GDPR confusion and misinformation
I am told that ALL organisations, including private landlords (and their contractors), will have to be GDPR compliant by 25th May 2018. I have attending training on this and I’m getting contradictory advice from different GDPR professionals. About 4 weeks ago I was told that there is no need to register with the ICO, as everyone has to comply with GDPR so no need to register to do so, then earlier this week I was at an RLA event and was told that it would be necessary for everyone to register with the ICO, so these two GDPR speakers basically contradicted each other! The ICO website itself says that most data controllers (yes, that includes landlords) will need to register, unless they fall into an exemption (examples are on the ICO website).
At the RLA event earlier this week, I was told that we would need to provide all our tenants (and other people we hold data about) with a Privacy Notice. The RLA have one of these on their website that landlords can download, they said it is 30 pages long. I mentioned that there are probably a couple of hundred organisations that hold a persons data, so does that mean we can expect to receive 200 x 30 page documents arriving in the post in the next few weeks, and she said that most would be sent by email. I asked, what if the person does not have an email address, and she said then I could post them a hard copy, (so if you have any tenants who do not have an email address, they may be getting 6000 pages in the post very soon!!! (200 x 30 page documents). I asked if we could simply have the Privacy Notice on our website, and she was unsure whether this would be acceptable for not. She said that she only takes tenants if they have an email address, but clearly she deals with more affluent or well educated tenants, whereas I deal mainly with vulnerable tenants who very often don’t have an email address (or may not be computer literate, may have mental health issues, or learning difficulties, etc).
I asked if GDPR applies to all government, and local government departments, and she said yes, it applies to all companies and organisations. However, the bloke sat next to her from the Council was asked if the Council were compliant, he said that his Council “are currently looking into it”. If all organisations have to be GDPR compliant, then how will the politicians send us all their party political mailings asking us to vote for them!
Overall, it seems that nobody is quite sure how GDPR will affect individual situations, it is legislation designed for application to massive companies to stop them abusing the data they hold (using it for wrong purposes, or selling it on, etc), but it is applicable to everyone so even one landlord with just one tenant will have to comply with all the GDPR rules.
Are any other landlords having trouble understanding the GDPR compliance rules? Getting misinformation or contradictory advice? Are all landlords aware of how GDPR will affect them, and what they need to do?
Robert
Comments
Have Your Say
Every day, landlords who want to influence policy and share real-world experience add their voice here. Your perspective helps keep the debate balanced.
Not a member yet? Join In Seconds
Login with
Previous Article
Anyone have a sample Guarantee and Indemnity?Next Article
Give our Buy to Let away?
Member Since November 2013 - Comments: 129
12:52 PM, 19th May 2018, About 8 years ago
Reply to the comment left by Mick Roberts at 19/05/2018 – 10:35
No Mick it wasn’t me sorry.
I have been registered with ICO for 7 years so I just accept this and the many other things we do as a cost of doing business.
If you’re not prepared to do both companies I would register the new one and move all the data to it. But if you continue to store and process data in the old one you will have to get it registered.
Member Since June 2013 - Comments: 3237 - Articles: 81
3:31 PM, 19th May 2018, About 8 years ago
I’ve paid and received no receipt by email. Charming. They expect us to do this, but don’t give us a receipt that their sister department HMRC insists on.
Member Since August 2013 - Comments: 109
9:30 PM, 20th May 2018, About 8 years ago
Hoping too much for an example data audit.
I see there are 2.5M LL in the UK (Independent https://www.independent.co.uk/news/business/news/housing-market-buytolet-landlords-investors-record-high-despite-tax-hike-stamp-duty-a8292146.html), I would have thought the ICO would produce specific help, as we are apparently amateurs who often accidentally happen to be LLs, but I can’t see it.
So here’s one I made earlier, does it look right?
https://drive.google.com/open?id=1-_NpkcztwDF7MChYtqPduSZAy2Spd5jv
Member Since October 2013 - Comments: 1308 - Articles: 10
9:58 PM, 21st May 2018, About 8 years ago
Could everyone that wants a copy of my GDPR Data Protection Policy (in an editable format) please e-mail me directly: [email protected]
rather than putting their email on this thread.
Just 4 days to go before everyone should have done their data audit, got all their GDPR policies written, and procedures in place!
Member Since October 2013 - Comments: 1308 - Articles: 10
12:08 PM, 27th May 2018, About 8 years ago
I have just had feedback from a landlord who I sent a free GDPR Data Protection Policy to, they said it took just 7 mins for him to make the amendments to adapt it to his own landlording business. Just 7 minutes!!!
Anyone wanting an editable sample copy of my GDPR Data Protection Policy, please email me direct [email protected] rather than requesting it on this thread.