Last updated: June 30, 2026
Privacy Policy
This Privacy Policy describes how Beauchamp Estates France collects, uses, stores, shares, and protects personal data in the course of its activities, including real estate intermediation, mandate management, leasing, sales, commercial prospecting, property viewings, and regulatory compliance.
1. Definition and Interpretation
We may collect and process the following personal data:
- Information provided directly by you: when requesting information about our properties or services, or subscribing to our newsletter, you may provide your name, email address, phone number, and property preferences.
- Automatically collected information: when you visit our website, certain data may be collected automatically, such as your IP address, browser type, pages viewed, and time spent on the site.
- Information from third parties: we may receive information about you from business partners or third-party platforms.
2. About Us
Our website is hosted and managed by a service provider located in France: OVH CLOUD, 2 Rue Kellermann, 59100 Roubaix, France.
Our VAT number is 656 687187.
The Data Protection Officer (DPO) / privacy contact is Adrien Willig-Lamy, reachable at:
- Email: info@beauchamp.com
- Phone: +33 (0)4 93 94 45 45
- Address: Beauchamp Estates, 19 rue des États-Unis, 06400 Cannes – France
3. Scope of This Document
This notice applies to all personal data we process. Unless otherwise stated, we act as the data controller.
Our website may contain links to other websites. We are not responsible for how these third parties collect, store, or use your data. We recommend reviewing their privacy policies before providing any personal data.
4. Your Rights
You have the following rights:
- Right to be informed about data collection and use
- Right of access to your personal data
- Right to rectification of inaccurate or incomplete data
- Right to erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object
- Rights related to automated decision-making and profiling
We may collect, depending on the case:
- Identification data: name, surname, date of birth, nationality, photo, signature, ID documents
- Contact details: postal address, email, phone number
- Professional and financial data: occupation, employer, income, banking details, compliance verification data
- Property-related data: preferences, search criteria, viewing history, expressed interests
- Navigation data: IP address, technical identifiers, browser type, pages visited, duration, browsing path
- Communication data: emails, forms, calls, SMS, instant messaging in a professional context
- Compliance data: KYC / AML-CTF data, identity checks, beneficial ownership information when required
If you have a complaint regarding our processing of your personal data, please contact us (Section 16). If you are not satisfied, you may contact the CNIL:
CNIL – 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07
Tel: +33 (0)1 53 73 22 22
Website: https://www.cnil.fr
5. What Information Do We Collect?
Depending on your use of our website and services, we collect basic identification data (name, email, phone number, postal address). Compliance checks (AML-CTF) may require additional documentation, including beneficial ownership information for corporate clients.
We process personal data for the following purposes:
- Managing inquiries, viewings, and client onboarding (pre-contractual measures or contract execution)
- Managing mandates, transactions, rentals, and client relationships (contract execution)
- Regulatory compliance (AML-CTF, accounting, tax obligations) (legal obligation)
- Website security, fraud prevention, and incident management (legitimate interest)
- Marketing communications and newsletters (consent or legitimate interest for existing clients where permitted)
- Analytics, personalization, and website improvement (consent where required)
- Handling complaints, legal requests, and disputes (legal obligation and legitimate interest)
6. How We Use Your Data
We process your data based on:
- Contract performance
- Your consent
- Legal obligations
- Legitimate interests
Examples include account management, website access, personalization, market research, service improvement, contractual execution, responding to requests, and lawful marketing.
Access to data may be granted on a need-to-know basis to authorised internal staff, group entities, and service providers (hosting, CRM, security, marketing, compliance tools, legal/accounting advisors).
You may withdraw consent at any time and request deletion of your data.
All processors are bound by Article 28 GDPR-compliant contracts ensuring confidentiality and security.
7. Data Storage and Security
Data is stored securely and retained no longer than necessary. By default, data is hosted in France/EU, although backups or processing outside the EU may occur with appropriate safeguards (see Section 9).
Security measures include access control, passwords/encryption, restricted access, and staff training.
Where data is transferred outside the EU/EEA, appropriate safeguards such as adequacy decisions or Standard Contractual Clauses are applied.
8. Do We Share Your Data?
We may share data with affiliated entities, including Beauchamp Estates offices in Mayfair, St John’s Wood, Private Office, Mykonos, France, and Leslie J Garfield & Co.
We may also use third-party service providers for compliance, marketing, analytics, and administrative/technical operations, subject to contractual safeguards.
Aggregated anonymised statistics may be shared for legitimate business purposes (investors, partners, advertisers).
9. Transfers Outside the EU/EEA
Any transfer outside the EU/EEA is governed by an adequacy decision or Standard Contractual Clauses (SCCs), ensuring an equivalent level of protection under GDPR.
Data may also be disclosed where required by law (judicial proceedings, legal obligations, authorities).
