Privacy Policy

Total Property Factoring & Management Ltd

Effective date: 01/01/2026
Last reviewed: 01/06/2026

Legal name: Total Property Factoring & Management Ltd
Company number: SC875809
Property Factor Registration Number: PF001165
Registered office: Level 2, 48 West George Street, Glasgow, G2 1BP
Principal factoring office: Level 2, 48 West George Street, Glasgow, G2 1BP
Telephone: 0141 459 1037
Email: contact@totalpropertyfm.com
Resident portal / repair reporting: Totalfactor.fixflo.com
Normal working hours: Monday to Friday, 9:00am to 5:00pm
Emergency / out-of-hours contact: Call or WhatsApp 0141 459 1037

1. Introduction

Total Property Factoring & Management Ltd, referred to in this Privacy Policy as “TPFM”, “we”, “us” or “our”, is committed to protecting the privacy and personal data of homeowners, residents, tenants, landlords, contractors, suppliers, employees, applicants, website users and other individuals we deal with.

This Privacy Policy explains how we collect, use, store, share and protect personal information in connection with our property factoring, property management, maintenance, repairs, compliance, insurance, administration and related services.

We process personal data in accordance with the UK General Data Protection Regulation, the Data Protection Act 2018, and guidance issued by the Information Commissioner’s Office.

This Privacy Policy should be read alongside any applicable Written Statement of Services, Deed of Appointment, Schedule of Charges, Complaints Handling Procedure, Debt Recovery Procedure, Terms of Business, Website Terms, and any property-specific documentation issued by us.

2. Who we are

For the purposes of data protection law, Total Property Factoring & Management Ltd will usually act as the data controller for the personal data we collect and use in connection with property factoring and management services. This means we decide why and how personal data is processed.

In some limited circumstances, we may act as a data processor on behalf of another organisation, such as a landlord, property owner, developer, residents’ association, solicitor, insurer, local authority or management company. Where this applies, we will process personal data in accordance with the relevant contract or written instructions.

Our main contact details are:

Total Property Factoring & Management Ltd
Level 2, 48 West George Street
Glasgow
G2 1BP

Telephone: 0141 459 1037
Email: contact@totalpropertyfm.com
Resident portal / repair reporting: Totalfactor.fixflo.com

3. Who this Privacy Policy applies to

This Privacy Policy applies to personal data relating to:

homeowners and property owners;
residents, tenants and occupiers;
landlords and letting agents;
directors, committee members or representatives of owners’ associations;
complainants and individuals involved in disputes;
emergency contacts;
contractors, subcontractors, suppliers and consultants;
visitors to our website, office or managed developments;
individuals who contact us by phone, email, post, WhatsApp, resident portal, website form or social media;
prospective clients, business contacts and professional advisers;
employees, workers, consultants and job applicants, where relevant.

4. Personal data we collect

The personal data we collect will depend on your relationship with us and the services we provide. It may include the following.

4.1 Identity and contact information

This may include:

full name;
property address;
correspondence address;
email address;
telephone number;
title, role or position;
emergency contact details;
ownership status;
tenancy or occupancy information;
solicitor or letting agent details;
company name and company details, where applicable.

4.2 Property and ownership information

This may include:

property address;
title deed or ownership information;
liability share or apportionment information;
owner voting records;
owner consent records;
service charge account details;
factoring account reference;
property access arrangements;
details of shared areas, common repairs, maintenance issues and property condition;
photographs, videos, inspection records or survey information relating to the building, common areas or managed property.

4.3 Financial and billing information

This may include:

invoices and statements;
payment history;
arrears information;
payment references;
credit control records;
debt recovery records;
refund details;
reserve fund, float or sinking fund information;
records of management fees, common charges, repair charges, insurance contributions and other sums due.

We do not generally store full debit or credit card details ourselves. Where online or card payments are used, payment information will normally be processed by a third-party payment provider.

4.4 Repairs, maintenance and compliance information

This may include:

repair requests submitted by phone, email, WhatsApp or through Totalfactor.fixflo.com;
maintenance records;
inspection notes;
access instructions;
contractor attendance records;
photographs or videos of defects, common areas, private areas where relevant, or completed works;
health and safety records;
fire safety, electrical, gas, asbestos, water hygiene or other compliance records;
insurance claims information;
records of emergencies, damage, leaks, incidents or hazards.

