GDPR confusion and misinformation

GDPR confusion and misinformation

11:26 AM, 23rd April 2018, About 7 years ago 125

Text Size

I am told that ALL organisations, including private landlords (and their contractors), will have to be GDPR compliant by 25th May 2018. I have attending training on this and I’m getting contradictory advice from different GDPR professionals. About 4 weeks ago I was told that there is no need to register with the ICO, as everyone has to comply with GDPR so no need to register to do so, then earlier this week I was at an RLA event and was told that it would be necessary for everyone to register with the ICO, so these two GDPR speakers basically contradicted each other! The ICO website itself says that most data controllers (yes, that includes landlords) will need to register, unless they fall into an exemption (examples are on the ICO website).

At the RLA event earlier this week, I was told that we would need to provide all our tenants (and other people we hold data about) with a Privacy Notice. The RLA have one of these on their website that landlords can download, they said it is 30 pages long. I mentioned that there are probably a couple of hundred organisations that hold a persons data, so does that mean we can expect to receive 200 x 30 page documents arriving in the post in the next few weeks, and she said that most would be sent by email. I asked, what if the person does not have an email address, and she said then I could post them a hard copy, (so if you have any tenants who do not have an email address, they may be getting 6000 pages in the post very soon!!! (200 x 30 page documents). I asked if we could simply have the Privacy Notice on our website, and she was unsure whether this would be acceptable for not. She said that she only takes tenants if they have an email address, but clearly she deals with more affluent or well educated tenants, whereas I deal mainly with vulnerable tenants who very often don’t have an email address (or may not be computer literate, may have mental health issues, or learning difficulties, etc).

I asked if GDPR applies to all government, and local government departments, and she said yes, it applies to all companies and organisations. However, the bloke sat next to her from the Council was asked if the Council were compliant, he said that his Council “are currently looking into it”. If all organisations have to be GDPR compliant, then how will the politicians send us all their party political mailings asking us to vote for them!

Overall, it seems that nobody is quite sure how GDPR will affect individual situations, it is legislation designed for application to massive companies to stop them abusing the data they hold (using it for wrong purposes, or selling it on, etc), but it is applicable to everyone so even one landlord with just one tenant will have to comply with all the GDPR rules.

Are any other landlords having trouble understanding the GDPR compliance rules? Getting misinformation or contradictory advice? Are all landlords aware of how GDPR will affect them, and what they need to do?

Robert


Share This Article


Comments

Mike

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

19:40 PM, 16th May 2018, About 7 years ago

Today I was emailed a GDPR Privacy Notice from the AA car breakdown company, and just so that people here can get some idea how a privacy policy can be composed, you can see how they composed it to suit their business profile, similarly we landlords can do in the same manner and structure, and I think this is how I did mine, and mine is still not finalised yet as there are still some points I need to add may be remove some, and trim it further without making it too long that non of my tenants would want to read. I also noted that we do not need them to sign it, as this is us telling tenant how we process their personal information, so when they have any objection, their first port of call is to contact us AND then see where we can reach an agreement or amend or destroy details without falling into a trap where they could sue us.

https://automyze.theaa.com/content/privacy-policy-update?utm_source=Intercom&utm_medium=email&utm_campaign=GDPR

Robert M

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

10:20 AM, 17th May 2018, About 7 years ago

Reply to the comment left by Mike at 16/05/2018 - 19:40All landlords need to have a Privacy Notice. If you have a website you must ensure that the Privacy Notice is on your website, and you must provide the privacy notice to your tenants. There are lots of sources of sample privacy notices, as all businesses are having to put these on their websites, and of course you can also obtain sample privacy notices from the RLA and NLA which will be more specifically worded to suit landlord businesses. The RLA's Privacy Notice template for landlords to use is 30 pages long. The Privacy Notice that I have put on my website is 20 pages long, and is I believe very robust. The Privacy Notice does not need to be signed by tenants, it is the various consents which may need to be signed, and these are entirely separate documents.

The Privacy Notice is what you provide to your customers, so it is a little different to the Data Protection Policy (and other linked policies) which are your internal documents detailing how your business will treat, store, process, and destroy, various forms of data.

Chris Clare

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

10:25 AM, 17th May 2018, About 7 years ago

Reply to the comment left by Mike at 16/05/2018 - 19:40
Good point Mike, that's exactly what I have been doing for the last 6 months, learning from others.

