GDPR Compliance Centre

The Biggest Risk for Landlords is GDPR not the Renters Rights Bill!

Jan 27, 2025

GDPR Compliance for Landlords: What You Need to Know (Before the ICO Comes Knocking)

As a landlord in England, you’ve probably been glued to the news about the Renters Rights Bill currently going through parliament. It’s got everyone in the rental sector talking, from tenants to property investors. But while the Renters Rights Bill is grabbing headlines, there’s another legal framework that landlords cannot afford to overlook: the General Data Protection Regulation (GDPR). Yes, GDPR isn’t just for tech companies and multinational corporations; it’s your responsibility too.

Before you roll your eyes and think, “Not another regulation!”, hear me out. GDPR is not just a box-ticking exercise. It’s a crucial framework for protecting your tenants’ personal data — and protecting you from fines issued by the Information Commissioner’s Office (ICO).

landlord tenant agreement


Why Should Landlords Care About GDPR?

Landlords handle a surprising amount of personal data. Think about it: names, addresses, phone numbers, bank details, employment information, and even sensitive data such as references or guarantor details. If you’re processing this information, you’re legally obligated to comply with GDPR.

Here’s the kicker: most landlords aren’t registered as fee payers with the ICO, which is a basic GDPR requirement. In other words, the majority of landlords are already on the wrong side of compliance. Oops.

If the ICO discovers a breach — and breaches can be as simple as storing tenant information insecurely or failing to inform tenants about how their data is used — you could face monetary penalties. Trust us, you’d rather spend that money sprucing up your rental property or paying your mortgage, than paying fines.

What Does GDPR Compliance Look Like for Landlords?

Don’t panic! Douglas Adams was right. GDPR compliance doesn’t have to be overwhelming. Here are the key steps every landlord should take:

Register with the ICO: If you process tenant data, you need to pay the data protection fee. This is a legal requirement, especially if you operate a HMO or manage the tenancy yourself.

Audit Your Data: What tenant information do you hold, and why? How long do you keep it? Make sure you’re only collecting what’s necessary and securely deleting data you no longer need.

Create a Privacy Notice: This is essentially a document that explains to your tenants what data you collect, why you collect it, how it’s stored, and if you share it. Transparency is key.

Secure Your Data: Whether you’re keeping tenant files on your laptop or in a filing cabinet, ensure they’re secure. Think strong passwords, encryption, and locked storage.

Handle Data Requests: Tenants have the right to access their data, request corrections, or ask for their data to be deleted. You need to be aware of these requests and be able to respond within one month.

Miniature house on dollars on table. Real estate sales, house sales in America

What Happens If You Don’t Comply?

Non-compliance isn’t a “slap-on-the-wrist” situation. The ICO has the authority to issue fines of up to £17.5 million! While landlords aren’t likely to face fines of that magnitude, penalties for smaller breaches can still sting.

And let’s not forget the reputational damage or claims for compensation. Imagine your tenants finding out their personal details weren’t handled securely, they might ask for a months tenancy rent free. Trust is hard to earn and easy to lose.

What Does This Mean for Landlords?

Landlords should take steps to ensure compliance with GDPR before the Renters' Rights Bill becomes law. This includes:

  1. Securing all tenant data.
  2. Exercising care when sharing tenant data with third-party service providers (gas engineer, plumber, electrician etc.)
  3. Providing tenants with a privacy notice detailing data usage.
  4. Ensuring all staff or family members are adequately trained on the law and good data protection practices.
person holding string lights

How Can We Help?

Feeling overwhelmed? Don't know what a Privacy Notice is? Don’t worry, we’ve got your back. At GDPR Compliance Centre, we specialise in helping landlords just like you navigate the complexities of GDPR, regardless of how many properties or tenants you look after.

Our services include:

ICO Registration Support: We’ll guide you through the process so you’re officially compliant.

Tailored Privacy Notices: No cookie-cutter templates here. We’ll craft a privacy notice specific to your landlord business.

Data Security Advice: Practical tips for securing tenant information, whether it’s digital or physical.

Ongoing Support: GDPR isn’t a one-and-done deal. We’re here to help you stay compliant year-round.

CCTV Advice & Support: If you have CCTV cameras protecting your property, these cameras are recording your tenants! We can help you protect your property, whilst respecting your tenants privacy.

For more information, check out our dedicated landlord page here.

Empowering Tenants with Their Rights

An essential aspect of the Renters' Rights Bill is the empowerment of tenants. Landlords must ensure tenants are aware of their rights under the GDPR, such as the right to access their personal data, request corrections, or object to processing. GDPR compliance protects you and your tenants. 

black and brown Dachshund standing in box

Final thoughts

The Renters Rights Bill might be the hot topic of the day, but GDPR is the silent regulator that’s here to stay. Ensuring your compliance is not only about avoiding fines; it’s about building trust with your tenants and safeguarding their information.

So, landlords, let’s make GDPR compliance a priority. Because the ICO won’t wait, and neither should you.

Need help? Contact GDPR Compliance Centre today and let us take the stress out of data protection.