4.5 Communication records

This may include:

emails, letters and resident portal messages;
WhatsApp messages, where used for emergency or out-of-hours communication;
call notes;
meeting notes;
complaints and dispute records;
owner consultation responses;
survey responses;
records of decisions made by owners;
correspondence with solicitors, insurers, contractors, councils, debt recovery agents, tribunals or regulators.

4.6 Technical and website information

When you use our website, online forms, portals or digital systems, we may collect:

IP address;
browser type;
device information;
usage data;
cookies and tracking information;
online enquiry details;
login records, where applicable;
security and audit logs.

A separate Cookies Policy may apply where cookies or similar technologies are used.

4.7 Special category or sensitive information

We do not routinely collect special category personal data. However, we may occasionally receive information relating to:

health, disability or vulnerability;
accessibility requirements;
safeguarding concerns;
accident or incident records;
information relevant to emergency response, resident support or reasonable adjustments.

Where we process special category data, we will only do so where we have a lawful basis under UK GDPR and a valid condition under data protection legislation.

5. How we collect personal data

We may collect personal data directly from you when you:

become a homeowner, client, resident, supplier or contractor;
contact us by email, phone, post, WhatsApp, portal, website form or social media;
submit a repair request, complaint, enquiry or insurance claim;
make a payment or query an invoice;
attend a meeting or consultation;
respond to owner voting or consultation exercises;
provide information during onboarding or property transfer;
apply for a job or contract opportunity.

We may also collect personal data from third parties, including:

previous property factors or managing agents;
landlords, letting agents or property owners;
solicitors and estate agents;
title deed, land register or publicly available property records;
contractors, surveyors, engineers and consultants;
insurers, brokers and loss adjusters;
debt recovery agents and legal advisers;
local authorities, emergency services and regulators;
owners’ associations, committees or residents’ groups;
payment providers, portals and IT service providers.

6. Why we use personal data

We use personal data for the following purposes.

6.1 To provide factoring and property management services

This includes:

managing common areas;
maintaining ownership and property records;
administering factoring accounts;
issuing invoices, statements and notices;
arranging routine, reactive and emergency repairs;
instructing contractors;
managing property inspections;
coordinating planned maintenance;
administering common insurance arrangements;
consulting owners and recording decisions;
dealing with compliance, safety and statutory requirements.

6.2 To communicate with homeowners, residents and stakeholders

This includes:

responding to enquiries;
issuing service updates;
notifying owners of repairs, costs or consultations;
arranging access;
sending emergency notices;
providing annual statements;
dealing with complaints and disputes;
communicating through email, telephone, WhatsApp, resident portal, letter or other appropriate channels.

6.3 To manage repairs and maintenance

This includes:

receiving repair reports through Totalfactor.fixflo.com, email, phone or WhatsApp;
triaging repair requests;
arranging contractor attendance;
managing emergency and out-of-hours repair reports;
recording repair history;
obtaining quotes;
notifying owners of costs;
managing approvals where required;
processing invoices and charges.

6.4 To manage payments, fees and debt recovery

This includes:

issuing invoices;
allocating payments;
managing arrears;
pursuing unpaid charges;
applying contractual or title-deed based recovery procedures;
instructing solicitors or debt recovery agents where necessary.

6.5 To manage contractors and suppliers

This includes:

passing relevant property or contact details to contractors;
arranging appointments;
confirming access arrangements;
checking insurance, competence and compliance;
reviewing contractor performance;
keeping records of works instructed and completed.

6.6 To comply with legal and regulatory obligations

This includes obligations relating to:

property factoring;
health and safety;
fire safety;
building safety;
tax and accounting;
company law;
data protection;
insurance;
tribunal or court proceedings;
complaints and regulatory reporting.

6.7 To protect property, people and legal rights

This includes:

responding to emergencies;
investigating damage, leaks, hazards or safety incidents;
dealing with insurance claims;
preventing fraud or misuse of services;
defending or bringing legal claims;
maintaining records needed for evidence.

6.8 To improve our services

This includes:

internal audits;
service reviews;
quality assurance;
staff training;
contractor performance monitoring;
improving communication systems, portals and processes.

6.9 To send service-related communications

We may send important service communications about:

repairs;
inspections;
invoices;
consultations;
changes to services;
emergencies;
compliance matters;
complaints;
changes to policies or terms.

These are not marketing communications.

