GDPR confusion and misinformation

GDPR confusion and misinformation

11:26 AM, 23rd April 2018, About 7 years ago 125

Text Size

I am told that ALL organisations, including private landlords (and their contractors), will have to be GDPR compliant by 25th May 2018. I have attending training on this and I’m getting contradictory advice from different GDPR professionals. About 4 weeks ago I was told that there is no need to register with the ICO, as everyone has to comply with GDPR so no need to register to do so, then earlier this week I was at an RLA event and was told that it would be necessary for everyone to register with the ICO, so these two GDPR speakers basically contradicted each other! The ICO website itself says that most data controllers (yes, that includes landlords) will need to register, unless they fall into an exemption (examples are on the ICO website).

At the RLA event earlier this week, I was told that we would need to provide all our tenants (and other people we hold data about) with a Privacy Notice. The RLA have one of these on their website that landlords can download, they said it is 30 pages long. I mentioned that there are probably a couple of hundred organisations that hold a persons data, so does that mean we can expect to receive 200 x 30 page documents arriving in the post in the next few weeks, and she said that most would be sent by email. I asked, what if the person does not have an email address, and she said then I could post them a hard copy, (so if you have any tenants who do not have an email address, they may be getting 6000 pages in the post very soon!!! (200 x 30 page documents). I asked if we could simply have the Privacy Notice on our website, and she was unsure whether this would be acceptable for not. She said that she only takes tenants if they have an email address, but clearly she deals with more affluent or well educated tenants, whereas I deal mainly with vulnerable tenants who very often don’t have an email address (or may not be computer literate, may have mental health issues, or learning difficulties, etc).

I asked if GDPR applies to all government, and local government departments, and she said yes, it applies to all companies and organisations. However, the bloke sat next to her from the Council was asked if the Council were compliant, he said that his Council “are currently looking into it”. If all organisations have to be GDPR compliant, then how will the politicians send us all their party political mailings asking us to vote for them!

Overall, it seems that nobody is quite sure how GDPR will affect individual situations, it is legislation designed for application to massive companies to stop them abusing the data they hold (using it for wrong purposes, or selling it on, etc), but it is applicable to everyone so even one landlord with just one tenant will have to comply with all the GDPR rules.

Are any other landlords having trouble understanding the GDPR compliance rules? Getting misinformation or contradictory advice? Are all landlords aware of how GDPR will affect them, and what they need to do?

Robert


Share This Article


Comments

Chris Amis

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

9:25 AM, 14th May 2018, About 7 years ago

This is just the start, once the tenants get these rights, they will exercise them maliciously or under orders.

Now when you give tenant a S.21, the council will, just after telling them to stay until the bailiffs arrive, tell them to issue a subject access request to landlords, agents, managing agents, anybody they can think of.

Then you have a load of emails, docs and so on, complaints from neighbours, complaints from managing agents, contractors explaining just how whatever got broken, or even perhaps discussions between you and the agent about how much to bribe the tenant to leave, what do you give?

The chaos is just beginning...

Paul Shears

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

9:26 AM, 14th May 2018, About 7 years ago

Reply to the comment left by Mandy Thomson at 14/05/2018 - 07:02I am being hit every day with requests from organisations to retain data that they hold about me. There have literally been dozens of Emails from a diverse range of organisation. This has already become a massive bureaucratic nightmare.
I met someone last night who has recently been on a training course on GDPR compliance and is now acting as a consultant to other organisations. She thinks the whole thing is an utter ill thought out nonsense. One thing that she is doing is seeking written permission from people that she holds data on.
And so the discussions go on ad infinitum.

Mike

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

9:35 AM, 14th May 2018, About 7 years ago

Reply to the comment left by Chris Amis at 14/05/2018 - 09:25On top of this what about cctv body camera recordings as evidence to prevent tenants accusing you falsely when carrying out routine inspections, or even voice recordings, and I wonder what happens to dash cams used by drivers and cyclists with helmet cameras who then post incident videos and defaming bad drivers on you tube, I wonder if they would come under the spell of GDPR, so we could sue anyone posting your video on youtube, some videos captured on mobile phone cameras and posted on YT such as racial slangs in busses, trains etc etc. so a camera operator capturing an incident between two other people posts a video on YT could be liable to be sued??? Would this mean people would then be reluctant to capture videos of incidents so crime goes unpunished as there is lack of evidence of an incident.

