Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mathew Norman, Policy & Public Affairs Officer, RLA Wales

Published byNorma Morrison Modified over 6 years ago

Similar presentations

Presentation on theme: "Mathew Norman, Policy & Public Affairs Officer, RLA Wales"— Presentation transcript:

1 Mathew Norman, Policy & Public Affairs Officer, RLA Wales
GDPR

2 About the RLA The home for landlords
The Residential Landlords Association (RLA) represents the interests of landlords in the private rented sector (PRS) across England and Wales. With over 30,000 subscribing members and an additional 20,000 registered guests who engage regularly with the Association, the RLA is the leading voice of private landlords. Combined, they manage over a quarter of a million properties. The RLA provides support and advice to members and seeks to raise standards in the PRS through its code of conduct, training and accreditation, and the provision of guidance and updates on legislation affecting the sector. Many of the RLA’s resources are available free to non-member landlords and tenants. The Association campaigns to improve the PRS for both landlords and tenants, engaging with policymakers at all levels of Government to support its mission of making renting better. About the RLA

3 General Data Protection Regulations
(Hopefully I won’t bore you)

4 Overview It’s been in force since the 25th May 2018
Rules for the handling and storage of personal information Applies to anyone controlling or processing data Includes all landlords and agents Unaffected by Brexit Replaces Data Protection Act Fines of up to 20 million Euros!

5 Information Personal information
information that can be used to identify an individual Includes date of birth, NI number, IP address, car registration etc Sensitive personal information Information that can be used to reveal race or ethnicity, political opinion, religious belief, sexual orientation, health, disability etc Includes health records, requests for adaptations Data Processing Using the personal information of another individual Uses include collecting, recording, storing, editing, sharing, altering or deleting

6 Data? Data Controller Person or organisation who decides how why and when someone else’s personal data is used eg landlord, agent Data Subject The person to whom the information relates eg the tenant Data Processor A third party who perform data processing tasks for the data controller (not an employee or staff member of the controller) Examples include reference services, agents, providers

7 Who, what & where? Information Commissioner’s Office (ICO)
Must register with ICO – this is not new! Annual fee: £40 for most landlords & agents, £60 for bigger businesses Data Audit The ways personal information comes in to the business What that personal information is, and whether it is sensitive How it is held Who is it shared with How long it is held for How it is disposed of

8 Consent is as simple as tea …
Gateways to lawful processing information Consent Contractual Legal requirement Vital interests Public interest Legitimate interest of 3rd party Keep a record of which gateways you have chosen to use Do not rely on consent

9 Always seek consent! Getting consent Consent should be:
Applies if you operate a mailing list for marketing Cannot rely on pre-existing consents Contact everyone on database and re-establish consent Must be an explicit opt in Must be clear about what you intend to do with their data Consent should be: Obviously given Freely given Specific Nature of consent clear and unambiguous

10 ‘please untick here …’ Consent Form should include
Why you want the data What you will do with the data How the data subject can withdraw their consent Do not ‘pre-tick’ consent boxes Keep records!

11 Data Protection Principles
Data must be: Processed fairly Collected for specific and legitimate purposes Adequate, relevant and limited to what is necessary Accurate and up to date Stored so that storage is time limited Processed in a way that ensures appropriate security

12 Rights of Data Subjects
They have the … Right to be informed Right to rectification Right to restrict processing Right of portability Right to object Right to erasure Right of access Free of charge and within one month (this is one change from GDPR

13 3rd Parties & Breaches Dealing with Third Parties
Written instruction of data controller Ensure their compliance with GDPR Returns or deletes data at end of contract Breaches Notify ICO within set timescale (72 hours of discovery) Notify data subjects if required Possible fine

14 Notice & Resources Privacy Notice Resources
ICO – ico.org.uk – registration and guidance RLA – rla.org.uk – guidance, advice and free online course Privacy Notice Essential for contractual and legitimate interest gateways Must be given to data subject Comprehensive and detailed Ensure their compliance with GDPR

15 Any Questions?

16 Get involved Take RLS Surveys and become an RLA Insight Partner

17 Contact Details: Email: Mathew.norman@rla.org.uk Twitter: @RLAWales
T +44 (0) W

Download ppt "Mathew Norman, Policy & Public Affairs Officer, RLA Wales"

Similar presentations

Data Protection.

Data Protection.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection for Church of Scotland Congregations

Data Protection for Church of Scotland Congregations
Data Protection Act AS Module 1 10.8 Heathcote Ch. 12.

Data Protection Act AS Module Heathcote Ch. 12.
Data Protection Corporate training 2012. Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
Data Protection for Church of Scotland Congregations.

Data Protection for Church of Scotland Congregations.
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Data protection—training materials [Name and details of speaker]

Data protection—training materials [Name and details of speaker]
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.

Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.

Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
Tony Sheppard Mobile Guardian

Tony Sheppard Mobile Guardian
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
GDPR – What’s it all about???

GDPR – What’s it all about???
IT Applications Theory Slideshows

IT Applications Theory Slideshows
General Data Protection Regulations: what you really need to know

General Data Protection Regulations: what you really need to know
Data Protection The Current Regime

Data Protection The Current Regime

Similar presentations

Ads by Google