Skip to main content

Members Privacy Notice

Scope 

Please read this privacy notice carefully to understand the types of personal data we collect, how we use your personal data, the circumstances under which we will share it, and your rights in relation to the personal data we control and process. We may change this privacy notice. We will post any changes on this page, so please check back frequently.
For the purposes of UK data protection law and regulation, when you enquire about or choose to use our products or services, we are the data controller (where we determine or participate in determining the purposes and manner in which your personal data is processed). When we do so, we are subject to data protection laws and regulations including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003. 
In some instances we may act as a joint controller with a third party involved in providing you with that product or service. We may further introduce you or be required to share your personal data with an independent controller for the purpose of your enquiry, or in the provision of the product and service you show interest in, or choose to use. We will make this clear to you depending on which of our products and services you interact with.
This privacy notice primarily details our responsibilities for when we are a data controller or joint controller of your personal data. We also may include details of processing and personal data sharing where we act as a data processor to help provide you with transparency on how your personal data is processed.  

Product and service covered by this Privacy Notice 

This privacy notice explains how we collect and use any personal data that you provide to us through our business dealings with you on our websites, platforms, applications and databases, specifically related to our business to business products and services. This privacy notice only applies to personal data provided, collected and processed for business to business purposes. You must not use our business to business products or services, or submit any personal data if you are a consumer. 
Consumers using Zoopla services can visit Zoopla at zoopla.co.uk for our consumer facing products and services,  and can read our consumer privacy notice here (Zoopla Privacy Policy - Zoopla). 
Our websites, platforms, applications and databases may contain links to third party external sites. We do not control these sites and encourage you to read their privacy policies and notices.
When you engage with another third party data controller introduced or made available to you through use of our products or services, you must read and where required, agree to their terms and privacy notice, and we are not responsible for such data processing activity. We will always endeavour to make it clear to you when you are entering a third party environment. 

About Us 

Please refer to the terms and conditions that govern the product or service you have shown an interest in, or chosen to use for which Zoopla is the Controller of the processing of your personal data. 
Zoopla is a subsidiary of ZPG Limited. Any reference to ZPG or Group within this privacy notice includes all or any of the direct or indirect parent or subsidiary undertakings. Reference to “we, us, our and similar” may include all Group entities. 
Our ICO registration numbers is: 
  • Zoopla Limited - Z9972266
Our registered address is: 
The Cooperage
5 Copper Row
London
SE1 2LH
There may be additional privacy notices that govern how we use your personal data provided, collected, hosted or otherwise processed for business to business purposes on our websites, platforms, applications and databases. You must refer to this privacy notice and any more specific privacy notices for how your personal data is processed for business purposes. 
If  you have any queries regarding this privacy notice or how we process your personal data you can contact our Data Protection Officer at [email protected] or via the postal address listed above. Please mark the envelope ‘Zoopla: Data Protection Officer”.

How we use your personal data

Depending on your use of this product and service and the choices you make, we will use your personal data for the following high level business purposes.

Providing  Products or Services 

We process personal data in order to provide you with the product or service that you are interested in, or have chosen to use. Sometimes, to provide these products or services to you, we may need  to share your personal data with third parties, or introduce you to third party products or services at your request. .

Where you  create an account with us, we will process your account information for the purposes of administering your account.     

Using our Websites, Platforms, Applications and Databases

We use your personal data to make our products and services accessible to you from your devices, to understand and improve our services, and to allow for online personalisation and targeting where you have provided your consent for us to do so. 

Direct Marketing and Service Messages 

Where lawful we may use your personal data to send you electronic marketing communications. We will provide you with an option to unsubscribe or opt-out of further communications.

Not all of our electronic communications are marketing. Communications confirming you have registered an account or other actions you have taken when using our products and services messages are sent under the lawful basis of ‘performance of a contract’ and not ‘consent’. 

We may send you a communication for our business interests where that interest does not outweigh your privacy rights and freedoms, such as messages about information security or the prevention of fraud. 

How is your personal data collected

When you use our products or services, we collect data. We only collect personal data necessary for specific purposes that the law allows.
We may obtain personal data about you in the following main ways:
  • You provide us with your personal data (such as when you complete a contact form on our website)
  • Personal data is collected automatically (such as the automatic recognition of your IP address or placement of cookies on your device)
  • We collect personal data from our processors who act on our instructions, such as when you create an account to a website of ours not hosted by us 
  • We may collect personal data from a third party where relevant such as an agent, new home builder, partner, affiliate, lender, broker, surveyor  or conveyancer, this personal data will only ever be collected in compliance with data protection law.

