What does GDPR mean for your business?

Reading time: 4 Minutes

What does GDPR mean?

As of the 25th of May 2018, data protection laws are changing to EU GDPR and there are a number of changes that the team at James Laurence have made that some landlords and property owners may not be aware they have to make too.

The new regulation will focus more on documentation and procedures, reshaping how organisations approach data privacy and look after client’s information. Many organisations would be forgiven for thinking that this means that GDPR will solely focus on data from customers, but they will need to demonstrate accountability; how they store all their data, whether it is from suppliers, employees or tenants.


What does GDPR entail and what will you need to be aware of?

The official EU GDPR website cites the main aim of GDPR is ‘to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established.’ Although the key principles of data privacy still hold true to the previous directive, many changes have been proposed to bring legislation up-to-date with technological advancements. Here are the top changes to be aware of:

  • Increased Territorial Scope (extra-territorial applicability)

This will apply to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not

  • Penalties

Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements. There will be a tiered approach to fines

  • Consent

Companies can no longer use long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form. In addition, it must also be easier for people to withdraw consent

  • Breach Notification

Breach notifications will now become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach

  • Right to Access

Part of the expanded rights of data subjects outlined by the GDPR is the right for data subjects to obtain confirmation as to whether or not personal data concerning them is being processed and for what purpose

  • Right to be Forgotten

Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data

  • Data Protection Officers

DPO appointment will be mandatory, only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences.

So, to answer the earlier question, GDPR means a lot, especially as the fines for failing to comply are so great, even for smaller businesses. EU GDPR does make allowances for smaller businesses, but it still imposes hefty fines for those that don’t make changes. Article 30 outlines that DPOs are only a requirement for businesses with over 250 employees, but businesses with under 250 employees still have to make everyone aware of breaches in data security, allow individuals to exercise their right to be forgotten and enquire as to how their data is being used, so make sure you have processes in place to make this job as easy as possible.


What does GDPR mean for landlords and property owners?

Estate Agent Today recently reported on how GDPR would affect the property sector. They called on the expertise of Adam Rose, a partner in the Mishcon de Reya law firm, who outlined the below changes that may prove useful:

  • Firstly, Rose says the definition of ‘personal data’ not only covers names, addresses and telephone numbers, but also IP addresses and other online identifiers. “So if you provide free WIFI in your building, and collect the IP addresses of all users, this will be caught by the GDPR” he says.
  • Secondly, GDPR now applies to ‘data controllers’ and ‘data processors’. “So, if a property manager is given the contact details of every person working or living in a building, or has the record of every person’s entry and exit in the building, they will be caught by the GDPR.”
  • Thirdly, Rose writes that it is a common misconception that businesses always need consent to process personal data. “In fact”, he says, “they can rely on one of probably three other lawful bases for processing personal data. Most importantly, they might have a legitimate interest in processing the data, which is not outweighed by the individual’s data rights.”

The team at James Laurence are putting processes in place to ensure individuals can request access to their own data more easily. If you are a landlord or property owner, make sure you are doing the same and that all sensitive data is protected appropriately. Find all the details you need on the official EU GDPR website.


Similar Posts

The people we've helped
  • 5 star review  This is our second experience with James Laurence, this time as Sellers but 2.5 years ago as buyers. I wrote a review about the previous experience which was excellent and I believe this experience warrants another great review. This time we worked more directly with Henry who is an excellent communicator. From the word go he demonstrated impressive subject matter expertise, confidence and professionalism. He regularly follows up on progress and bridges the gap between purchaser and vendor extremely well. I'm confident that James Laurence is a company that has high standards embedded in to its culture and highly recommend them.

    thumb David Smither
  • 5 star review  Had a great experience with James Laurence. Reece Parkinson and Henry Crane were excellent. As a first time buyer, they were very patient with me and my questions and reassured me at every hurdle. Henry even helped chase my non-responsive solicitors which I’m forever grateful for. I would highly recommend

    thumb Dariusz Paszkowski
  • 5 star review  Honestly can't thank Kelly enough for all the help she has given me during my current moving process! As stressful as it has been, Kelly has gone above and beyond to clarify and assist me on information, even during her own time when not at work. Kelly is a real asset to this branch and gives the company a good reputation, would definitely recommend her and this branch to others, and would use them again for future moves. Thanks again so much! :)

    thumb Callum Phillips
  • 5 star review  We recently chose James Lawrence to sell our flat in the Jewellery Quarter, and couldn't be happier that we did. Henry and Reece were both exceptional, and kept us informed throughout the entire process, as well as chasing up all parties at key moments to make sure things kept moving. Everyone we dealt with was friendly and approachable and we highly recommend choosing James Lawrence if you're looking to sell your property.

    thumb Shane Bickerton
  • 5 star review  Recently completed on a flat sale with James Lawrence and it was the straightforward process one could normally only hope for. Nice to have estate agents (Henry & team) who were ahead of you at every moment in terms of updates on the sale. If you like to be well informed, advised and are generally a-bit too busy with life to let the buying/ selling of your property become a typical housing headache then I’d only recommend them to alleviate the strain!! Cheers guys for the help - professional, amiable and tight ship.

    thumb Jason Ho