Data Protection Policy
1. The Data Protection Act 1998
Central Properties will need to obtain personal information about its tenants, guarantors and any other relevant and connected persons. We obtain this information so that we can carry out our business to a high professional standard and comply with legal obligations. We are required by the Data Protection Act 1998 to ensure that we do so in the correct manner.
2. Data Controller
Central Properties is the primary data controller for collecting our client data and we have registered with the Information Commissioner in order to comply with the Data Protection Act 1998 about the data we hold or are likely to hold and the general purposes that the data will be used for.
Central Properties may share data with other agencies. We will also share data with co-tenants, other guarantors and any other relevant and connected persons where necessary.
4. Data collection
When collecting data from tenants or guarantors, whether collected in person, or by completing a form, Central Properties will ensure that the Tenant/Guarantor:
a. Clearly understand why the information is needed and how it will be used
b. As far as reasonably possible, grants consent, either written or verbal for data to be processed
c. Is, as far as reasonably practicable, competent enough to give consent and has given so freely without any duress
5. Data Storage
a. Information and records relating to tenants, guarantors and any other relevant and connected persons will be stored securely and will only be accessible to authorised staff.
b. All paper documents received are stored in locked filing cabinets at our office.
c. Any information received by email or digital media is not stored on the main frame computers.
d. Employees will ensure that paper and print outs are not left anywhere that unauthorised people will see them.
e. When data is saved electronically, it will be protected from unauthorised access, accidental deletion and hacking attempts.
f. All electronic data is saved on removable media which is securely locked away when it is not being used.
g. Data print outs are shredded and disposed of securely.
h. All electronic data will be protected by strong computer passwords, and up to date anti-virus and fire wall protection.
i. All electronic data held is non-recoverable from any computer system.
j. All electronic data that is deleted is deleted either by physical destruction or using a secure deletion software.
k. As an additional security measure, Central Properties has an intruder alarm and close circuit cameras at our office premises.
l. Information will be stored for only as long as it is needed or required by statute and will thereafter be disposed of appropriately.
6. Data access and accuracy
a. All tenants, guarantors and any other relevant and connected persons have the right to access the information Central Properties holds about them. However, where copies have already been given to tenants, guarantors and any other relevant and connected persons, additional copies shall be chargeable.
b. Central Properties will also take reasonable steps ensure that data is kept up to date by asking tenants, guarantors and any other relevant and connected persons whether there have been any changes.
c. In addition, Central Properties will ensure that:
- It has a Data Protection Officer with specific responsibilities for ensuring compliance with Data Protection.
- Everyone processing personal information understands that they are contractually responsible for following good data protection practice.
- Everyone processing personal information is appropriately trained to do so.
- Everyone processing personal information is appropriately supervised.
- It deals promptly and courteously with any enquiries about handling personal information
This policy will be updated as necessary to reflect best practice in data management, security and control and to ensure compliance with any changes or amendments made to the Data Protection Act 1998.