The reason we process your personal data 

To use your personal data, we must have a valid reason (a "lawful basis").
Sometimes we ask for your consent (e.g. to use certain  cookies,) and sometimes where you would expect us to use your personal data for example to provide the product or service you chose to use, then we do not need to ask for consent, and can rely on another lawful reason. 
Data protection law provides other reasons and exemptions for the processing of personal data, and requires us to have an additional reason to process higher risk personal data, such as special category and criminal conviction personal data where relevant.
Our reason(s) for processing your personal data in a professional capacity is usually one of the following:

Contract

This is where we need to process your personal data to carry out a contract you (on behalf of your organisation) are party to, or take steps before you enter into such a contract. When you choose to use a product or service you will need to agree to terms of use, we have to process your personal data to provide you with this product or service.  

Consent

You have given us consent to use your personal data for a certain reason (you can normally revoke your consent at any time subject to the processing you consented to not already have taken place). We may rely on your consent to send you electronic mail marketing. See Right to Withdraw Consent. Where lawful we will rely on “soft opt-in” for electronic mail marketing processed under legitimate interests. See Legitimate Interests, 

Legal Obligations

We (or another ZPG subsidiary) must use your personal data to comply with laws or regulations to which we are subject. We also may process your personal data to assist a third party in complying with their legal obligations. 

Legitimate Interests

We may have a legitimate interest in using your personal data. Usually this is to help us run, improve, promote, or protect our services and business. You may be able to reject the processing of your personal data when processed for legitimate interests. See Right to Object. In some instances we may have an overriding business interest not to stop the processing. We will always comply with a request to opt-out of electronic mail marketing.  
Examples of legitimate interests, where relevant, may include but are not limited to:
  • Sharing data internally and with third parties, so you do not need to re-enter it.
  • Sharing data internally and with third parties to make available to you products or services to enhance our, or a third party product or service, or your client experience.
  • Sharing and receiving data from third parties to offer and provide you with benefits for choosing to use our or a third party product or service.
  • Providing emails concerning status, reminders and outcomes on your use of our, or a third party product or service. 
  • Receiving data from third parties to speed up and improve the efficiency of our engagement and to keep all parties where required informed.
  • Receiving data from third parties to allow us to understand your engagement with them, and for them to share with us the status of that engagement, where applicable, to facilitate the accurate receipt of referral or other monies payable to us by third parties, or the payment of monies by us to others, for products and or services you may have chosen to use or are provided to you as a benefit. 
  • Auditing and monitoring our processes, your engagement and feedback to help keep our high standards.
  • Market research, statistical analysis, management information, data aggregation and product development for own purposes, third party purposes or to assist the wider property management industry. 
  • Training, communications and awareness. 
  • Securing our services, ensuring data is up to date and accurate, and keeping our services online. 
  • Preventing or prosecuting fraud and other criminal behaviour or activity.
  • Transfer personal data for the purposes of developing, migrating and maintaining IT infrastructure and services.
  • For direct marketing, electronic mail marketing, personalisation, targeting and data shares for the purposes of  business to business marketing or promotional activities where consent is not required.
  • Non targeted marketing on our websites, applications and platforms of either our products or services or products and services of third parties. 
  • Recording where applicable of telephone calls and related usage, and performance activity. 
  • For relevant processing by another company, such as another ZPG subsidiary, or the wider public good.

Types of Personal Data 

Here are the main types of personal data we collect from you in your professional capacity, and some helpful info on the reason we may collect and process such personal data.   

Personal data collected from you

Why is your personal data collected

1

Your full name, address, email address, mobile phone number and where required other contact details. 

To provide you with access where applicable and allow you to select and utilise our service and product.

To process your request to be contacted about our products and services. 

To share with third parties for the purposes of facilitating or  providing you with products, services and benefits. 

To enable us to contact you and send data, information or products that you have requested or are required for the delivering of your chosen product or service. 

To provide or process information where legally obligated such as financial crime, identity checks and other vetting or referencing.

To enable us to engage in marketing and to data share (such as newsletters or marketing emails for products and services that we believe will be of interest to you). See “Who we share your personal data with”. ”.