6.10 To send marketing communications, where permitted

We may occasionally send information about additional services we provide, such as maintenance, cleaning, property management, compliance, insurance-related services or other property services.

We will only send electronic marketing where we have a lawful basis to do so, such as consent or legitimate interests where permitted. You can opt out of marketing at any time.

7. Our lawful bases for processing personal data

Under UK GDPR, we must have a lawful basis for using personal data. Depending on the circumstances, we may rely on one or more of the following lawful bases.

7.1 Contract

We may process personal data where it is necessary to perform a contract with you or to take steps before entering into a contract. This may include:

providing factoring or management services;
managing accounts and invoices;
arranging repairs and maintenance;
administering agreed services;
communicating with you about services.

7.2 Legal obligation

We may process personal data where necessary to comply with legal obligations, including:

accounting and tax obligations;
health and safety obligations;
company law obligations;
property factoring requirements;
tribunal, court or regulatory obligations;
data protection compliance.

7.3 Legitimate interests

We may process personal data where it is necessary for our legitimate interests or the legitimate interests of others, provided those interests are not overridden by your rights and freedoms.

Our legitimate interests may include:

managing property and common areas effectively;
recovering unpaid charges;
keeping accurate ownership, resident and account records;
preventing fraud;
managing complaints and disputes;
protecting property and safety;
improving our services;
managing business relationships with contractors and suppliers;
maintaining evidence of instructions, decisions or communications.

7.4 Vital interests

We may process personal data where necessary to protect someone’s life or safety, for example in an emergency involving fire, flood, structural risk, medical concern, access issue or immediate danger.

7.5 Consent

We may rely on consent in limited situations, such as certain types of optional marketing, optional photographs, case studies or where we ask for explicit permission to use specific information for a specific purpose.

Where we rely on consent, you can withdraw consent at any time.

7.6 Public task

This will not usually apply to TPFM, but may occasionally be relevant where we are required to assist or cooperate with public authorities, emergency services or statutory bodies.

8. Special category data

Where we process special category data, such as health, disability, vulnerability or accessibility information, we will only do so where necessary and where we have both:

a lawful basis under Article 6 UK GDPR; and
a special category condition under Article 9 UK GDPR or the Data Protection Act 2018.

This may include situations where processing is necessary for:

explicit consent;
legal claims;
substantial public interest;
protecting vital interests;
employment, social security or social protection obligations;
safeguarding or health and safety purposes;
providing reasonable adjustments or support to vulnerable residents.

We will only collect the minimum amount of sensitive information needed for the relevant purpose.

9. How we share personal data

We may share personal data where necessary with:

contractors, subcontractors and maintenance providers;
surveyors, engineers, architects, consultants and compliance specialists;
insurers, brokers, loss adjusters and claims handlers;
solicitors, debt recovery agents and sheriff officers;
accountants, auditors and tax advisers;
banks and payment service providers;
IT, software, cloud, email, portal and data storage providers;
Fixflo or other resident portal providers used for repair reporting and case management;
WhatsApp or telecommunications providers where you contact us through those channels;
local authorities, emergency services and statutory bodies;
the Scottish Courts and Tribunals Service, including the First-tier Tribunal where relevant;
previous or incoming property factors;
owners’ associations, committees or appointed owner representatives;
landlords, letting agents or property owners;
regulators, including the Information Commissioner’s Office where required;
professional advisers and business support providers.

We will only share personal data where there is a valid reason to do so and, where appropriate, subject to confidentiality, contractual and data protection safeguards.

10. Contractors and connected companies

TPFM may use approved contractors, subcontractors, suppliers or connected companies to deliver services, including maintenance, cleaning, inspections, repairs, compliance services, insurance-related services and property management support.

Where personal data needs to be shared with a contractor or connected company, we will only share information that is reasonably necessary for the service being provided. For example, a contractor may receive your name, property address, access information, contact details and details of the repair or issue.

Contractors and suppliers are expected to handle personal data securely and only use it for the purpose for which it was provided.

11. Repairs, emergencies and out-of-hours contact

Repairs may be reported through:

Resident portal: Totalfactor.fixflo.com
Telephone: 0141 459 1037
Email: contact@totalpropertyfm.com

For emergency or out-of-hours issues, homeowners and residents may contact us by calling or using WhatsApp on:

Emergency / out-of-hours contact: 0141 459 1037

Where an emergency is reported, we may process and share relevant personal data urgently where necessary to:

protect life, health or safety;
protect property;
prevent further damage;
arrange contractor attendance;
notify affected owners, residents or occupiers;
support an insurance claim;
comply with legal or regulatory duties.

