What is GDPR?
The General Data Protection Regulation is a new EU regulation coming into force on the 25th of May 2018. GDPR will govern how organisations handle and protect consumers’ personal data.
To put things simply, organisations will need to keep records of personal data, be able to prove that consent was given, show where the data’s going, what it’s being used for, and how it’s being protected.
Under the new GDPR regulation, fines for non-compliance now accompany these customer rights.
Why is GDPR Important?
GDPR builds on existing data protection law, strengthening the rules around customers’ consent, and giving customers the right to withdraw consent whenever they like.
Customers already have the right to see what personal data organisations hold on them. They can make what’s called a “subject access request” for free and they can then demand that personal data be rectified or deleted under the “right to be forgotten”. Under the new GDPR regulation, fines for non-compliance now accompany these customer rights.
What will change?
Currently, Letting & Estate Agency partners are able to collect customers data as part of their legitimate business interests. This data is often passed on to call centres without customers consenting.
Post GDPR, Letting & Estate Agency’s will still be able to collect customers data as part of their legitimate business interest but they will have to seek and document that they have consent from customers to share this data to third parties.
This might seem scary… but Letting & Estate Agent partners using Homeshift don’t need to worry. We have automated the consent and GDPR compliance process for you so that you are never at risk — more on this below.
We have built GDPR compliance and customer consent into Homeshift by design.
What has Homeshift done about GDPR?
We’ve been busy improving our technology and updating our systems and processes to make sure GDPR doesn’t disrupt our customers or partners experience.
We have built GDPR compliance and customer consent into Homeshift by design. This means that both our customers and partners can continue using Homeshift as normal without any disruption or the need to change their processes.
Importantly, both our technology and company is properly organised to follow the principles of the General Data Protection Regulation. We have a designated Data Protection Officer, and accountability and privacy are principles that are designed into both our software and policies.
Our core compliance with the act means we:
- Have full awareness of where any customer data is being held & when outside the EU, ensuring appropriate compliance is in place.
- Ensure that only those who require access to customer data are able to & we have the highest level of protection against unauthorised access.
- Ensure you have the right to view, amend, export or delete any information that we hold on customers, including anything held by 3rd party services.
- Ensure that consent is given during the sign up process for all that use Homeshift and allowing customers to withdraw this at anytime.
We’re always happy to answer questions from customers and partners and our Data Protection Officer is on hand should you have any concerns or issues.
Get in touch by sending an email to firstname.lastname@example.org