Landlords and letting agents have been warned to be more careful when handling tenants’ personal data under GDPR rules.

The comments by the Information Commissioner’s Office (ICO) follows several complaints from tenants that their personal data had not been protected, putting them at risk of ‘distress, discrimination, identity theft, or physical harm’.

“We have received a number of complaints from residents who have been failed by poor data protection practices from their housing association, company or landlord - whether that’s inaccurate record-keeping, leading to anxiety, or necessary repairs being refused due to a misunderstanding about data sharing,” says Helen Raftery, Head of Data Protection Complaints at the ICO.

Lack of understanding

Although she says her concerns are aimed at housing associations, she adds that “our complaints data suggests that there is a lack of understanding about data protection law by some organisations in the UK housing sector”.

Propertymark, which represents letting agents in the UK, suggests the ICO’s warnings should be a wake-up call for those working in the private rental sector.

Nathan Emerson, its CEO, says: “Propertymark understands the importance of estate and letting agents complying with GDPR law and it is crucial that agents make themselves aware of the legislation in order to avoid any breaches or legal fines. “Propertymark advises estate and letting agents to register and attend the webinar where they will receive expert help and advice.”

The risks of not complying with GDPR are not just regulatory – agents and larger landlords who are careless with tenants’ data face reputational damage from being ‘named and shamed’ by the ICO and/or having to pay compensation for data losses or illegal disclosure.

Two years ago LandlordZONE completed an investigation into data privacy within the private rental sector which revealed how many letting agents and landlords were sharing information about tenants' referencing information in contravention of GDPR regulations.