We collect most of your personal data directly from you when you decide to utilise our products and/or services or make an enquiry on our website and usually require it to perform our contract with you or on a legitimate interests basis. 

2

The IP address or other device or user identifier you use to access our websites, applications, platforms and databases.

To make the websites, applications, platforms and databases function correctly. 

To improve the functionality and performance of our websites,  applications, platforms and databases, and where relevant to gain data insights and help with personalisation. 

To allow us to understand your user journey and for us to know where you have taken an action such as making a payment or moving to a different website.  

Here, we are using your consent and legitimate interests as our lawful bases.

We collect most of your personal data from automatic recognition of your IP address or placement of cookies on your devices with consent where required. 

3

A record of any communication / correspondence you have with us (e.g. when you contact us by email, telephone or post).

To enable us and where applicable third parties to maintain records of our engagement with you.

To respond to your queries and complaints and retain evidence of what has been communicated.  

We keep these records on a legitimate interests basis, to be able to deal efficiently with you as a customer, and sometimes where required by a legal obligation (for example, to keep certain customer records to comply with our accounting and HMRC requirements). 

4

Your account data such as login name and password (where applicable) and other online identifiers and behaviours. 

To allow you to create and securely access your account. 

To keep your account and contact personal data within your account secure.  

To allow us to monitor and understand the use of our websites, applications, platforms and databases.

To allow us and third parties acting jointly for us to assess performance and behaviour of online activity and communications.

We keep these records on a legitimate interests basis, to be able to deal efficiently with you as a customer, maintain and improve our services, and sometimes where required by a legal obligation (for example, to keep certain customer records to comply with our accounting and HMRC requirements). 

5

Any personal data that you provide to us as part of a survey or feedback.

To improve our website, applications, platforms, databases, products and services. We will only ever further use or make public personal data you have provided in your feedback with your consent.

6

Payment card or account details (where applicable)

We do not directly collect or store personal account or payment card details, we use approved specialist payment card providers who hold and process the personal data on our behalf (for example, Stripe). 

We may retain some information to allow us to link the transaction to you, this information will never be your full account or card details.

We may hold account details for your organisation or business. Such account details and related transactions of a business is not personal data. 

7

Artificial Intelligence (AI).

(where applicable)

Where we or a third party acting on our behalf may use artificial intelligence in any processing of personal data we will always robustly assess the risk to your personal data and will ask for your consent where required under applicable laws. We will take reasonable steps to inform you where applicable of any use of AI or similar technology.   

Business and property information  

You may provide us information about your business, where that information relates to your business and not to you as an identifiable individual, that information is not personal data. 
You must not provide us with any personal data unless strictly needed to utilise our products and services in your professional capacity. You must not provide us with any personal data of another individual (for example as a joint venture) without their consent and again only where required for the purposes of utilising our business to business products and services. The data you provide must be accurate. 
We may collect, process or share property information, such as a property’s address and attributes about the property or a property transaction. Where data relates to a property or property transaction, and not an individual, it is property information, and the requirements or rights provided by data protection law and regulation do not apply, as the information does not identify a living individual. This type of property information which is not linked to an individual is not personal data.
Where personal data is provided by you in error we may delete or redact the personal data so it is no longer considered personal data. Where we provide you any insights, these insights will be anonymised and aggregated unless agreed otherwise in contract. 

How long we hold your personal data

We store your personal data for as long as it is needed. Some personal data may need to be retained to ensure we or third parties can comply with applicable laws and internal procedures, such as to protect against legal claims in line with statutory limitation periods, or evidence compliance, including for example retaining your email address for marketing communication suppression if you have opted not to receive any further electronic mail marketing. Property information and business information that does not relate to an individual and so not subject to retention obligations under data protection law. You can enquire further about how long we hold your personal data and for what purposes by contacting [email protected].

