Landlords GDPR applies to you – Find out more

What is the General Data Protection Regulation?

The General Data Protection Regulation (GDPR) is a European Union (EU) wide set of standardised rules for the handling and storage of personal information within the EU. This will apply to anyone who is controlling the information of an EU citizen or processing it on their behalf, even if the processor or controller are based outside of the EU.

When Does it start?

May 25th 2018

Will it still apply post Brexit?

YES it will still apply after the UK leaves the European Union.

Who oversees GDPR?

in the UK GDPR is overseen by the ICO (Information Commissioners Office) which is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

What does Beacons need to do for GDPR?

As an agent and a ‘data controller’ under GDPR we have to be registered with the ICO and comply with the regulations. This means we have to carry out a number of responsibilities including carrying out an audit of all the different information we hold and how we process that information and then providing individuals with Privacy Statements detailing that audit. 

Do Landlords have to register with the ICO?

Yes – although this is not provided for by the GDPR this is a requirement under UK legislation unless you qualify for one of the exemptions (which is very unlikely).

This means YES as a landlord you will have to register with the ICO. 

From May you will also have to pay a yearly fee for this. The fee is broken down into 3 tiers but it will cost most landlords £40 a year.

The necessity for Landlords to apply to join has been confirmed by the ICO.

Under GDPR you have certain responsibilities as a Landlord. 

As a landlord you are in fact a data controller. As a data controller you hold certain personally identifiable data on your tenants (for example their name). This simple fact means under the law that you need to register with the ICO.

What terminology do I need to understand 

Term ————– Definition —————————————————— Example —————————————————–
Personal Information Information about the
identity of an individual
Name, address, email address, phone number,  passport number, etc.                          
Sensitive Personal Info Special restrictions apply to this category of information and landlords/agents should avoid taking it where possible. You may however be aware of an individual’s disabilities Requests for improvements to the property to accommodate a disability.
Data Processing Using the personal information of another individual in any number of ways including collecting, recording, organising, storing, updating, using, disclosing, erasing or destroying the data Storing a photograph of a tenant’s passport to comply with right to rent legislation, or keeping a copy of the tenancy agreement with the tenant’s details on it, etc
Data Controller Person or organisation who decides how, why and when someone else’s personal information will be processed The landlord as well as the agent who may pass on a tenants phone number to a plumber to arrange access
Data Subject The person to whom the personal information relates The tenant or residents
Data Processor A third party who perform data processing tasks for the data controller (not an employee of the controller’s organisation)                           Contractors (plumbers etc) email account providers, IT support, book keepers, accountants, Cloud backup providers etc

For a full explanation of GDPR see:

You can register with the ICO here:

Posted by: