The official Government Right to Buy website

Privacy and cookies

We are strongly committed to protecting the privacy of users of this website, and do all that we can to protect information about participants.

Data protection

Any information you provide will be held securely and in accordance with the Data Protection Act 1998. Your personal details will not normally be disclosed to third parties. In some circumstances however we may need to disclose your personal details to a third party so that they can provide a service you have requested, or fulfil a request for information. Any information about you that we pass to a third party will be held securely by that party, in accordance with the Data Protection Act 1998, and used only to provide the services or information you have requested.

You can ask to see the personal information we hold about you. If you want to ask whether we hold any personal data relating to you, please contact us.

Information we collect from visitors

We collect information from visitors relating to:

  • feedback submitted to us
  • email alert services
  • site usage tracking

1. Feedback & application forms

If you provide feedback about the website through a contact form or email address we will only use this information to develop and improve the site. From time to time, we may seek feedback from visitors, which we will use to answer questions, resolve problems or improve their published information.

If you choose to prepare an application through this website, we will store these details to help generate a printable version of the form, and so that a Right to Buy Adviser can access your application details if you choose to ask them for help.

2. Email alerts services

If you sign up to receive email updates about the issues discussed on this site, we will use the information you give us to provide the service(s) you have requested only. If you inform us that you wish to unsubscribe your details will be deleted from our records.

We use a service called MailChimp to handle the sending of alerts and information packs by email, which is operated by The Rocket Science Group, based in Atlanta, U.S.A.

MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. It is committed to subjecting all Personal Information received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website:

Emails sent from MailChimp contain both HTML and plain text versions. If you choose to view the messages in HTML mode, these contain small tracking codes to help us evaluate the usefulness of the material we are sending. Operationally, we do not review this data at individual level, only as aggregated scores.

Full privacy information relating to MailChimp can be found on its website here:

3. Site usage tracking

i) Cookies

To make this site simpler, we sometimes place small data files on your computer. These are known as cookies. Most big websites do this too.

They improve things by:

  • remembering settings, so you don’t have to keep re-entering them whenever you visit a new page
  • remembering information you’ve given (eg your postcode) so you don’t need to keep entering it
  • measuring how you use the website so we can make sure it meets your needs

Our cookies aren’t used to identify you personally. They’re just here to make the site work better for you. Indeed, you can manage and/or delete these small files as you wish.

To learn more about cookies and how to manage them, visit

We use Google Analytics to collect information about how people use this site. We do this to make sure it’s meeting its users’ needs and to understand how we could do it better.

Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. We do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. We do not allow Google to use or share our analytics data.

The following cookies are set by Google Analytics:

Name Typical Content Expires
_utma randomly generated number 2 years
_utmb randomly generated number 30 minutes
_utmc randomly generated number when you close your browser
_utmx randomly generated number 2 years
_utmxx randomly generated number 2 years
_utmz randomly generated number and information on how the site was reached (e.g. direct or via a link, organic search or paid search) 6 months

We also use third party cookies set by our media partners to track where visitors to this website have come from and how they go on to use the site, when they come in from our marketing activity elsewhere online. For more details, please read the Media IQ privacy policy.

We also use cookies to help you retrieve and forms which you’ve chosen to save and return to later.

ii) Log files
Log files allow us to record visitors’ use of the site. These logs are automatically generated from all our visitors, which we use to make improvements to the layout of the site and to the information in it, based on the way that visitors move around it. Log files do not contain any personal information about you, but may include details about the device you used to access the website and non-personal information such as postcodes you enter into forms on this site.

How to make a complaint

If you’re unhappy with the way we have handled your personal information, you can contact us here.

You’ll get a confirmation that we have received your complaint within 5 days and a full answer within 20 days. We will tell you if there’s going to be a delay.

If you’re unhappy with the answer or need any advice, contact the Information Commissioner’s Office (ICO).

The ICO can investigate your complaint and take action against anyone who has misused personal data.