Emergency information may be shared with contractors, emergency services, insurers, local authorities, property owners, residents or other relevant parties where necessary and proportionate.

12. Insurance and claims

Where TPFM arranges, administers or supports insurance matters, we may process and share personal data with insurers, brokers, loss adjusters, surveyors, contractors, solicitors, affected owners, residents or other parties.

This may include:

property details;
claim details;
incident reports;
photographs and videos;
repair records;
invoices and estimates;
correspondence;
payment records;
details of damage, loss or liability;
relevant resident or owner contact information.

Insurance-related information may be retained for longer periods where necessary for claims handling, audit, legal or regulatory reasons.

13. Debt recovery and unpaid charges

Where charges, fees, common repair costs or other sums remain unpaid, we may use personal data to manage credit control and debt recovery.

This may include sharing relevant information with:

solicitors;
debt recovery agents;
sheriff officers;
courts or tribunals;
credit reference or tracing agencies, where lawful and necessary;
other owners, where title deeds or collective liability arrangements require transparency around common costs.

We will only share information that is necessary and proportionate for the recovery of sums owed, dispute resolution, enforcement of title-deed obligations or protection of the interests of other owners.

14. Complaints, disputes and tribunal matters

If you make a complaint, raise a dispute, or become involved in tribunal, court, insurance or legal proceedings, we may use relevant personal data to:

investigate and respond to the matter;
communicate with you and relevant parties;
obtain professional advice;
maintain evidence;
comply with tribunal, court or regulatory requirements;
defend or pursue legal claims.

This may include retaining correspondence, call notes, photographs, invoices, inspection records, contractor reports and other relevant documents.

15. Website, cookies and analytics

When you use our website, resident portal, online forms or digital systems, we may collect technical information such as your IP address, browser type, device type, pages visited, enquiry form submissions and cookie preferences.

Cookies may be used to:

make the website work properly;
improve user experience;
analyse website performance;
remember preferences;
support security;
manage online enquiries.

Where required, we will ask for consent before using non-essential cookies. You can usually manage cookies through your browser settings or cookie banner.

A separate Cookies Policy may be issued if required.

16. WhatsApp and messaging services

Where you contact us by WhatsApp or other messaging platforms, we may process your name, phone number, message content, attachments, images, videos, timestamps and related metadata.

WhatsApp and similar services are operated by third parties. Their own terms and privacy policies may apply to your use of those platforms.

We may use WhatsApp for emergency or out-of-hours communications, urgent repair updates, access arrangements and other practical service communications. We will not use WhatsApp for unnecessary or intrusive communication.

Information received through WhatsApp may be copied into our property management, repair, complaint or account records where necessary.

17. CCTV, photographs and video

Where TPFM operates CCTV or arranges photography/video recording for property management purposes, this will only be done where necessary and proportionate.

Photographs or videos may be used for:

recording defects;
documenting repair issues;
evidencing completed works;
insurance claims;
health and safety matters;
security incidents;
complaints or disputes;
property inspections;
contractor performance monitoring.

Where images identify individuals, they will be treated as personal data.

We will not use identifiable images for marketing, publicity or case studies without consent unless another lawful basis applies.

18. Call recording and written records

We may keep notes of telephone calls, meetings and conversations. If calls are recorded, we will tell you where required.

Records may be used for:

service delivery;
staff training;
complaint handling;
dispute resolution;
audit and quality assurance;
evidence of instructions, decisions or agreements.

19. How long we keep personal data

We will only keep personal data for as long as necessary for the purposes for which it was collected, including legal, regulatory, accounting, insurance, complaint-handling and property management purposes.

Typical retention periods may include:

Type of recordTypical retention period

General homeowner, resident and account recordsDuration of management plus up to 6 years

Invoices, accounting and tax recordsUsually 6 years

Repair, maintenance and contractor recordsUsually up to 6 years, longer for major works or claims

Insurance claims and related correspondenceUsually up to 6 years after closure, longer where required

Complaints and dispute recordsUsually up to 6 years

Tribunal, court or legal recordsAs long as necessary for the matter and limitation periods

Health and safety/compliance recordsDepending on the type of record, potentially longer

Website enquiry recordsUsually up to 2 years unless they become client records

Marketing consent recordsUntil consent is withdrawn or no longer required

Job applicant recordsUsually up to 6–12 months unless employment begins or consent is given to retain longer

These periods may vary depending on the nature of the property, legal requirements, title deed obligations, disputes, insurance claims, complaints or ongoing services.

