One of the biggest changes to data regulation to date is set to come into force next week, and the clock is ticking for businesses to make sure they’re compliant.
You’ve probably heard a lot about the General Data Protection Regulation (GDPR) – but what will it mean for you and your business?
What is the GDPR?
The GDPR is a new EU framework for data protection laws, which comes into effect from Friday 25 May 2018.
It’s designed to give individuals better control over their personal data by improving security and privacy rights, as well as making regulations consistent across Europe.
As a result, organisations will need to comply with stricter rules around the way they collect and handle data.
Who does it apply to?
The GDPR isn’t just a concern for large businesses – the rules apply to any organisation that holds or processes the personal data of EU citizens.
Personal data is defined as any information that could be used to identify a person, including their name, location, contact number and email address among other details.
Businesses of any shape or size, whether they operate within the EU or deal with individuals in the EU, will need to comply with the rules on handling this data.
This includes landlords, as handling tenants’ information classifies you as a ‘data controller’ under the new law.
Your tenants will have more rights regarding the data you hold on them, and you’ll be responsible for complying with the regulations when handling it.
What are the penalties for non-compliance?
Much has been made of the potential fines for non-compliant businesses, which could be as high as €20 million or 4% of the company’s annual turnover – whichever is larger.
However, it’s worth remembering that these penalties are at the discretion of the Information Commissioner’s Office (ICO), and will only be issued as a last resort.
More advice
If you’re unsure about how to prepare for the GDPR, you can find several guides and checklists on the ICO website. You can also call their small business advice line at 0303 123 1113.
We don’t offer advice about the GDPR, but you can contact us to talk about a range of other issues relating to your business.
If you are a client of ours, we’ll send you an email about updating your contact preferences.
We strongly advise that you allow communications from us, so that we can serve you better.