Paul Shears

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

9:38 AM, 14th May 2018, About 7 years ago

It's now 09.37am and I have already been hit with two more GDPR requests for permission to hold my data this morning.

Mark Alexander - Founder of Property118

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

15:52 PM, 14th May 2018, About 7 years ago

Short version GDPR Policy for private landlords https://www.property118.com/landlord-gdpr-policy-short-version/

Paul Shears

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

23:55 PM, 14th May 2018, About 7 years ago

Reply to the comment left by Mark Alexander at 14/05/2018 - 15:52
Thanks very much indeed Mark. Now this is a bit more sensible.

Robert M

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

0:02 AM, 15th May 2018, About 7 years ago

Reply to the comment left by Mark Alexander at 14/05/2018 - 15:52
I'm all for simplification of the GDPR requirements, if possible, but following this link leads to a document that fails to mention the requirement for a data audit (what data you have, what form it is kept in, etc), recording what is done with the data, the requirement to regularly review the data held, etc, etc, and as such while it does appear to be a simplification, it omits many of the legal requirements. However, I do agree that GDPR does not necessarily mean major changes to what landlords actually already do with the data, (most of data protection is common sense precautions), but under GDPR there is definitely far more emphasis on recording what data is held, why it is obtained, and what processing is done with it, and unfortunately the simplified guide does not address these points. Landlords are of course free to ignore the GDPR requirements, or interpret them in whatever way they wish, but I don't think it is wise to advise landlords to ignore parts of the GDPR legislation just to make it easier.

Mick Roberts

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

6:28 AM, 15th May 2018, About 7 years ago

Brilliant Chris & Rob & Mark.
All our lives are getting harder with all these new regs, some totally unnecessary in my opinion. Oh I don't give u permission to store my data. Well, the plumber can't ring u then to come sort that leak out that's going all over your new 65" TV.
You three coupled with your knowledge & research have just made my life easier. That is why this site is the Daddy. Whatever problems are out there, someone one day on this site has an answer.
NOW, I need someone to post me the quick link to this ICO b_____ks. so I can get it done & forget about it.
Well, forget about it, maybe not, as I've just had 2 months of driving round tenants houses to sign they have smoke alarms fitted, & they don't want thumbturn locks, & now I've got to do the same with this ICO rammel.
What next Mr Govt?
Did this Govt say they wanted to reduce red tape to business's?
I have seen some of your emails Mark, I'm hopefully gonna' read 'em later today.

Chris Clare

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

9:00 AM, 15th May 2018, About 7 years ago

Reply to the comment left by Mick Roberts at 15/05/2018 - 06:28
Hi Mick

Glad we helped if not agreed on all points.

The most important link you'll need is this:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

It has everything you need to know and understand regarding GDPR.

Robert M

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

10:29 AM, 15th May 2018, About 7 years ago

Reply to the comment left by Chris Clare at 15/05/2018 - 09:00Hi Chris
Thank you for putting this important link on here, this is the official guide from the ICO and it clearly states what actions you need to be taking, what processes you need to be considering, what procedures you need to be reviewing (or creating), and it emphasizes the importance of documenting all of this.
While it may not alter the day to day operations of the landlord very much, (if landlords are already adhering to data protection principles), I think it does make it quite clear that the creating/reviewing of policies, procedures, and record keeping, is required and that it all needs to be documented. The data audit and creation of other documents is not a simple task and it should not be underestimated. Read the ICO guidance, follow the 12 steps, decide how the GDPR affects your interactions with suppliers, contractors, tenants, letting agents, consultants, staff, etc, consider what changes you may need to make, and document it all.
The ICO website is getting better, the guidance is getting better, but if you want to comply with the GDPR requirements, then do not be mislead into thinking that a simple 2 page statement about data protection or privacy is all you need.
Ask yourself this: Do you think that it is possible for a disgruntled tenant, perhaps desperate to prevent an eviction (or out of malice after being evicted), might try to accuse you of data breaches? - If the answer is yes, then you need to ensure that your GDPR data audit, policies, procedures, and record keeping, is up to scrutiny.
Here is Chris's link to the ICO website again:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

1 2 3 4 5 6 7 8 9 10 11 12 13

Leave Comments

In order to post comments you will need to Sign In or Sign Up for a FREE Membership

or

Don't have an account? Sign Up

Landlord Automated Assistant Read More