephen & Co to process your personal data for particular purposes, for example when you instruct us to carry out work on your behalf
• where we agree to provide services to you, in order to set up and perform our contractual obligations to you and/or enforce our right
• where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.
• In e-mail, text and other electronic messages between you and our Office, Website and Social Media.
• On our Website.
• On our Social Media sites
• Through mobile and desktop applications you download from our Website, which provide dedicated non-browser-based interaction between you and our Website.
• When you interact with us in another way – for example, contacting us with an inquiry.

This Policy outlines our policies and practices regarding your personal information (information relating to you from which you can be identified) and how we will treat it. This Policy may change from time to time (see Changes to our Privacy Policy section below), so please check the Policy periodically for updates.

Information We Collect About You and How We Collect It

We collect several types of information from and about our clients and users of our Website and others, including:

• Personal information by which you may be personally identified, including your name, postal address, e-mail address or telephone number (“personal information”);
• Information that is about you individually but is not held in a form to identify you, such as age, gender, language preferences, expertise, date of birth;
• Financial data including bank account details;
• Transaction data including details about payments to and from you and other details of services you have paid for from us;
• about your internet connection, the equipment you use to access our Website and usage details.

We collect this information:

• Directly from you when you provide it to us.
• Automatically as you navigate through the Website. Information collected automatically may include usage details, IP addresses and information collected through cookies, and other tracking technologies.

Please also note that some of the personal data we receive and that we process may include what is known as ‘sensitive’ or ‘special category’ personal data about you, for example, information regarding your ethnic origin or political, philosophical and religious beliefs. This is not the type of data that MacRae Stephen & Co would routinely collect, but if we process such sensitive or special category data we will only do this in specific situations where:

(a) you have provided this with your explicit consent for us to use it;

(b) there is a legal obligation on us to process such data in accordance with EU Data Protection Law;

(c) it is needed to protect your vital interests (or those of someone else) such as in a medical emergency;

(d) where you have clearly chosen to publicise such information; or

(e) where needed in connection with a legal claim that we have or may be subject to.

Information You Provide to Us

We collect information you provide when you instruct us to carry out work on your behalf and when you interact with our Website and social media sites, including:

• Information that you provide by making an inquiry or instructing us to act on your behalf. This includes, but is not limited to, information provided at the time of requesting a fee quote, requesting a viewing of a property, posting material, requesting further services or instructing us to act on your behalf. We may also ask you for information when you report a problem with our Website.
• Records and copies of your correspondence (including e-mail and other electronic messages, including social media posts), if you contact us.
• Your search queries on our Website.
• There may be features that are developed in the future that may result in the collection of additional new information. 

Although we limit access to certain pages on our website and you may set certain privacy settings for such information, please be aware that no security measures are perfect or impenetrable.

Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Content.

Usage Details, IP Addresses, Cookies and Other Technologies

As you navigate through and interact with our Website, we may automatically collect certain information about your equipment, browsing actions and patterns, including:

• Details of your visits to our Website, including traffic data, location data, logs and other communication data and the resources that you access and use on our Website.
• Information about your computer and internet connection, including your IP address, operating system and browser type.

The information we collect in this way is anonymous. It is aggregated into statistical data to help us improve our Website and to deliver a better and more personalized service by enabling us to:

• Estimate our audience size, browser statistics, popularity of content and usage patterns.
• Speed up your searches.
• Recognise you when you return to our Website.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us, in which case we will process such personal information in accordance with the remainder of this Policy.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information

• To offer and fulfil our core business purposes which include:

• • Offering a comprehensive, speedy and quality service to every client
  • Complying with any legal obligations;
• To provide you with information or services that you request from us;
• To fulfil any other purpose for which you provide it;
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for invoicing;
• In any other way we may describe when you provide the information;
• To present our Website and its contents to you;
• To notify you about changes to our Website or services we offer or provide through it;
• To allow you to participate in interactive features on our Website;
• Store information about your preferences, allowing us to customise our Website according to your individual interests;
• For any other purpose where we have your consent.

We may also use your information to contact you about our own services that may be of interest to you. MacRae Stephen & Co confirms that it will not sell or trade its client’s data without the prior approval. If you do not want us to use your information in this way, you may opt-out of these contacts by notifying us. For more information, see Choices About How We Use and Disclose Your Information section below.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that cannot be used to identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this Policy:

• To fulfil the purpose for which you provide it;
• For any other purpose disclosed by us when you provide the information;
• With your consent.

We may also disclose your personal information:

• To comply with any court order, law or legal process, including to respond to any government or regulatory request.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of MacRae Stephen & Co and our staff. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

Client Privacy Information

MacRae Stephen & Co will not sell, trade or share a clients personal information, including their name, phone number, email, or physical address with any unconnected parties nor will it send clients mailings on behalf of other unrelated organisations. This policy applies to all information received by MacRae Stephen & Co, both online and offline, as well as any electronic, written or oral communication.

Accessing and Correcting Your Information

You may also send us an e-mail at This email address is being protected from spambots. You need JavaScript enabled to view it. to request access to, correct or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Under EU Data Protection Law, our clients have the following rights which are exercisable by making a request to us in writing:

(a) that we correct personal data that we hold about you which is inaccurate or incomplete;

(b) that we erase your personal data without undue delay if we no longer need to hold or process it;

(c) to object to our use of your personal data for direct marketing;

(d) to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason; or

(e) that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.

If you make a request and are not satisfied with our response or believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner.

Retention of Data

We retain data on client files throughout the entire period of the transaction and for a period of 10 years thereafter at which time it will be permanently removed from our systems and destroyed. The reason for the 10 year time limit is due to the working practice of the legal industry in Scotland.

Refusal to provide Personal Data

The information about you that we have collected for the performance of our contracts is required in order for us to successfully fulfil our obligations to you. If you choose not to provide the personal data requested, we will not be able to enter into a contract with you to provide the benefits we offer. If we are already processing your personal information under a contract, you must end our contractual relationship (as/where permitted) in order to exercise some of your rights.

Children Under the Age of 16

We do not knowingly store information for people under 16 except under specific circumstances, for example when we have acted for children under 16 or have been supplied information from their parent, most commonly in matrimonial cases. Any times such information is collected, it will be done so with parental consent.

Our website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on our Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on our Website or on or through any of its features, interactive or public comment features of our Website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. .

Data Security

We have implemented technical and operational measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration and disclosure. All personal information you provide to us is stored on password-protected databases and all files are encrypted for additional security. Our data is stored on a NAS box which is replicated on a second NAS box located securely with our IT Expert. We train our employees on the importance of information security and focus specifically on practices for protecting against unauthorised disclosure of personal data. We have a documented incident response plan for acting upon events that violate MacRae Stephen & Co security or privacy policies, should they occur, and this plan is reviewed and updated on an ongoing basis. All incidents of this nature are reported to the owner, Archie Millar.

The safety and security of your information online also depends on you. The information you share in public areas may be viewed by any user of our Website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website or over any public network. Any transmission of personal information is at your own risk. Without prejudice to any mandatory legal obligations to which we may be subject, we are not responsible for circumvention of any privacy settings or security measures contained on our Website.

Changes to Our Privacy Policy

MacRae Stephen & Co may change, add, modify or remove portions of this Policy at any time, which shall become effective immediately upon posting on this page. It is your responsibility to review this Policy for any changes. By continuing to instruct us and use our website, you agree to any changes in the Policy.

Contact Information

If you have any questions about MacRae Stephen & Co’s privacy protection practices or believe we have not adhered to this Policy, please contact Archie at This email address is being protected from spambots. You need JavaScript enabled to view it.