The only hint of caution I would add is, not everyone is right. Pretty much everyone is dipping their toes with GDPR statements and proof of that is, I saw one yesterday from a very large national estate agent chain and they did not have Legal Obligation as one of their Basis's of processing, which is strange as they carry out ID checks for anti-money laundering (AML checks). AML checks are a legal obligation and as such, carry very few Data Subject rights other than the right to be informed. Failure to include this means that the Data Subject has more rights than you would otherwise want them to have, such as the Right to be Forgotten.

I think that was a big mistake on their part, so in summary by all means copy from others but be sufficiently sceptical as not everyone is right all the time. When all said and done it is your neck on the line.

Mike

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

11:03 AM, 17th May 2018, About 7 years ago

Reply to the comment left by Chris Clare at 17/05/2018 - 10:25
Thanks Chris, the fact is that No one is perfect, not even the Governments, or the Councils, and not even the Courts and Judges, nor can we ourselves be perfect, it would be foolish to think if there is such a thing as 100% perfection, but if we can get close to it even say 50% that would be a good start and cover you partially, ICO themselves may not be perfect, this is why courts have an appeal system, so that a decision made by one judge could be overthrown by a higher court. In the end if one is really guilty then the sentence must be served.
Just think you are an individual zebra in a heard of 200 Zebras, and there is a lion lurching around and there is a water hole which has alligators, we are thirsty and tired and frightened of the lion lurching around, we know for sure that a few of us going to go, who would those few be, let us hope it is not your turn or mine, we live in a world full of sadness, even if you are good zebra, you tried to stay with the herd, but because you were tired and didn't run fast enough, and got left behind, the lion got you first, and the one who ran the fastest reached the water hole first got eaten by the alligator.

I am just going to hang on to a tree branch and hope it rains hard and floods everywhere and drowns the lion, and we need not go near the water hole. (humour is not dead yer despite all that pressure)

Chris Clare

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

11:06 AM, 17th May 2018, About 7 years ago

Reply to the comment left by Mike at 17/05/2018 - 11:03
hahaha what did you drink this morning.

Remember if you're being chased by a lion you don't have to be the fastest runner you just have to be faster than the slowest runner.

Mike

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

11:25 AM, 17th May 2018, About 7 years ago

Chris, great point there, you don't have to be the fastest runner, but somewhere in the middle you will be safe from all angles. well said.
(I just had my first cup of morning tea not sure if wife is plotting something and might have laced it with something)

Chris Amis

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

12:43 PM, 17th May 2018, About 7 years ago

Problem with the zebra thing is the big zebras saunter off untouched by the lion, who eats loads of defenceless little zebras.

I mean when did the HMRC ever go to lunch with you to discus how much tax you feel you might like to pay?

Mike

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

14:49 PM, 17th May 2018, About 7 years ago

Chris, ha ha , You would take HMRC for lunch when actual humans work in their offices, it is now all online and tick boxes and you get instant reply , these darn things arn't interested in going for a lunch to sort things out amicably and you cannot take a server for a lunch can you?

Chris Amis

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

0:21 AM, 19th May 2018, About 7 years ago

In addition to the privacy notice it seems internal paperwork is required too

Has anyone a filled in copy of the gdpr-documentation-controller-template spreadsheet from the ICO website I can crib?

Mick Roberts

Become a Member

If you login or become a member you can view this members profile, comments, posts and send them messages!

Sign Up

10:35 AM, 19th May 2018, About 7 years ago

Reply to the comment left by Chris Clare at 15/05/2018 - 09:00
Thanks for link Chris.
Chris, are u the same Chris that wanted the Freedom of Information requests on the Licensing? If so, I have emailed u them.

Well, that's £35 wasted in my opinion. I've not had a problem in 20 years & now the Govt has thought of ways to extract some money from us. Gees, let's say one million pay this £35, WOW!!!

I've ticked I'm responsible for DATA, but come on Little old me. I'm just putting your form in file cabinet in office & that's the Fort Knox enough is it?
My company process is changing as we speak, but do we put old company down as all tenants have got that details? Or do we put forthcoming company down?
And direct debit the ICO want to. Which I would normally do, but come on, am I tied in to £35 per year for life now?
What will they think of next?
Licensing £780.
Electrical certificates £140.
EPC £40-£80.
Clause Section 24 tenant tax thousands.
UC Direct payment.
Benefit Cap.
What else is there that we din't have 4 years ago?

Make it harder for Landlord, u make it harder for tenant. WAKE UP GOVERNMENT & BIGWIG COUNCIL IMBECILES.

1 2 3 4 5 6 7 8 9 10 11 12 13

Leave Comments

In order to post comments you will need to Sign In or Sign Up for a FREE Membership

or

Don't have an account? Sign Up

Landlord Automated Assistant Read More