Who we share your personal data with 

We use third parties to help provide our products and services. These companies may collect, store or otherwise process your personal data on our behalf. 
Here are some examples of the reasons, we share your personal data and where relevant who we share it with: 
  1. We share your personal data with third parties for the purposes of r providing you with, or taking steps to provide you with, a product and service you have enquired about or utilise. A third party may become the data controller of your personal data once you engage with them for the purposes of you entering into a potential agreement with them, and therefore you may need to contact them directly to exercise your data subject rights for personal data in their control. You should read their Privacy Notice.
Here are some of our partners used  for the delivery of our business to business products and services:  
We have a number of further partners available through our products and services, that you may engage with as a result of you providing services to your own clients, when you engage with such partners for the purposes of offering your own client their product or service, they will become the Data Controller of your personal data for the purposes of your business engagement with them. 
  1. We may share the status of our business to business engagement, transaction or use of products and services with your business or any joint owner or controller of your business, where required by law and regulation. 
  2. Other third parties related to business engagement and practices, the property industry and or a property transaction journey where we have a lawful basis to do so.
  3. Where relevant we share your personal data with third parties such as referencing, other vetting or anti-money laundering agencies/organisations.  
  4. We may use cloud or physical servers to store and back-up personal data. 
  5. We share your personal data with third parties who assist us in offering and delivering our products and services, such third parties act as our data processor or  sub-processor. The names of the companies we use for these purposes may change frequently and where possible will be communicated to you where required. 
  6. We may also disclose or share your personal data to third parties in the following circumstances:
  • If you request we do so.
  • Where you have provided your consent for us to market, introduce or promote a third party or partner product or service. 
  • To a subsidiary of the ZPG, which means subsidiaries, our ultimate holding company and its subsidiaries as defined in section 1159 of the UK Companies Act 2006.
  • If we refinance, or sell any business or assets, we may disclose your personal data to the prospective seller, buyer or investor of such business or assets. 
  • If we, a subsidiary or asset providing you with a product or service is merged, sold or otherwise acquired by a third party, personal data about you may be accessed and or transferred to the third party.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect our rights, property and safety, including that of our customers, or others. This includes exchanging data with third parties for the purposes of fraud and other criminal protection, and where needed to protect the vital interests of an individual.
  • We may disclose your personal data to the court services, regulators, law enforcement agencies or other such authorities in connection for example with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
We only allow those organisations and third parties to handle your personal data if we are satisfied that they take appropriate measures to protect your personal data. We also impose contractual obligations on them to ensure that they can only use your personal data to provide services to us and you. 
Where you choose to share any personal data in the public domain, you acknowledge and agree that such personal data may be exempt from our data protection obligations. You must consider any impact disclosing your personal data on any of our websites, platforms,  applications or databases where accessible by other users (whether limited in access or not) may have on you or your business before disclosure. Where such a disclosure may be unlawful or at our discretion may be harmful to you, your business or another data subject or third party, we may erase such personal data. We may retain a record of the erasure where lawful to protect our business interests or the interests of a third party.     

International data transfers

Personal data we hold is mostly hosted in the United Kingdom (UK) and or the European Economic Area (EEA). We may in limited instances need to transfer personal data outside the UK or EEA for example if you have provided your consent for us to do so, or we need to comply with a law or regulation or the transfer is needed to operate our business. For any transfer of personal data outside the UK or EEA, known as a “restricted transfer,” we protect your personal data by complying with the requirements of UK data protection law and regulation to ensure the safe and secure transfer of personal data to third party territories.
To provide further detail, your personal data is transferred outside of the EEA, your data is protected by:  
  1. the relevant receiving party being located in an ‘adequate’ territory, which means it is deemed to have an equivalent standard of protection to that offered to you under UK laws; or
  2. a written agreement which adds appropriate protections approved by the UK government / ICO to safeguard that data. 
Our websites and applications are intended for use by UK citizens only. 

Your data subject rights

You have data subject rights which are granted to you under data protection legislation, which you can exercise at any time and generally free of charge. We manage all rights requests raised to us as the law requires. This means that there may be legal reasons why we cannot complete all requests.
All data subject rights can be exercised by contacting us at [email protected].
Where we are not the controller or the sole controller of your personal data, we will likely have an obligation to either direct your data subject rights request to the controller, or send them your request to handle. We are unable to provide access to, erase, rectify or otherwise action a data subject right where we are acting as a processor for the personal data in our possession, unless the instruction to do so is given to us from the controller of your personal data. Data subject rights and our compliance with data protection law is only applicable to our processing of personal data. Data subject rights can not be exercised for business information or property information where such data is not considered personal data.   
You have the following rights for personal data in our control (subject to certain limitations):

Rights

Details

Right of Access

You have the right to obtain from us confirmation as to whether your personal data is being processed, and the right to access such personal data. Personal data is only disclosable if it is your personal data. Where an exemption to the disclosure of data applies or the data does not relate to you, we will be unable to provide you with access to such data. We will provide you with information on any withheld or redacted data in writing.  

