GDPR for estate and letting agents explained
Your data is one of your biggest assets and it’s only right that you tap into it.
However, the more we use data, the more important data security becomes. The UK has some of the strictest data protection rules in the world including GDPR. And it’s still part of UK law – even after Brexit.
With phishing attacks on the rise and strict penalties for non-compliance, cyber security and data protection matters. Here are our best-practice guidelines to keep your customers and agency safe and secure.
1. Understand what GDPR means for estate agents
The General Data Protection Regulation (GDPR) means that all your customers’ personal data must be processed lawfully, transparently and for a specific purpose. In most cases for estate agents, lawful processing means consent must be given.
GDPR applies to both ‘controllers’ (eg a software provider) and ‘processors’ (eg an estate agent) of data. Under the regulations, you must keep a record of how and when a customer gave consent to hold their personal data. The customer may withdraw consent at any time.
GDPR also includes the requirement to document the name of your organisation, any other relevant controllers, as well as your own data protection officer or nominated representative. The reason for processing data, a description of the categories (of individuals and of personal data types), details of data recipients and how long you intend to store the data should also be recorded.
Any or all of these records should be provided to the Information Commissioner’s Office (ICO) in case of investigation.
2. Make sure you’ve informed customers what information you have on them
Under GDPR, customers have the right to be informed about the collection and use of their personal data. Information such as why you are processing their data, how long you intend to keep it and who it will be shared with should be communicated at the point you collect the data. This is called ‘privacy information’.
The ICO says that privacy information should be concise, transparent, intelligible, easily accessible, and it must use clear and plain language.
3. Learn how to store and manage data
Developing a system to store and manage data will not just enable you to achieve compliance with GDPR, it will drive benefits for your business too. Effective data is critical to build a successful marketing strategy – but that data is useless if it hasn’t been collected, stored and managed in line with GDPR requirements.
To support you in getting the most from your data, Alto experts have identified five key takeaways that will help you collect, store, manage and use your data more securely and effectively:
- Reinforce the importance of data collection to your teams
- Think about how you’ll use and store data, in line with GDPR requirements
- Build in processes to regularly check the accuracy of your data
- Make the most of external data, such as house price indices
- Use data to shape your marketing activity, including social media
4. Understand the relationship between tech tools and GDPR
Technology is becoming increasingly important to estate agents with digital platforms streamlining processes and transforming operations across every aspect of a property business. This includes technology-led marketing tools, giving agents the power to reach their customers more effectively with tailored messages and automated workflows.
As estate agents rely more and more heavily on technology-led marketing tools to reach more customers, it’s vital you understand your responsibility as the data controller.
With Alto’s built-in compliance functionality, you can easily keep on top of your contacts’ consent preferences. Meaning it’s one less thing for you to worry about.
5. Take cyber security seriously
Customer data isn’t the only consideration when it comes to data security. One-third of businesses in the UK have been the victim of a cyber security breach or attack according to the Government’s latest survey and phishing attacks were the most common threat. It remains vitally important that businesses are taking steps to protect their cyber security.
To help combat this growing threat, we’ve upgraded Alto’s security. Making sure that your data is even safer and more secure than before.
Our industry-leading security features include new artificial intelligence tools that can detect a potentially harmful login and stop potential security breaches.
To find out more ways Alto can help minimise your business risks, book a demo.