Hi all
Thanks for all your input, much appreciated. I always feel a bit better when it is clear from the wider DP community that there isn't always a clear answer to one of my conundrums!
I had read the ICO guidance on Mergers and Acquisitions in the data sharing COP but did find it very woolly and not helpful with sensitive data legitimising conditions.
Phil - just a small thing, what does OP stand for? I'm having a dim moment, sorry!
Thanks again.
With kind regards
Kate
________________________________________________________________
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Kate Glanville
Sent: 20 September 2016 14:50
To: [log in to unmask]
Subject: [data-protection] Acquisitions and Sharing Data
Hi all
I work for a housing association (HA) and we are in the process of buying a large number of properties (complete with sitting tenants) from another HA.
I am in the process of writing a data sharing agreement for use in the final weeks leading up to the completion of sale. It is during this period that we wish to receive information from the other HA on all aspects of housing management so that we can set up properties and tenants on our systems, set up rent accounts, take details of all outstanding ASB issues etc so some of this information is likely to be sensitive.
The tenants have been consulted by their HA and are being kept in the loop on what is happening and when. However, I would argue that explicit consent (Schedule 3) is unlikely to have been received as tenants do not have the option of their property not being bought by us. We will not be doing anything different with their data but they do not have a choice to not transfer across to us.
I'm looking at the legal framework to share the data and under Schedule 2, I'm aware I can use the legitimate interests condition however from Schedule 3 I'm unsure as to which condition to use as we won't have explicit freely given consent. I'm assuming that the condition to use would be "Processing is necessary for the exercise of any functions conferred by enactment" as there is probably another Act that would allow this sharing when going through an acquisition such as this. Anyone come across this before and knows what Act that could be or am I barking up the wrong tree? The Data Sharing COP on this is a bit woolly (not that I'm expecting the ICO to know which Act).
Any help would be gratefully received.
Kind Regards
Kate
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This email and any attached files are confidential, and intended only for who they are addressed to. If you have received this email in error, please let us know ([log in to unmask] +44 1392 252 566).
DCH is the trading name used by the following companies in our group all of which are registered in England and Wales: Devon and Cornwall Housing Limited, a charitable registered society, number 7096; Westco Properties Limited, company number 2677745; Independent Futures CIC, a not-for-profit limited company number 7188858; and Devon and Cornwall Leasehold Solutions Limited, company number 10110021 The registered office for the companies is 72 Paris Street, Exeter EX1 2JZ. To find out more about our work, please go to www.dchgroup.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|