New Data Protection Complaint Rules – What Landlords Need to Know from 19th June
- easternlandlords
- 10 hours ago
- 3 min read
From 19th June 2026, there is an important change to UK data protection law that every landlord needs to be aware of.
While this might sound like something aimed at big companies, it fully applies to landlords too even if you only have one property.
Don’t worry though compliance doesn’t need to be complicated. This guide breaks it down in plain English.
What’s actually changing in the New Data Protection Complaint Rules?
New rules introduced under the Data (Use and Access) Act 2025 mean:
People now have a legal right to complain directly to you about how you handle their personal data
You must have a clear process for handling those complaints
You must acknowledge complaints within 30 days and respond without undue delay
This applies to all organisations handling personal data with no exemptions.
Why this matters for landlords
As a landlord, you regularly handle personal data, including:
Tenant names and contact details
ID documents (passports, Right to Rent checks)
Bank details and rent records
Referencing and credit checks
Email and communication history
That makes you a “data controller” under the law which means these rules apply to you.
Who can complain?
It’s not just tenants.
Anyone whose data you hold can complain, including:
Current tenants
Former tenants
Applicants
Guarantors
Even contractors in some cases
The rule is simple: If you hold someone’s personal data they have the right to complain.
What counts as a complaint for the New Data Protection Complaint Rules?
This is where landlords often get caught out.
A complaint doesn’t have to say:
“This is a data protection complaint”
It could be something like:
“Why are you still holding my passport?”
“You gave my number to a contractor”
“You didn’t respond to my data request”
If it relates to personal data, it counts as a complaint even if it’s informal.
What you MUST do (from 19th June 2026)
To comply, landlords need to:
1. Provide a way to complain
You must give people a clear method to raise concerns (e.g. email or contact form).
2. Acknowledge complaints
You must confirm receipt within 30 days.
3. Investigate
You need to check:
what data you hold
what happened
whether anything went wrong
4. Respond properly
You must:
explain your findings
confirm any action taken
do this without unnecessary delay
What “compliance” looks like in practice
Here’s the good news:
You do NOT need a complex system
You do NOT need specialist software
For most landlords, compliance simply means:
A dedicated email address (e.g. dataprotection@…)
A short complaints section on your website
A simple internal process (even just written in a document)
A basic log of complaints
That’s it.
Common risk areas for landlords
Based on typical issues, complaints are most likely to arise from:
Sharing tenant details with contractors
Holding ID documents longer than necessary
Poor or slow responses to data requests
CCTV in communal areas
Referencing or credit checks
These are all routine landlord activities just now under more scrutiny.
What about letting agents?
Using a letting agent does not remove your responsibility.
In many cases:
You are still the data controller
The agent is acting on your behalf
So you must still ensure complaints are handled properly.
What landlords should do now
Before June 2026, we recommend:
Add a data protection complaints section to your website
Set up a clear email contact point
Write a simple process for handling complaints
Keep a record of any complaints received
Make sure you understand what a complaint looks like
Final thought
This change isn’t about creating more paperwork it’s about:
Being transparent
Responding properly
Showing you take people’s data seriously
Handled well, it can actually reduce complaints escalating to regulators and improve trust with tenants.
Need help?
As always with New Data Protection Complaint Rules, ELA is here to support members. If you need guidance, or want to make sure you’re compliant get in touch.