By Caroline McCarthy

An introduction to GDPR

May 25th 2017 marked the one year countdown to the General Data Protection Regulation deadline in 2018.

What is the GDPR?

GDPR is shorthand for the new European General Data protection regulations.

Any organisation which handles EU citizen’s personal data or does any marketing by email or phone needs to be ready to comply by 25th May 2018.

In Ireland the main law dealing with data protection legislation is the Data Protection Act 1988, which was amended by the Data Protection (Amendment) Act 2003. These will both be replaced by the GDPR.

Why should my business or any business comply?

To not be prepared could be a costly error. In August 2016, Flybe sent emails with the subject line, "Are your details correct?" to over 3 million people in their database - including people who had previously unsubscribed. Flybe were fined £70,000 for breaking the Privacy and Electronic Communication Regulations (PECR).

The GDPR now gives data protection authorities more robust powers to penalise companies if the way in which they store and share your personal information, including the ability to fine companies of up to €20,000,000 (or 4% of total annual global turnover, whichever is greater) for serious infringements.

If you think it’s just the GDPR that can report you think again.

The individuals you are contacting using their information, can also report you. The GDPR also makes it considerably easier for individuals to bring private claims when their data privacy has been infringed, and they can sue for compensation in serious cases.

Why do estate agents and property developers have to prepare?

Knowing your role in the how data is handled on any and all of your properties - residential and commercial - process is vital.

Answer our questions to know your businesses role in GDPR compliance and the handling of your contacts data:

  • Are your contacts aware that their data is being processed and stored? They are officially known as the Data Subjects - they are who the GDPR is protecting.
  • Do you handle personal information from online transactions like address and credit card information and names?
  • Do you capture emails and IP information?

If you answer yes to any of the above, then you are a Data Controller.

Are you outsourcing?

The new regulation also applies to any personal data of EU citizens which is stored outside the EU. If you outsource the handling of EU citizens personal data, is the provider you use based in the EU? For example your Email Service Provider or Cloud Storage Service.

Then this company is your Data Processor and you are the Data Controller - both must work together to comply with the GDPR regulations.

Data Processors should be thinking about:

  • Reviewing their existing contracts with data controllers
  • Reviewing their use of subcontractors
  • Reviewing their data export arrangements
  • Whether they need to or should appoint a Data Protection Officer
  • Reviewing their data security
  • Setting up compliance accountability procedures
  • Conducting risk assessments to ascertain what form appropriate and organisational technical measures will take

The most important thing when complying with the GDPR

  • Be Transparent
  • Be Open
  • Be Fair

For example as the processor of Registrations of Interest for a new housing development, you must now allow your contacts the option to Opt in and Opt-Out, explain what marketing efforts their data will be involved in and allow them to access and delete their own data.

The first step in compliance is KNOWING

  1. What data you have?
  2. Why you have it?
  3. What you do with it?

This is the first of several articles and guides we have planned on the GDPR - so stay tuned or subscribe to our emails to read more about what you can do to prepare.

About us

Red Man Media are a full-service digital marketing and creative content marketing agency backed up with pro-active account management and agency services

Here to help

Red man Media want to make your life easier. We are digital marketing specialists and aim to improve your marketing campaigns through creative content targeted digital campaigns and in depth real time reports.

Let’s talk

If you'd like to see how we can help you and your business, please contact us at hello@redmanmedia.ie or call us direct on 01 524 0084 and one of our consultants will provide further assistance.

Don’t forget to follow Red Man on Twitter @red_man_media and on Facebook!

The GDPR now gives data protection authorities more robust powers to penalise companies if the way in which they store and share your personal information, including the ability to fine companies of up to €20,000,000 (or 4% of total annual global turnover, whichever is greater) for serious infringements.




Red Man Media


4 Adelaide Street,

Dún Laoghaire,

Co. Dublin

Ireland.