It’s rather more nuanced than that. For marketing type data sharing, you need to ‘opt in’ but for other types of data sharing there may be other bases for doing it other than ‘consent’, such as ‘legal obligation’ (eg, a statutory duty, court order, police warrant, etc), or ‘legitimate interests’ for normal, justifiable business purposes. They’ll need to share info for, as Tony says, things like credit checks and other due diligence. You can’t opt out of them. It’s generally not considered good practice to use defaults to opt-in and default opt-out is preferred, where consent is the basis for the processing.Just filling in a housing licensing form for a rental property and it states that unless I expressly email them separately to request them not to they will share my details with third parties… I thought this was not accepted practice any longer. Am I wrong?
All true, but in this case there was an opt-out (by e-mail!) which strongly points to that it's not actually mandatory for them to have the data.It’s rather more nuanced than that. For marketing type data sharing, you need to ‘opt in’ but for other types of data sharing there may be other bases for doing it other than ‘consent’, such as ‘legal obligation’ (eg, a statutory duty, court order, police warrant, etc), or ‘legitimate interests’ for normal, justifiable business purposes. They’ll need to share info for, as Tony says, things like credit checks and other due diligence. You can’t opt out of them. It’s generally not considered good practice to use defaults to opt-in and default opt-out is preferred, where consent is the basis for the processing.
Yes, we now have ‘U.K. GDPR’ which is to all intents and purposes GDPR but with minor changes to wording here and there. New domestic UK data protection legislation is currently going through Parliament and the legislation is expected to come into force later this year. It will still align quite well with EU GDPR, so as not to upset the data sharing applecart.Yes, that's the bones of it. Sharing for necessary purposes are permitted, but it should be explained to you on the form that signing will cause that sharing to happen. All secondary use (analysis, cutomer research, co-marketing with other businesses, etc.) needs an explicit opt-in.
When they say "sharing with third parties" without the purpose (like "we will provide your details to a credit reference agency for the purposes of risk assesment") it's definitely a non-essential use.
As far as I know, the GDPR rules are still in force in the UK through national legislation. Leaving the EU will have no effect on these rights until that UK legislation is repealed or changed.
It explicitly says 'for marketing purposes'... pretty sure they're in breach of GDPR, but I know it's nuanced so thanks all for the above.All true, but in this case there was an opt-out (by e-mail!) which strongly points to that it's not actually mandatory for them to have the data.
Completely agree, but in this it's actually a borough council form.Letting agents and their respective partners are well known to reciev3 commission from 3rd partys for tenant data. It's an optimal time to sell you broadband, TV, Energy taffifs, insurances etc. As marked for marketing purposes they are breaching the rules by behaving as they are. If challenged they will claim you opted in until such time you sent, they received and they acted upon your opt out mail. I imagine the data sharing with other 3rd party's would happen immediately so very quickly your data is out there. Not good at all.