Cozee Privacy Policy

Home » Cozee Privacy Policy

We ask that you read this website privacy policy (the “Privacy Policy”) carefully as it contains important information on who we are, how and why we collect, store, use and share Personal Data, your rights in relation to your Personal Data and on how to contact us and supervisory authorities in the event you have a complaint.


We use the following definitions in this Privacy Policy:

Cozee”, “We” or “Us” means The Cosy Initiative Ltd, trading as Cozee, a private limited company incorporated in England and Wales (Registered No. 14175731) and whose registered office is at 2F.207, 60 Gray’s Inn Road, WC1X 8LU, London;

Personal Data” means any data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of, Cozee (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of Cozee or any other person in respect of an individual.

Who we are and what this applies to

This Privacy Policy provides information on how Cozee collects, generates and/or processes your Personal Data when you use our website ( and use our app, products and/or services.

We collect, use and are responsible for certain Personal Data about you. When we do so we are regulated by all applicable data protection and privacy legislation in force from time to time in the United Kingdom including the Data Protection Act 2018 (“DPA 2018”) (and regulations made thereunder), the UK GDPR (as defined in the DPA 2018) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended and we are responsible as ‘controller’ of that Personal Data for the purposes of those laws.

Throughout our website we may link to other websites owned and operated by certain trusted third parties to make additional products or services available to you. These other third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third party websites, please consult their privacy policies as appropriate.

Our collection and use of your Personal Data

This Privacy Policy concerns the following categories of information that we collect about you when providing the following products and services:

  • information we receive through our websites;
  • information we receive through our online products; and
  • information we receive through our support or cloud-based services.

We collect this Personal Data from you either directly, such as information about you that you provide to us or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

The Personal Data we collect about you depends on the particular activities carried out and services and products provided through our website. Such information may include:

  • your name, date of birth, nationality, city of birth;
  • profession, address, location, tax relevant information and contact details;
  • copy of your passport, proof of address and a photo of yourself;
  • bank account details and payment details;
  • information on the property you want to purchase;
  • information on the entities and individuals you want to purchase the property with;
  • details of any third party advisers you are using;
  • details of any feedback you give us by phone, email, post or via social media;
  • information about the products or services we provide to you; and
  • your account details such as username and login details.

We use this Personal Data:

  • to create and manage your account with us;
  • to verify your identity;
  • to provide products and services to you;
  • to notify you of any changes to our website or to our products and services that may affect you;
  • to improve our products and services;
  • to better understand how Cozee’s visitors use its website;
  • to monitor and improve the products and services that we provide to you,
    including screen recordings of activity on our websites to assist in customer
  • to seek input from you (in the form of, for example, a questionnaire response) in order to facilitate improvements in our products and services;
  • for ongoing review and improvement of the information provided on the Cozee website to ensure it is user friendly and to prevent any potential disruptions or cyber attacks;
  • to conduct analysis required to detect malicious data and understand how this may affect your IT system;
  • for statistical monitoring and analysis of current attacks on devices and systems and for the on- going adaptation of the solutions provided to secure devices and systems against current attacks;
  • to send you select direct marketing communications to ensure that you are aware of new products and special offers that may be of interest to you;
  • for in-depth threat analysis;
  • for the management and administration of our business;
  • in order to comply with and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures; and
  • for the administration and maintenance of databases storing Personal Data.

This website is not intended for use by children and we do not knowingly collect or use Personal Data relating to children.
We will take steps to ensure that the Personal Data is accessed only by employees of Cozee that have a need to do so for the purposes described in this Privacy Policy.

Our legal basis for processing your Personal Data

When we use your Personal Data we are required to have a legal basis for doing so. There are various different legal bases upon which we may rely, depending on what Personal Data we process and why.

The legal bases we rely on are:

  • Contract: where our use of your Personal Data is necessary in order to provide products or services to you under a contract we have with you, or because you have asked us to take specific steps before entering into such a contract;
  • Comply with a legal obligation: where our use of your Personal Data is
    necessary for compliance with a legal and/or regulatory obligation that we are subject to, including but not limited to, establishing, exercising or defending our legal rights or for the purpose of legal proceedings; and
  • Legitimate interests: where our use of your Personal Data is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your Personal Data which overrides our legitimate interests).

Legitimate interests

We rely on the following legitimate interests to collect and process your Personal Data, including, to:

  • develop and improve our products and services;
  • market our products and services to you;
  • manage, administer and
  • develop our business;
  • maintain compliance with internal policies and procedures;
  • monitor the use of our intellectual property; and
  • maintain the security of our online platform.

Who we share your Personal Data with

We may share your Personal Data within Cozee for the purposes described above.

