5 GDPR tips for real estate brokers
As you know, the GDPR law has been in effect since May 25th of 2018. Brokers, among others, have had to make changes to their operating processes to comply with the regulations. That hasn’t been successful for every estate agency, and meeting the requirements of the GDPR legislation can be time-consuming and costly. Do not underestimate the GDPR and it’s best to jump into action as quickly as possible. In this blog post, we offer real estate agents 5 excellent tips to GDPR-proof their organisation.
Tip 1: Create awareness within your organisation
Ensure that the GDPR is top of mind within the organisation. Have you brought your employees up to speed on the GDPR legislation? Don’t lose any time in outlining the directives and procedures involved in the GDPR so you can steer clear of avoidable mistakes and prevent substantial fines. If everyone within the organisation is aware of the legislation, the odds of causing an error is much lower.
Tip 2: Privacy by Default
The broker must respect their clients’ right to privacy. In line with Privacy by Default, it is not permitted to approach any individual with advertisements or offers without that person’s express permission. This agreement must cover when — and for which purpose — the permission was granted. Ensure that you properly apply the Privacy by Default regulation within your organisation in order to avoid sanctions.
Tip 3: Conduct a Privacy Impact Assesment (PIA)
A Privacy Impact Assesment (PIA) is an instrument for measuring how information is processed, who is involved, and what the risks are. This instrument can be used in the early stages to eliminate risks. Brokers, beware: the PIA is mandatory for processes that carry a high risk, like processing sensitive personal information.
Tip 4: Comply with mandatory reporting
The mandatory reporting of data leaks requires that organisations immediately notify the Dutch Data Protection Authority (DPA) as soon as a breach is detected. That way, the damage can be limited. We advise creating a data leak registry containing all (possible) data leaks. Based on that register, you can then create a step-by-step plan to lower the risks and secure the organisation as much as possible. At the same time, you’ll be complying with GDPR requirements.
Tip 5: Identify clients
In an article featured by nu.nl, it was made painfully clear that there are still estate agents who don’t safely store and process personal information, which resulted in a data leak. The Anti-Money Laundering and Anti-Terrorist Financing Act has actually made it compulsory for real estate brokers to identify their clients. Certain solutions have been created in order to do so safely.
DataChecker offers solutions to identify clients by checking the authenticity of ID documents. That allows you, as a broker, to verify a client’s identity in just a few steps, all while remaining compliant with GDPR rules.