Latest News

Countrywide champions Propertymark Qualifications

22 June 2018

Countrywide plc, the largest residential estate agency and lettings network in the country, has announced the introduction of the Propertymark Qualifications' Level 2 Award throughout its branch network. Read More...

England's Tenant Fees Bill analysis for report stage

21 June 2018

On Wednesday 20 June the House of Commons released a briefing paper on the Tenant Fees Bill ahead of the report stage, which we expect to be announced shortly. Read More...

London Mayor launches online portal for affordable housing

21 June 2018

London Mayor Sadiq Khan has today launched a new online property portal that offers Londoners a one-stop shop where they can search for an affordable home to buy in the capital. Read More...

 

 

 

 

The GDPR countdown has begun

Monday 12 February 2018

General Data Protection Regulation coming into force in May will mean fundamental changes in how businesses handle personal data - so if you don't already have a plan in place, now is the time to be thinking about one.

There's only 94 days to go until new GDPR legislation takes effect, however recent research from the Government has found that nine in ten businesses and charities have not even begun to prepare for the incoming regulations.

Figures published by the Department of Digital, Culture, Media and Sport (DCMS) reveal that just 38 per cent of companies in the UK have heard of GDPR. Of those who were aware of the regulations, only 27 per cent have made changes to their operations directly as a response to the forthcoming rules. 

The regulations call for fundamental changes on how companies collect, process, and store personal data, with much more stringent rules around use of data – along with heftier fines for breaches.

So what are the key points that you need to know in order to be complaint?

  • Consider appointing a Data Protection Officer who is responsible for internal record keeping.
  • You must have a valid lawful basis in order to process personal data.
  • Companies will no longer be able to use long illegible terms and conditions full of jargon.
  • Customers will have the right to request confirmation as to whether or not personal data concerning them is being processed and for what purpose. When requested, companies are required to provide a copy of the personal data, free of charge, in an electronic format.
  • Customers have the right to request their data be removed and further distribution ceased in specific circumstances (e.g. where the individual withdraws consent).
  • The collection of online identifiers such as IP address, cookies and tags also fall under the remit of 'personal data'.
  • The use of external marketing agencies will require you to have an official written contract to ensure they are fully compliant with the new law.
  • Notifiable data breaches need to be reported to a data protection authority and the people affected within 72 hours, where feasible.

Companies that are not GDPR-ready by May can face fines of up to four per cent of their global annual turnover, and if a notifiable breach takes place and your agency does not inform the supervisor authority within 72 hours, you could be fined up to two per cent of your global annual turnover.

How can we help? 

Our half-day General Data Protection Regulation course provides an introduction for property agents into how to implement an effective GDPR compliant regime, and offers practical advice on business processes. Data protection pro and Partner at Anthony Gold Solicitors, David Smith, will be on hand to offer expert advice and help get you up to speed on everything you need to know, whatever stage of implementation you are at.

As part of your membership benefit package, we have also put together a handy fact sheet and have set up a legal helpline which is completely free of charge for members to call.

In the meantime, the ICO has created a self-assessment toolkit to help you evaluate your level of compliance with the new regulations, and find out which areas within your business you need to develop to get ready for GDPR.