20. How we protect personal data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration or disclosure.

These measures may include:

secure IT systems;
password protection and access controls;
secure email and cloud storage;
staff confidentiality obligations;
contractor due diligence;
data minimisation;
secure disposal of records;
regular review of systems and processes;
limiting access to personal data on a need-to-know basis.

No system can be guaranteed to be completely secure, but we take reasonable steps to protect personal data and respond appropriately to suspected breaches.

21. International transfers

We generally aim to store and process personal data within the United Kingdom or the European Economic Area.

However, some IT, email, cloud, portal, messaging, software or support providers may process data outside the UK or EEA. Where this happens, we will ensure appropriate safeguards are in place, such as:

UK adequacy regulations;
International Data Transfer Agreements;
standard contractual clauses;
approved transfer mechanisms;
contractual and security safeguards.

22. Your rights

Under data protection law, you may have the following rights:

Right to be informed about how your personal data is used.
Right of access to obtain a copy of your personal data.
Right to rectification if your personal data is inaccurate or incomplete.
Right to erasure in certain circumstances.
Right to restriction of processing in certain circumstances.
Right to object to processing in certain circumstances.
Right to data portability in limited circumstances.
Right to withdraw consent where processing is based on consent.
Right to complain to the Information Commissioner’s Office.

These rights are not absolute and may be subject to exemptions under UK GDPR and the Data Protection Act 2018.

To exercise your rights, please contact us using the details below:

Email: contact@totalpropertyfm.com
Post: Total Property Factoring & Management Ltd, Level 2, 48 West George Street, Glasgow, G2 1BP
Telephone: 0141 459 1037

We may need to verify your identity before responding to a request. We will usually respond within one month, unless the request is complex or an extension is permitted by law.

23. Subject access requests

You have the right to request a copy of personal data we hold about you.

A subject access request can be made by contacting:

Email: contact@totalpropertyfm.com
Post: Total Property Factoring & Management Ltd, Level 2, 48 West George Street, Glasgow, G2 1BP

Please provide enough information to allow us to identify you and locate the relevant data. We may ask for proof of identity and clarification of the information requested.

We will not usually charge a fee for responding to a subject access request, but we may charge a reasonable fee or refuse to respond where a request is manifestly unfounded or excessive, where permitted by law.

24. Accuracy of information

Please help us keep your personal data accurate and up to date. You should notify us promptly if:

your name changes;
your correspondence address changes;
your email address or phone number changes;
you sell or transfer ownership of a property;
your letting agent or solicitor changes;
your emergency contact or access arrangements change;
you become aware that information we hold is incorrect.

TPFM is not responsible for service failures caused by owners, residents or third parties failing to provide accurate or current contact, access or ownership information.

25. Marketing communications

We may send you marketing communications about our services where permitted by law.

You can opt out of marketing at any time by:

clicking an unsubscribe link, where provided;
emailing contact@totalpropertyfm.com;
telling us directly that you do not wish to receive marketing.

Even if you opt out of marketing, we may still send you important service, legal, billing, safety, repair, compliance or account-related communications.

26. Contact us

If you have any questions about this Privacy Policy or how we use personal data, please contact:

Total Property Factoring & Management Ltd
Level 2
48 West George Street
Glasgow
G2 1BP

Telephone: 0141 459 1037
Email: contact@totalpropertyfm.com
Resident portal / repair reporting: Totalfactor.fixflo.com

Normal working hours: Monday to Friday, 9:00am to 5:00pm
Emergency / out-of-hours contact: Call or WhatsApp 0141 459 1037

27. Complaints to the Information Commissioner’s Office

You have the right to complain to the Information Commissioner’s Office, which is the UK regulator for data protection.

Before contacting the ICO, we would appreciate the opportunity to address your concerns directly. You can contact us at:

Email: contact@totalpropertyfm.com
Telephone: 0141 459 1037
Post: Level 2, 48 West George Street, Glasgow, G2 1BP

28. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, regulatory guidance, systems or business operations.

The latest version will be made available on our website, resident portal or provided on request.

Where changes are significant, we may notify affected individuals by email, portal notice, letter or another appropriate method.