Browse All Tribes or choose a Tribe below:
By signing up I agree to Property Tribes Terms and Conditions
Already a PT member? Log In
Sign Up With Facebook, Twitter, or Google
By signing up, I agree to Property Tribes Terms and Conditions
Already a PT member? Log In
Don't have an account? Sign Up
To reset your password just enter the email address you registered with and we'll send you a link to access a new password.
If you are in property management, selling or letting property yourself and processing personal information you need to be aware of the new General Data Protection Regulations. The rules are changing (and the costs going up!) from 25th May 2018.David Smith of Anthony Gold Solicitors shared these insights for landlords:
David offers an on-line course on GDPR and you can find out more at his website, Plenumo.The 10 Commandments of GDPR
Vanessa Warwick Landlord and Co-Founder of PropertyTribes.com **If you have got value from Property Tribes, find out how you can support it in remaining a free to use community resource**
Robert Parker, the ICO's head of comms, said the organisation is planning to use social media to build awareness among micro-businesses and drive traffic to the ICO website. It is also working closely with various trade bodies on PR.
The ICO website carries campaign images.
The site also features resources such as FAQs, a guide to GDPR and a 60-second YouTube video giving small business owners "eight practical steps" to get ready for the new law.
The ICO is working closely with the Federation of Small Businesses and other organisations. Parker said: "One of the key messages is that the ICO is the regulator and can provide companies with information on GDPR. Many organisations are providing bespoke advice for their industry sectors as well."
The ICO is responsible for regulating GDPR, which comes into effect on 25 May and replaces the Data Protection Act. The new law is designed to give people more control over how their data is used, shared and stored by businesses, ensuring that companies are more accountable and transparent.
For businesses, that means getting to grips with compliance.
"Data protection has been around for a long time and lots of businesses already manage it," Parker said. "This is raising the bar and offering customers higher standards of transparency."Read more >>> here.
We had a very good presentation on this Topic last night at the Local NLA meeting
we have to comply with this so in my view get on with it
I think its £35 a year
Its just another rule to abide by
Its quite a lot of Commonsence and record keeping who you share data with
One good tip is when a customer rings you for a repair don't give the tradesman's there number
It will be better to give the tradesman's number to the customer to arrange the repair
That way you are not sharing data
If you do give the customers number to the tradesman make sure its documented what you have given and you have the right consent forms completed by the customer
You can not add a condition to an AST it has to be separate
I am sure as we go along we will all learn the right thing to do with Data
and If you have a Customer who has there own CCTV in operation on the street they also need to be registered too.
Learn Change and Adapt ?????
Eh? You are sharing the tradesman's data. Of course you have a good reason to, but you would have a good reason to share the customers' data too.
An AST is a contract so provides a lawful basis to use information
You can rely on this lawful basis if you need to process someone’s personal data:
Repairs are a contractual obligation of ASTs. You should record the sharing of infomation - I think that requirement is new. You could put a notice in the AST that you might share contact information with tradesmen for the purpose of making repairs as part of the contract. Since the contract purpose is being used, consent is not needed.
Note I am not a lawyer, I am just going off what the ICO's guidance says, and my memories of data protection training in the past.
Seems like a good tip there Peter except for one issue.
When you get the tenant they should have agreed to your data protection policy and part of that would be "We will share your data with third parties in order to comply with our contractual obligations" Meaning giving the tradesman the tenants number fully complies. However I doubt very much that you have anything agreed between you and the tradesman and therefore sharing their details with the tenant is as much a breach as you consider the other way round is.
When formulating a GDPR policy you have to consider everyone you deal with:
Everyone has the fundamental right to be informed but consent is pretty much limited to the "Consent" class of processing.
A good GDPR Privacy Statement will address exactly how all of the above's data will be handled and where applicable shared, at the outset of any dealings. Particular consideration should be shown to the sharing of data with future LLs for references and as such, data storage time frames. In other words you cannot say we will only keep your data for the duration of the tenancy as this cannot be the case or you will be unable to provide a reference.
I have spent the last six months knowledge building for this as part of my day job. Quite frankly the property side of my life for GDPR was a walk in the park.
Landlord with 25 years’ experience in the property market and a specialist in tenant referencing, ID and credit screening. Creator of identity, credit and anti-money laundering system ValidID.co.uk
I also believe the NLA will be providing guidance and forms to be used for members use
so watch out for the emails
I agree DL.The belts and braces approach would be for self-managing landlords to do a training course and register for £35.00 for the year.I am sure the landlord associations will be assisting with this, going forwards.
I think it will become just like CP12 its another form in a file with consent
I think registering is just the thing to do
and learn about your responsibility's on DATA
The fines are huge so non compliance is not an option
I think none of us will get this 100% right but we have to do our best.
Commandment 5 is wrong. There is data you do not have to and should not delete at the request of the subject. If a tenant asks you delete all the information you hold about him you don't have to delete records of his being a tenant and paying rent or not, oe whether you took a deposit and protected it.
Commandment 1 is also wrong. You do not need consent to record that a customer is a customer and other details needed to fulfil the contract.
Yes No.5 is a big vague above. You can indeed hold client data even if they request to delete it if you have a legal purpose. Take for instance Passports and "Right to Rent" regulation requiring you evidence that you check your tenants have right to reside in the property. You have a legal purpose not to delete it.
_________________________________________________________________________The above post is not financial advice, its often me rambling - passing time on a coffee break.If you are looking for the Best BTL Mortgage? Call the Specialist Team at Bespoke Finance._________________________________________________________________________
You're right Peter, this also extends beyond "Contract" to "Legal Obligation" as part of things such as, Right to Rent, Money Laundering and ID verification to delete this data leaves you exposed to criminal and regulatory penalties if it turns out the tenant is doing anything wrong.