Question 1

What GDPR obligations do property management companies in Cork have?

Accepted Answer

Property Management Companies in Cork must appoint a data controller, maintain records of processing activities, implement appropriate security measures, provide privacy notices to customers, and respond to data subject access requests within one month under the Data Protection Act 2018.

Question 2

Can the DPC fine a property management company in Cork?

Accepted Answer

Yes. The Data Protection Commission can fine any business in Cork, including property management companies, up to €20 million or 4% of global annual turnover for serious GDPR breaches. Even smaller infringements can result in fines up to €10 million.

Question 3

Do I need a Data Protection Officer for my property management company in Cork?

Accepted Answer

Not all businesses need a formal DPO, but if your property management company processes personal data on a large scale or handles special category data (like health information), you may be required to appoint one under GDPR Article 37. Even if not mandatory, having someone responsible for data protection in your Cork business is best practice.

Question 4

How do I handle a data breach at my property management company in Cork?

Accepted Answer

You must notify the DPC within 72 hours of becoming aware of a personal data breach that poses a risk to individuals. You should also notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms. Cork's dense concentration of pharma and tech multinationals processing health data and personal data at scale makes it one of the most GDPR-intensive counties outside Dublin, with Apple's European HQ drawing particular DPC attention.

Question 5

What privacy policy does a property management company in Cork need?

Accepted Answer

Your property management company needs a clear, plain-language privacy policy that explains what data you collect, why you collect it, how long you keep it, who you share it with, and what rights customers have under GDPR. This must be easily accessible to all customers and staff in your Cork premises.

Question 6

What GDPR obligations do property management companies in Ireland have in Cork?

Accepted Answer

Property management companies typically act as data processors on behalf of the owners' management company (the data controller). However, where you determine the means and purposes of processing, you may be a controller in your own right. Either way, you must have data processing agreements in place, implement appropriate security, and ensure GDPR compliance across all developments you manage.

Question 7

Can residents request CCTV footage from a property management company in Cork?

Accepted Answer

Yes. Under GDPR Article 15, residents can request access to CCTV footage in which they appear. You must respond within one month. You must redact or blur other individuals in the footage before providing it, to protect their privacy. Have a process in place for handling these requests efficiently.

Question 8

Do property management companies need CCTV policies for each development in Cork?

Accepted Answer

Yes. Each development with CCTV needs clear signage at all entrances, a documented lawful basis for the recording, a retention policy (the DPC recommends a maximum of 30 days), and restricted access to footage. The policy should be consistent across all developments you manage, adapted for the specific circumstances of each site.

Question 9

Can service charge arrears be disclosed in AGM minutes in Cork?

Accepted Answer

You should avoid naming individual unit owners in connection with arrears in circulated AGM minutes. While the management company has a legitimate interest in reporting on arrears, disclosing specific unit numbers or owner names in a document circulated to all owners is likely disproportionate. Report arrears in aggregate or anonymised form.

Question 10

How long should property management companies keep resident data in Cork?

Accepted Answer

Retain data only as long as necessary. Service charge records should be kept for the statutory period required for financial records (6 years under Revenue rules). CCTV should be retained for a maximum of 30 days. Access control logs should have a defined retention period proportionate to their purpose. Delete data for former residents within 12 months of their departure.

GDPR Compliance for Property Management Companies
in Cork

Why This Matters for Property Management Companies in Cork

Do property management companies in Cork need GDPR compliance?

Key GDPR Risks for Property Management Companies

Personal Data Your Property Management Company Processes

Find out your GDPR score in 2 minutes

Required GDPR Policies & Documents

GDPR Compliance Steps for Property Management Companies

Common GDPR Mistakes Property Management Companies Make

Frequently asked questions

Don't wait for the DPC to come knocking

GDPR Compliance for Property Management Companies in Cork