10. Data Retention
Data is retained only as long as necessary:
- Prospects: 3 years after last contact
- Clients: duration of contract + legal retention period (up to 7 years)
- Marketing data: until consent withdrawal or objection
- AML/KYC data: according to legal requirements
- Cookies: as defined in cookie policy
- CCTV: up to 30 days unless incident
- Newsletter data: until unsubscribe
After retention periods, data is securely deleted or anonymised.
11. Change of Ownership
In case of sale or change of control, relevant data may be transferred to the new owner, who will be bound by the same purposes. You will be informed and may object or request deletion.
12. Control Over Your Data
You may opt out of direct marketing and register on preference lists (e.g., Bloctel) to reduce unsolicited calls.
13. Right Not to Provide Information
You may browse the site without providing data, but some services may require it.
14. Access to Your Data
You may request access to your personal data free of charge. Contact details are provided in Section 16.
15. Cookies
The website uses first-party and third-party cookies in compliance with PECR.
Analytics tools (e.g., Google) may be used. See the Cookie Policy for details.
Cookies include:
- Strictly necessary cookies (no consent required)
- Non-essential cookies (analytics, marketing, personalization) requiring prior consent via a CNIL-compliant banner
Consent may be modified at any time. A dedicated cookie policy details categories, purposes, and durations.
16. Contact
Beauchamp Estates is a member of ANM Consommation (mediation and complaints system):
ANM Consommation
2 Rue de Colmar, 94300 Vincennes
Email: contact@anm-conso.com
Website: https://www.anm-conso.com
Complaints process:
- Contact local office (Director)
- Then General Director
- Then Mediator
17. Changes to This Notice
This policy may be updated due to legal or operational changes. Updates are published on the website, and continued use constitutes acceptance.
Last updated: June 20, 2026
18. Mandatory Registers
In compliance with GDPR, we maintain:
- Processing register
- Incident register
- Data subject request register
See annexes for templates.
19. GDPR Governance and Internal Organisation
Beauchamp Estates France has implemented internal governance to ensure GDPR compliance.
This includes:
- Appointment of a Data Protection Officer (DPO)
- Defined internal responsibilities
- Lifecycle data management procedures
- Staff training on confidentiality and data protection
All employees are bound by strict confidentiality obligations.
20. Informal Communication Channels
Informal tools (SMS, WhatsApp, messaging apps) may be used for:
- Scheduling viewings
- Operational follow-up
- Client information sharing
Employees must:
- Limit data shared to what is necessary
- Avoid sending sensitive documents
- Use secure professional tools whenever possible
These tools are not archival systems.
21. Data Retention Policy
Indicative retention periods:
- Prospects: 3 years after last contact
- Clients: contract duration + up to 7 years
- Rental files: legal minimum duration
- Marketing data: until withdrawal of consent
- CCTV: up to 30 days
- Accounting/tax data: legal retention periods
Data is securely deleted or anonymised afterward.
22. Commercial Prospecting and Profiling
Beauchamp Estates may carry out marketing and customer segmentation:
- Based on consent, or
- Based on legitimate interest
Individuals may object at any time.
No automated decision producing legal effects is made.
23. Enhanced Protection of High-Value Data
Due to the nature of its clientele, enhanced security measures apply:
- Strict access controls
- Strong authentication where available
- Encryption of sensitive data
- Limited sharing
- Regular audits
Breaches are handled according to Appendix D procedures.
24. Exercise of Data Subject Rights
Requests may be sent to:
- Email: info@beauchamp.com
- Post: Beauchamp Estates, 19 rue des États-Unis, 06400 Cannes – France
Identity verification may be required. Requests are processed within one month.
25. Legal Bases (Summary)
Processing is based on:
- Contract performance
- Legal obligation (AML-CTF, tax, accounting)
- Consent (cookies, newsletters, marketing where required)
- Legitimate interest (security, client relationship, service improvement, limited marketing)
Balancing tests ensure rights and freedoms are respected.
26. Electronic Marketing Communications
Marketing communications may be sent via email, SMS, or messaging apps (e.g., WhatsApp):
- Based on consent, or
- Existing client relationship for similar services
Users may unsubscribe at any time without justification or cost.
27. Cookie Management
Strictly necessary cookies are always active.
Non-essential cookies require explicit consent via a CNIL-compliant banner.
Consent can be modified at any time without affecting site access.
28. Video Surveillance (if applicable)
Where implemented, CCTV is used solely for security purposes.
Retention: up to 30 days unless incident requires longer storage.
Access is strictly limited to authorised personnel.
29. Minors’ Data
Services are not intended for minors under 15 years old.
We do not knowingly collect data from minors.
Any such data is deleted as soon as identified.
30. Sub-processors and GDPR Article 28 Compliance
All processors acting on our behalf provide sufficient guarantees of security and confidentiality.
Contracts comply with Article 28 GDPR and define:
- Purpose and duration
- Nature of processing
- Security and confidentiality obligations
If you want, I can also:
- format this into aready-to-sign PDF (law firm style)
- or turn it into aclean GDPR compliance dossier with annex templates (registers, breach log, DPA templates)