Landlords

Quidem dolorem rerum tempore laboriosam cumque nihil ullam quaerat neque. Aut dolorum velit laboriosam quisquam alias fuga laboriosam. Eius maxime pariatur et non doloribus dicta explicabo est.

Landlords & The GDPR

Since the enforcement of the GDPR regulations backin May 2018 we have had many of our landlords’ question as to whether or notthey need to be registered with the Information Commissioners Office(ICO).

The ICO's website states it is, 'The UK’sindependent authority set up to uphold information rights in the publicinterest, promoting openness by public bodies and data privacy forindividuals.'

Do I Have To Register?

In short, the answer is that most landlords shouldalready be registered with the ICO and paying a fee under the previous /current data protection laws, but many may think they are exempt as they do notsee themselves as a business and therefore rely upon their Letting Agents tohold this registration.

Those who are not registered and currently hold orprocess personal data, such as their tenants' details, need to contact the ICO,register and pay the necessary fee in order to be compliant.​ It is a verysimple process and very necessary. It requires you to provide the ICO withdetails including your name, address, trading name, number of employees andturnover.

If you purely process data manually then you areexempt from registration, although this is unlikely to apply as most landlordswill process data via their PC, mobile phones or tablets.

And If I Don't Register?

Another great reason to make sure you are beingcompliant is that if you are not then you could face a civil penalty of between£400.00 and £4,350.00

Q & A

Some excellent landlord's questions and answers.

Q. What if I have an agent managing the propertyand they handle all of the processing of tenant ID etc.

A. It will depend whether you personally hold anydata. If you have any data that would identify the tenant(s) even if that isjust a name, mobile number or email address and if you hold it electronically,or if it was originally shared electronically (ie: via email or mobile phone)then you need to register.

Q. What I am unclear about is who and how is thisact “policed”? I have registered and paid because it is “the law” but how doesthis benefit myself and my tenants?

A. According to our Data Protection consultant,data subjects (ie tenants) can complain to the ICO about alleged misuse oftheir data – and the ICO will investigate their complaints. Additionally iflandlords do not comply then if they have any claim against the tenant(s) – forunpaid rent etc – there is a risk that this could be offset by a claim from thetenant(s) that they were suffering as a result of the landlord’snon-compliance. 

Q. I just received an email from my landlord withthe GDPR stuff. The problem is he says the ICO fee was £100 (it is a privatelandlord with only that property in the market) and wants me to pay for it. Asfar as I understand, this is a legal requirement for him as a landlord, not aservice for me, so I understand I am not responsible for the payment…is thatright?

A. This is very poor behaviour and you do not haveany obligation to pay this fee, as you say. 

Are you prepared in the following areas of the Data Protection Act 2018 (GDPR)?

You must have a good awareness of the following:
No items found.

Knowledge Centre Articles

No items found.

GDPR WATCH

Decathlon - Data Protection - Breach - Retail

Decathlon, which has outlets in 49 countries globally, has reported a data breach that impacted 123 million records which incorporated unencrypted passwords.The breach was first noticed 12 February, 2020.As the breach falls under the remit of the European Union’s General Data Protection Regulation (GDPR) the fine sanctioned could be as high as 4% of annual global revenue for 2018, which equates to €500 million.

Decathlon - ongoing investigation

Sports retailer Decathlon, which has outlets in 49 countries globally, has reported a data breach that impacted 123 million records which incorporated unencrypted passwords.

The breach was first noticed 12 February, 2020.

As the breach falls under the remit of the European Union’s General Data Protection Regulation (GDPR) the fine sanctioned could be as high as 4% of annual global revenue for 2018, which equates to €500 million.

Making it easy Limited - Retail

Retail and Manufacture

Making it Easy Ltd has been fined £160,000 by the Information Commissioner’s Office (ICO) for making spam calls to people registered with the Telephone Preference Service (TPS).

The ICO has also issued an enforcement notice to Making it Easy Ltd ordering it to stop its illegal marketing activity.

Dannyelle Shaw - Local Government

Social Services

A former Reablement Officer at Walsall Metropolitan Borough Council has been prosecuted for accessing social care records without authorisation.

An internal investigation by the Council found that Ms Shaw had inappropriately accessed the social care records of 7 adults and 9 children without any business need to do so.

Dannyelle Shaw of Bloxwich, Walsall, appeared before Wolverhampton Magistrates’ Court and admitted one offence of unlawfully obtaining personal data, in breach of s55 of the Data Protection Act 1998. She was sentenced to a fine of £450, ordered to pay costs of £364 and a victim surcharge of £45.

REVIEWS

MLR Career Step

"From our first meeting to the delivery of all policies, documentation and improvements to business procedures, the process was very simple and painless. After the initial information gathering meetings TWI handled all the production, answered all our questions we had clearly and promptly and importantly to ourselves kept to their plan and timeframe for compliance "completion".

"We did utilise TWI for further training and general awareness for all staff of the business, vital in relation to subject access requests"

MLR Career Step, Professional Recruitment

Our Client Reviews

"From our first meeting to the delivery of all policies, documentation and improvements to business procedures, the process was very simple and painless. After the initial information gathering meetings TWI handled all the production, answered all our questions we had clearly and promptly and importantly to ourselves kept to their plan and timeframe for compliance "completion".

"We did utilise TWI for further training and general awareness for all staff of the business, vital in relation to subject access requests"

MLR Career Step, Professional Recruitment

2nd Review goes here

Talk to us about Compliance

Contact us to get started!

TWI is an experienced provider of the Data Protection Act 2018 (GDPR) and (PECR) compliance services. Experienced in dealing with SME's and from Charities to large FTSE 100 Organisations.
At TWI we give honest, straight forward and independent advice that helps customers navigate an increasingly complex and regulated digital business world.     

We provide a clear business plan to compliance, with a flexible and cost-effective approach that suits all sizes of organisation. With almost 30 years’ experience at the heart of the rapidly evolving business environment, TWI has established a position as a leading advisor to high profile clients from the private & public sectors, including retail, professional, financial and leisure organisations.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

Call us

You can reach us on weekdays on: 
07857 342875

eMail us

Mail us directly on our email: info@twigdpr.co.uk

LinkedIn

Connect with us directly on our LinkedIn channel: @twigdpr.co.uk