General Data Protection Regulations (or GDPR) remain confusing to many despite being in action for over three months now. Landlords especially remain in the dark when it comes to the data they can and cannot share with other institutions regarding their tenants. This guide explains what the new GDPR means for landlords and explains the steps you need to take in order to comply with the new regulations.

The GDPR, administered on May 25th 2018, essentially protects and controls the personal and private data of individuals through legal enforcement.

As a landlord you can often acquire a substantial amount of data over the years from past, present and even future tenants. It is your responsibility to make sure this sensitive data is managed in a proper and professional way.

Auditing your tenants data

The first thing you need to do when protecting your tenants data is to create an audit with all the personal information, this includes phone numbers, email addresses and home addresses. The audit should document who the information is shared with, how long it is retained for and any policy information that explains how private information is used and shared. You must protect the data of all your tenants, not just your current ones – this includes tenants who have enquired about your property, prospective tenants and ex-tenants.

Lawful basis

As a landlord you must have a “lawful basis” in order to store, use, share and delete your tenant’s sensitive information. The main reasons you may process a tenants data include:

  • Using peoples data in a legitimate way that has a minimal privacy impact
  • Passing on data to contractors in order for repairs
  • Processing data for legal requirements such as ‘right to rent’ checks

GDPR is essentially getting consent to store and use private information of the individuals associated with a company. Due to the fact that landlords generally use data in a legitimate way, consent is not necessarily needed; however it is important that you keep up to date with any changes that could impact your responsibilities as a landlord.

Informing the tenants

Once you have audited all the relevant information, you must inform all your past, present and prospective tenants on how you will use and store their sensitive information.

Agreements between utility companies and letting agents

Under the new GDPR legislation, a tenant’s information can be passed on from a landlord to utility companies provided that it is done so in a legitimate way. It is recommended that as a landlord you inform your tenant if you are planning to do so.

Letting agents are also able to pass on personal information regarding a tenant, this could be information acquired from the referencing of a tenant. Again, it is important that you let your tenant know their details are being passed over.

As a landlord it is important that you comply with the new General Data Protection Regulations as you are responsible for using and sharing sensitive information in the correct way, whilst making your tenants aware of how you plan to use such data.

Author Bio: RADS Document Storage provide secure document storage and confidential data destruction from their secure facility based in Nottingham. RADS specialise in many sectors including medical, financial and legal document storage.

Sign up for regular property updates & receive investments in your inbox

Daniel Peacock

Leave a Reply