Right to Rectification

You have a right to require us to correct any mistakes in your personal data.  

We will use reasonable endeavours to ensure your personal data is accurate. In order to assist us with this, you should notify us of any changes to the personal data you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.

Right to Erasure 

You have the right to require us to delete your personal data – in certain circumstances. 

Asking us to delete your personal data will result in us erasing your personal data in line with data protection legislation time scales, unless there is a legitimate or legal reason why we are unable to delete certain or all of your personal data, in which case we will inform you of this in writing. Erasure may include anonymising data so you are no longer identifiable. If we are not able to meet your right to erasure we will inform you in writing. We will retain a copy of your erasure request to evidence receipt and response. We are unable to erase personal data that is within a lawful retention, in this instance your personal data will be erased in line with our retention period. 

Right to Object 

You may be able to object to our use of your personal data, when we use it based on our legitimate interests or those of a third party. If this happens, we will not use your personal data, unless we can show legitimate reasons and an overriding interest for its use. If we are not able to meet your right to object we will inform you in writing. You have the right to object to direct B2B marketing. 

Right to withdraw Consent 

Where you have given us consent to use your personal data, you may withdraw this at any time subject to the consented processing not already having taken place. No further processing will take place as soon as reasonably possible and always within legally required time scales, once consent has been withdrawn.

You may withdraw consent by emailing [email protected]

Withdrawing consent will not affect the lawfulness of your use of your personal data in reliance on that consent before it was withdrawn.

Right to Restriction 

You may have the right to ask us to stop processing your personal data. We may be able to restrict the processing of your personal data where there is a valid reason to do so and the restriction is possible. Personal data is often restricted whilst an investigation or action is undertaken in response to your request on another data subject right, such as when your personal data is waiting to be deleted in line with a request for erasure. If we are not able to restrict the processing we will inform you in writing.

Right to Data Portability

Where it is technically feasible for us to do so, and within lawfully required collection of personal data parameters, you may have the right to request that we transmit your personal data to another data controller in a structured, commonly used and machine-readable format. The right to portability only applies in certain circumstances. We will always provide you with a reason in writing should we be unable to meet a portability request.

Right to be Informed

You have the right to know what personal data we hold on you, how we use that personal data, how long we hold it and who we share it with. This information is included in this privacy notice, together with any more specific notices given to you during your user journey, and as can be found in our further privacy notices on our other websites, applications, platforms and databases.

Automated Decision Making and Profiling

Where we or a third party acting on our behalf processes personal data for the purposes of automated decision making or profiling, we will always where possible provide a means to obtain human intervention to question the outcome.

Right to Complain

You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office (ICO) in the UK, although we encourage our customers to engage with us and allow us the opportunity to first respond to any complaint. In the event you have any concerns or complaints about our privacy practices you can make a complaint by emailing  [email protected] or escalate your complaint directly to the ICO (see www.ico.org.uk) 

We will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above. However, if you make excessive, vexatious, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests in line with what is acceptable under data protection legislation. Where we are required to provide a copy of personal data this will usually be free of charge. However, any further copies requested may be subject to reasonable fees based on administrative costs.
Where you request us to rectify, erase or restrict the processing of your personal data, we may where possible notify third parties to whom such personal data has been shared of such request. However, such third parties may have the right to retain and continue to process such personal data in its own right.
We or third parties acting on our behalf may need to request proof of identity or ask you to prove your identity via automated means before we can process your personal data for the purposes of a data subject rights request. Where we utilise automated decision making for this or any other personal data process, we will where possible offer human intervention.

