What It Means To You


After 4 years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. On 25th May 2018, the new General Data Protection Regulation (GDRP) will come into force. The GDPR replaces the existing Data Protection Act 1998 governing how data is managed. It applies to all businesses in the European Union (EU). The GDPR will form part of UK law following the countries withdrawal from the EU. The GDPR was designed to harmonize data privacy laws across Europe because of developments in internet and cloud technologies. There are now so many ways to collect and store personal data that new measures are required to ensure that personal data is kept safe and is only kept for legitimate purposes.

What Constitutes Personal Data?


Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

GDPR Timeline Of Events


Penalties For Non-Compliance


GDPR places a strong emphasis on accountability and transparency, holding businesses accountable for safeguarding the collection, usage and storage of client personal data. Companies that use 3rd party software such as payroll or accounts packages will need to ensure these systems are GDPR compliant. Businesses are required to identify a lawful basis for processing client personal data fairly, accurately and be kept in a form which permits the identification of data subjects for no longer than is necessary. It is advised that businesses ensure that they have detailed procedures in place to detect, report and investigate a personal data breach. Failure to prevent a data breach can result in fines up to 4% of the total annual worldwide revenue or €20 Million. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order, not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.


TLP has outsourced a professional GDPR audit company to make sure our client have peace of mind that their data is secure. Further guidance in relation to complying with the GDPR requirements can be found on the Information Commissioner’s Office (ICO) website – https://ico.org.uk/

0

Landlords should now be familiar with the prescribed legal requirements introduced by the Deregulation Act 2015 that must be provided before they are able to serve a Section 21 Notice. These are namely

– The requirement to provide the ‘How to Rent Guide’

-The requirement to provide an energy performance certificate (EPC) to a tenant free of charge;

-The requirement to provide a tenant with a gas safety record.

Landlords should be aware that the three-year transition period is due to end in October 2018 and therefore may affect tenancies granted before 1 October 2015.

Since the introduction of these requirements, there has been question’s about whether a failure to provide a gas safety certificate at the beginning of a tenancy can be rescued by a later certificate. Recent case law has held that it cannot (however there is debate whether this approach is a true reflection of the legal position, see here.

Therefore, it may be that if there is a failure to provide the gas safety record to any new tenant before that tenant occupies the property then this could be an absolute bar on serving a Section 21 Notice. In these circumstances, the landlord would need to rely on one of the grounds for serving a section 8 notice such as rent arrears.

The message to Landlords is clear, fail to comply with the prescribed requirements at your peril as it may leave you with no route to regain possession of your property unless the tenant has broken the terms of their agreement.

For further information, guidance or advice contact Ashley Byrne of The Law Practice Landlord and Tenant team on 0121 778 2371 or email ashley.byrne@lplawfirm.com

The purpose of this blog is to provide information and discussion. Nothing on this blog should be relied upon as a substitute for legal advice from a qualified solicitor regarding any actual legal issue or dispute. Nothing on this website should be construed as legal advice or perceived as creating a solicitor-client relationship. Please note that we cannot give advice on individual’s situations or problems on this blog.

0