Newbridge, EH28 8QH

Privacy Policy

1. Who We Are

GSS Newbridge Ltd (“we”, “us”, “our”) is the data controller for the purposes of UK data-protection law.

  • Registered Office: The Coach House, 29 Albyn Place, Aberdeen, United Kingdom, AB10 1Y
  • Company Number: SC738460
  • Data Protection Contact: Details provided in Section 15.

2. Scope of This Policy

This policy explains how we collect, use, disclose, and protect personal data when you interact with our website, contact us, enquire about commercial units, or engage with our property development and sales/lettings services (the “Services”).

It applies to visitors, prospective purchasers, tenants, suppliers, contractors, and other business contacts located in the United Kingdom.

3. The Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name, job title, company, professional role.
  • Contact Data: Email address, telephone number, postal address.
  • Enquiry Information: Details about the type of commercial unit you are interested in, financial or business requirements relating to a potential lease or purchase.
  • Transaction Data: Records of negotiations, offers, contracts, and correspondence.
  • Website and Technical Data: IP address, browser type, device identifiers, analytics data, and cookie preferences.
  • Supplier/Contractor Data: Business contact details, qualifications, and compliance documentation.

Note: We do not knowingly collect special-category data unless you provide it voluntarily (e.g., accessibility requirements for site visits). If you apply for employment with us, additional privacy information will be provided to you separately.

4. How and Why We Use Your Data

We use personal data where lawful and necessary, including to:

  • Respond to enquiries submitted through our website.
  • Arrange viewings and provide information about available commercial units.
  • Progress discussions relating to the sale or letting of commercial property.
  • Manage relationships with suppliers, agents, and professional advisers.
  • Maintain business records and comply with legal obligations.
  • Improve our website and services.
  • Send relevant updates or marketing communications, where permitted by law.

Lawful Basis for Processing

Our lawful bases include:

  • Performance of a contract or taking steps prior to entering a contract.
  • Compliance with legal obligations.
  • Legitimate interests (administering and improving our Services, developing our business, managing risks, and ensuring the security of our IT systems).
  • Consent where required.

You may withdraw consent to marketing at any time by using the unsubscribe link in any email or by contacting us (see Section 15).

5. Cookies and Similar Technologies

We use essential cookies to make our website function, and—with your consent—optional cookies for analytics and performance.

  • Cookie Policy: For full details of the cookies used, please review our separate Cookie Policy here: https://edi-approach.com/cookie-policy-uk/
  • You can change or withdraw your cookie preferences at any time via Cookie Settings in the site footer.

6. Sharing Your Personal Data

We share personal data only when necessary and always with appropriate safeguards.

Commercial Agents (Ryden & Colliers)

When you submit an enquiry through our website, your personal data may be shared with one or more of our appointed commercial agents to respond to your enquiry and discuss availability.

Our current commercial agents include:

AgentPrivacy PolicyStatus
Ryden LLPhttps://www.ryden.co.uk/privacyIndependent Data Controller
Colliers International UK plchttps://www.colliers.com/en/privacy-policyIndependent Data Controller


Note: Ryden and Colliers act as independent data controllers. They are responsible for how they process your personal data, including any follow-up communications or marketing they may send to you in accordance with their own privacy policies.

Other Recipients

We may also share personal data with:

  • Professional advisers (such as solicitors and accountants).
  • IT, hosting, and cloud-service providers.
  • Contractors or consultants involved in our developments.
  • Regulatory or legal authorities where required by law.

We do not sell your personal data.

7. Marketing Communications

  • We may contact you directly in relation to your enquiry or our developments where permitted by law.
  • Our appointed commercial agents (including Ryden and Colliers) may also contact you directly following an enquiry. Any marketing sent by them is governed by their own privacy policies, and you should use the opt-out mechanisms provided in their communications.

8. Automated Decision-Making

We do not use personal data to carry out automated decision-making that produces legal or similarly significant effects. If this changes, we will update this policy and notify you.

9. How Long We Keep Your Data

We retain personal data only for as long as necessary and for compatible purposes:

Data TypeRetention PeriodReason
Website Enquiry RecordsUp to 365 days (on website)General enquiry management
System Enquiry/CorrespondenceUp to 5 years (on our systems)Business continuity and record keeping
Contracts, Sales, and Letting DocsUp to 6 years after the lease period/extensionsComply with legal obligations
Supplier and Contractor DataUp to 6 years post-activityComply with legal obligations

We securely delete or anonymise personal data when it is no longer required, subject to system backup cycles and statutory retention periods.

10. International Data Transfers

The personal data we collect is generally stored within the UK or the European Economic Area (EEA).

If we transfer your data outside the UK or EEA, we will only do so where appropriate safeguards are in place, such as using the UK’s International Data Transfer Agreement or the European Commission’s Standard Contractual Clauses, to ensure your data receives the same level of protection as it would in the UK.

11. Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Encryption in transit.
  • Controlled system access.
  • Secure storage.
  • Staff training.
  • Dual-factor authentication on cloud-based systems.
  • Routine testing.

We take reasonable steps to safeguard your data, though no transmission of information over the internet can be guaranteed as fully secure.

12. Your Rights

Under UK GDPR you have the right to:

  • Access your personal data.
  • Have inaccurate data corrected.
  • Request erasure or restriction of processing.
  • Receive your data in a portable format or request transfer to another controller.
  • Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent at any time (processing before withdrawal remains lawful).
  • Lodge a complaint with the Information Commissioner’s Office (ICO).

We aim to respond to all rights requests within one month. We may ask for proof of identity and may charge a fee only if a request is manifestly unfounded or excessive.

13. Children

Our Services are not intended for individuals under 18. If we become aware we have collected data from a minor, we will delete it promptly.

14. Changes to This Policy

This policy was last updated on 16/12/2025.

Any material changes will be reflected here and, where appropriate, we will notify you by email or via our website.

15. Contact and Complaints

Data Controller Contact Details

If you have questions or wish to exercise your data-protection rights, contact us at:

  • Email: accounts@gss-developments.co.uk
  • Address: 18 Walker Street, Edinburgh, EH3 7LP

Complaints (ICO)

You also have the right to complain to the UK Information Commissioner’s Office (ICO):

  • Information Commissioner’s Office: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
  • Website: www.ico.org.uk
  • Telephone: 0303 123 1113 (local rate)