Do Landlords Really Need To Register With The ICO?

5 Minute Read - Last Updated: February 2025

Introduction

The reason I am writing this blog is that there is still much confusion for landlords over the role played by the ICO in residential letting, as well as whether landlords even need to register with the ICO, especially landlords that use a managing agent to rent and manage their properties for them. Let's break it down below...

What Is The Information Commissioner's Office?

The Information Commissioners Office (ICO) is a UK regulatory body established to enforce the General Data Protection Regulation (GDPR). Since its enforcement in May 2018, many landlords have questioned if they need to register with the ICO, and there are still those who have never heard of it.

The ICO's website states it is, 'The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.'

Do I Have To Register?

In short, the answer is that most landlords should already be on the information commissioner's office register and paying a fee under current data protection laws, but many may think they are exempt as they do not see themselves as a business and therefore rely us their Letting Agents to hold this registration.

Those who are not registered but currently handling personal data must register with the The Information Commissioner's Office and pay the necessary fee in order to be compliant with the data protection legislation. As part of this process, you must supply the ICO with information such as your name, address, trading name, number of employees and turnover. Registration is quick and easy and helps ensure your organisation takes adequate steps to protect all personal data it holds or processes.

If you purely process data manually then you are exempt from registration, although this is unlikely to apply as most landlords will process data via their PC, mobile phones or tablets.

How Much Does It Cost To Register With The ICO?

The ICO registration fee very much depends on the size and turnover of the business in question.

Tier 1 (£40 per year): For sole landlords with a turnover below £632,000.

Tier 2 (£60 per year): For businesses with a turnover of up to £36 million.

Tier 3 (£2,900 per year): Large organisations (not relevant for most landlords).

Most landlords will fall under Tier 1 and only need to pay £40.00 per year.

What Happens If A Landlord Fails To Register With The ICO??

It's worth remembering that the ICO conducts random compliance checks, so it really is worth keeping everything above board, especially as on-compliance could result in a civil penalty of up to £4,350.00.

The ICO has, in the past, fined landlords who failed to register, but examples are rarely publicised. Fines are often issued if a tenant complains, or as part of wider GDPR investigations.

Latest Articles

Q & A

The Residential Landlord Association recently published a blog on this with some excellent landlord's questions and answers. I have picked out the relevant ones below:

Q. What if we have an agent managing the property and they handle all of the bits around tenant ID etc.

A. It will depend whether you personally hold any data. If you have any data that would identify the tenant(s) even if that is just a name, mobile number or email address and if you hold it electronically, or if it was originally shared electronically (ie: via email or mobile phone) then you need to register.

Q. What I’m unclear about is who and how is this act “policed”?

The ICO primarily leans towards conducts voluntary, consensual audits to assess and improve data protection practices within organisations. These audits are usually initiated through requests and focus on collaboration to enhance compliance. However, the ICO has the authority to perform compulsory audits if necessary. This enforcement is usually reserved for situations where significant data protection concerns exist, such as following a data breach, or in response to substantial non-compliance issues.

Q. I just got an email from my landlord with the GDPR stuff. The problem is he says the ICO fee was £100 (it’s a private landlord with only that property in the market) and wants me to pay for it. As far as I understand, this is a legal requirement for him as a landlord, not a service for me, so I understand I’m not responsible for the payment…is that right?

A. This is very poor behaviour and you do not have any obligation to pay this fee, as you say.

What Should Landlords Do Next?

Here are some Action Steps to guide you:

✅ Check whether you hold tenant data electronically.
✅ Visit the ICO website to confirm your registration status.
✅ Ensure you provide tenants with a privacy notice.

A privacy notice should inform your tenants how their personal data will be collected, used, and stored, and should be provided at the start of the tenancy.

CALL TO ACTION:

The ICO has a very useful self-assessment tool that landlords can use to check if they need to register.

Conclusion

It would be safe to say that in the majority of cases landlords should register with the ICO. If you hold any data electronically that would identify the tenant name, mobile number or email address, or if it was originally shared electronically (ie: via email or mobile phone) then the landlord must register.

If, on the other hand, you purely process data manually then you are exempt from registration.

However, the ICO specifies that very few landlords will qualify for exemption. Manual processing means no emails, no spreadsheets, no digital record-keeping. If a landlord uses a computer or phone for tenant records, they must register.

Dedicated to Lettings

If you have a property to let, or would simply like to chat with an expert about the state of the Leeds letting market then get in contact.

Joy Gray, Property Development Manager