A (property) dummy’s guide to GDPR

By now, most people reading this will have heard of GDPR and probably be bored about hearing about it, writes Dan Hughes, founder of proptech consultancy Alpha Property Insight. Data, which we all now realise the importance and value of, is a huge topic. And one that can be dry and often confusing, so the last thing anyone needs right now is a new acronym about data regulation. I have been set the challenge of explaining GDPR and convincing you of its importance in the next few hundred words. Here goes. GDPR stands for general data protection regulation. It is EU based and comes into force tomorrow. Broadly speaking, it is intended to protect you as a person by giving you more say over what data connected to you is collected and what can be done with it. No doubt you will have been receiving countless emails from companies in the past few weeks asking if you can re-register your details or confirm you’re happy for your data to be kept. It has been interesting to realise quite how many people have data about me and it has given me the opportunity of requesting that they no longer hold it. What about business? So  GDPR is great for us as individuals, but what does it mean for us in business? You may have personal data relating to staff or clients, you might hold data that you didn’t know you had or that is collected from a building that you manage. A number of principles and guidelines are set out in GDPR, which means you need to know exactly what data you have and what you have permission to use. How easy this is for you as a company will depend on how well you have managed your data in the past. And not being on top of that data management could have massive consequences. Failure to comply with GDPR could result in fines that in the worst cases could be as much as €20m (£17.5m) or 4% of your firm’s global revenue, whichever of the two figures is greater. But potentially crippling fines and data management headaches aside, there are some real benefits of GDPR. For one, it is a great starting point for you to look at your overall data strategy. Do you really know what you have and why? Knowing this and having a good strategy to manage the data that you do keep is going to become increasingly more important to the future of any successful property company. Maintaining trust It is also a great way of helping you to maintain the trust of your clients. The negative impact that having and using data that people didn’t know about is well documented with some recent high-profile case studies. GDPR can help a company to maintain trust with their clients and staff as well as providing the basis of a wider data strategy. So, if we agree that it is important and has real benefits, the next question is, what should I do about it? In the short term, it is important to make sure that your company is engaged with GDPR and thinking about what it means for you. Depending on your circumstances, this may mean the need to bring in consultants or recruit in house specialists, but this is by no means always the case. There are some great free resources around, the ICO website (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/) is a good place to start and includes a “12 steps to take now” guide and a self-assessment tool kit. Whatever you do about GDPR, whether taking small steps to reduce your risk or using it to kick-start the development of a comprehensive data strategy within your firm, the one thing you have to do about it is take notice. Check back at EGi tomorrow for everything you need to know about GDPR in one handy place.