We may also share your Personal Data outside Cozee with third parties, including the below, for the following purposes:

  • with our business partners and referral partners. For example, this could include our partners from whom you purchased products and/or services, partners we contract with for the purpose of providing our products and/or services or partners who we refer you to for the provision of additional products and/or services in addition to the products and/or services provided by us. Personal Data will only be transferred to a business partner or referral partner who is obliged to comply with appropriate data protection obligations and the relevant privacy and confidentiality legislation;
  • with third party agents and contractors for the purposes of providing services to us (for example, Cozee’s accountants, lawyers, and any other professional advisors, IT and communications providers and debt collectors). These third parties will be subject to appropriate data protection obligations and they will only use your Personal Data as described in this Privacy Policy;
  • companies and organisations for the purposes of fraud protection and credit risk reduction;
  • to the extent required by law, for example if we are under a duty to disclose your Personal Data in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend our legal rights;
  • if we sell our business or assets, in which case we may need to disclose your Personal Data to the prospective buyer for due diligence purposes; and
  • if we are acquired by a third party, in which case the Personal Data held by us about you will be disclosed to the third party buyer.

This data sharing enables us to:

  • comply with our legal obligations;
  • deliver our products and services; and connect you, upon your request, with third parties who can provide additional products and services;
  • enforce our terms of use and other agreements; and
  • protect the rights, property or safety of Cozee employees, Cozee or its customers.

Some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your Personal Data when this occurs, see ‘Transfer of your information out of the EEA’. We will share Personal Data with law enforcement or other authorities if required by applicable law.

Whether information has to be provided by you, and if so why

We may require you to provide Personal Data to contact you about and deliver our products and services. We will inform you at the point of collecting information from you, whether you are required to provide the information to us and how it will be processed by us in accordance with this Privacy Policy. Transfer of your information out of the EEA Some countries do not have the same data protection laws as the United Kingdom and EEA. Whenever we transfer your Personal Data outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:

  • where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe, unless the recipient country has been deemed to provide an adequate level of protection for Personal Data by the European Commission; or
  • in other circumstances the law may permit us to otherwise transfer your Personal Data outside Europe.

If you would like further information please contact us (see ‘How to contact us’ below) and we can, if applicable, provide a copy of the standard data protection clauses we would enter into with recipients of your Personal Data on request. We will not otherwise transfer your Personal Data outside of the United Kingdom or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.


A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website to collect technical information about the services that you use, and how you use them. These help us recognise you and your device and store some information about your preferences or past actions.

For further information on our use of cookies, please see our Cookie Policy.

For further information on cookies generally visit or

Retention of your Personal Data

We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements which may set a minimum period for which we have to keep your Personal Data.

Your rights

You have a number of important rights and, in most cases, you can exercise them free of charge. In summary, those include rights to:

  • access to your Personal Data and to certain other supplementary information that this Privacy Policy is already designed to address;
  • the right to obtain information regarding the processing of your Personal Data;
  • the right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason for doing so. For example, we may need to retain Personal Data to comply with a legal obligation;
  • require us to correct any mistakes in your information which we hold;
  • require the erasure of Personal Data concerning you in certain situations. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;
  • receive the Personal Data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations; and where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to Cozee;
  • object at any time to processing of Personal Data concerning you for direct
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • the right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are legally entitled to refuse that request; and
  • the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the DPA 2018.

If you would like to exercise any of those rights, please email, call or write to us (see ‘How to contact us’ below).

Keeping your Personal Data secure

We have appropriate security measures in place to prevent Personal Data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your Personal Data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

As a condition of employment, Cozee employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive Personal Data is limited to those employees who need to access it to perform their roles. Unauthorised use or disclosure of confidential client information by a Cozee employee is prohibited and may result in disciplinary measures.

When you contact a Cozee employee about your file, you may be asked for some Personal Data. This type of safeguard is designed to ensure that only you, or someone authorised by you, has access to your file.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.

We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, Cozee will provide you with the contact information for that regulator.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at or telephone: 0303 123 1113.

Changes to this website privacy policy

This website privacy policy was published on 30 June 2023.

We may change this website privacy policy from time to time. Any changes that we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.


You, or someone acting on your behalf, have the right to opt out of receiving some or all of the marketing communications we may send you at any time and can do so by (i) selecting the opt out option in any marketing emails you receive, or (ii) emailing us at

How to contact us

Please contact us by post or email if you have any questions about this Privacy Policy or the information we hold about you. Our contact details are shown below:

The Cosy Initiative Ltd
2F, 207
60 Gray’s Inn Road
WC1X 8LU London
United Kingdom

Looking to buy or sell your property? Go with Cozee

  • Trusted estate agent
  • More than 25 years of experience combined
  • We help you focus on your objective (investment, 1st time buy)
Skyscrapers of London