Cookies 

Cookies (or similar) are small text files and are widely used when you visit websites or applications. This Cookie Policy applies where we undertake processing through the use of cookies or similar technology.   
We need your consent to place ‘non essential’ cookies on your device, and you can do that via our consent management platform (CMP). We use cookies (and similar technologies) to distinguish you from other users.This allows us to use our products and services and helps us provide you with an optimum experience when you use our website, applications, platforms and databases. We also may use cookies to help gather analytics, and target our advertising on our websites, applications, platforms and systems, and that of others.
You can disable cookies being stored on your computer by changing your browser settings. You can also control your privacy settings on your mobile device. Our websites, applications, platforms and systems may not perform properly, or some features may not be available if you disable non-essential cookies. You are unable to disable essential cookies, which are required for the website or similar function and for other necessary and legitimate processing such as data security.
We may use Google Analytics or similar to provide us with for example statistics on website usage. Analytics cookies are non intrusive cookies and we may consider them essential in some circumstances for providing and improving our products and services. The only non anonymised personal data divulged to Google is your IP address. You can opt out of Google Analytics following the advice here – https://tools.google.com/dlpage/gaoptout.
You can manage your cookie preferences at all times. To learn more about the cookies we use (and similar technology) and why we use them, please visit our Consent Management Preference centre that can be found on our relevant website, application, platform or system. Where we have a website (or similar) that does not use intrusive cookies, we will at a minimum where reasonable to do so, provide a cookie banner to inform you that we use necessary cookies. 

Children under the age of 13

Neither our websites, applications, platforms, products or services are aimed at children under 13 years of age. We do not knowingly collect personal data from children under 13. If you are under 13, please do not use our products or services and do not provide any personal data to us via any means. If we learn we have collected or received personal data from a child under 13 without verification of parental consent, we will delete that personal data. If you believe we might have any personal data from or about a child under 13, please contact us at [email protected].

How do we keep your personal data secure 

All personal data collected is transferred and stored securely using industry standard technical and organisational security measures. Examples of our security measures includes:
Our websites generally use encryption technology to protect the transfer of your information to and from our websites. Web page URLs will start with https and a padlock will be displayed in front of the URL bar to show we encrypt the personal data you share with us. We maintain and enforce physical, electronic, and procedural safeguards in connection with the collection, transfer and storage of your personal data. However, whilst we take these appropriate technical and organisational measures to ensure the security of your personal data, we cannot guarantee the security of all personal data that you transfer over the internet in every circumstance. 
Where applicable: We are committed to ensuring the protection of your payment card details and comply where required with the Payment Card Industry's Data Security Standard (PCI-DSS). Payments made via our websites, applications and platforms are processed and managed by specialist payment card providers. The full payment card number is never stored by us and is only stored and processed by the specialist payment card provider approved by us. We may keep an encrypted authentication token to represent your card and this token is transmitted to the specialist payment card provider during the order processing.
It is important to keep any account password secure to prevent fraudulent use. Never disclose your password to anyone else, and especially to anyone who requests it from you by telephone or email; we will never do this. You should avoid using the same password for multiple websites and avoid using common terms for your password such as "password" or "123456". Instead, try using three or four words linked together combined with numbers, capitals and special characters, something easy to remember but difficult to guess. Take care when using public WiFi networks and ensure all email accounts you use are secure. If you use a shared computer, make sure that you log out once you have finished using a website or application.
Threat actors may try to steal your personal data using a technique known as 'phishing'. This is where threat actors send emails that appear to be from someone or a company you know, but are actually the threat actor attempting to make you provide them with your personal data or even transfer money to them (known as redirection fraud). If you receive an email that claims to be from us and contains a link to an external website, or a request for you to enter any personal data or transfer money, treat it as suspicious and do not enter any personal data, even if the email appears legitimate. If you suspect your account details are subject to any fraudulent activity, please contact us immediately. We are unable to take responsibility for any loss you may suffer either directly or indirectly as a result of any fraud, security incident or success of any threat actor outside of our secure environments, or where we have taken all reasonable measures to protect your personal data.

How to contact us 

If you have questions about this privacy notice or the way in which we collect and use your personal data, you can contact us via:
Email: [email protected] 
or Post: Privacy: Zoopla Limited ,The Cooperage, 5 Copper Row, London, SE1 2LH.
We hope we will be able to resolve any questions or concerns you have (see Right to Complain). However, you may at any time raise any concern you may have with our privacy practices with the Information Commissioner’s Office at https://ico.org.uk/.

Changes to this privacy notice 

This privacy notice was updated July 2025. 
From time to time, we change this privacy notice. We will post any changes to this page, so please check it often. Where appropriate, we will notify you of the change, for example by email or by means of a notice on our websites, applications or platforms. Your continued use of our relevant products and services, including use after the posting of any changes, will be deemed acceptance and acknowledgement by you of the information found within privacy notice. You are responsible for ensuring we have an up-to-date active and deliverable email address for you and that you regularly visit this privacy notice to check for any changes.