Privacy Notice

Privacy Notice - Member

Who we are

In these Terms, ‘Group’, ‘We’, ‘Us’ and ‘Our’ mean the National Residential Landlords Association group (the NRLA), a membership organisation which represents and supports private residential landlords in the UK.   It comprises four companies:

  • National Residential Landlords Association (12187275) a not-for-profit company limited by guarantee;
  • LPTE Limited (12249799) a share company which is a wholly owned subsidiary of the NRLA;
  • NLA 2019 Limited (04601987); and,
  • RLA 2019 Limited (02869179).

The NRLA is acting as the data controller and determines the purposes for which, and the way in which, your personal data is processed. In this Privacy Notice, ‘our website’ means the website at We are committed to protecting your privacy and aim to be clear when we collect your information and use it only as you would reasonably expect.

You can contact us: by email at; by telephone on 0300 131 6400; or, by writing to us at the registered office at 212 Washway Road, Manchester, England M33 6RN.


This privacy notice sets out the relationship between the NRLA and you as a current, former, associate or prospective member (‘you’, ‘your’). It tells you how and why we collect information about you, how it is used and stored and who it is shared with. We are open with you about what information we hold and what we do with it. We act according to the law to protect your rights and ensure the security of the data we hold about you. This Privacy Notice sets out the information we are obliged to give you under the General Data Protection Regulation (GDPR).

A key role of the NRLA is to provide information about developments affecting the private rented sector as well as information and training for landlords, including courses which are relevant to private landlords. We therefore collect, process and store personal data both to help us promote the interests of landlords to educate them, keep them up to date, and to provide products and services, as well as administering NRLA memberships.

We are careful when selecting the persons with whom we share data. We do not share data with third parties except with your consent or where we tell you that this will happen. Data is shared across the NRLA between the companies within the group.

The information we hold about you

We collect and handle the following information about you:

  • Your identity and contact details (including joining data for members). This includes title, name, date of birth, address, email address and other contact information.
  • Personal and background details. This is information you provide to us (if you wish) about your property business and holdings.
  • Membership details (where applicable), including membership type, date of joining, duration of membership, payment information and history, referral information and accreditation information.
  • Information about your property portfolio, tenants and tenancies.
  • Bank and direct debit details.
  • Products and services supplied/enquired about, including from third parties.
  • Training courses and other events enquired about or attended.
  • Website visits, including technical information such as how you accessed the site, how you engaged with us during the visit, etc.
  • Communications between us, including emails and audio recordings of calls made to and from us.
  • Any complaints you make to us.
  • Research and material gathered in connection with our campaigning activities (including research connected with our campaigning activities and market research relating to products and services and benefits).
  • Associate information about people who are linked to your membership account.
  • Information you provide us about your current, prospective and ex-tenants and residents which we process on your behalf and that is subject to a separate privacy agreement between them and you and a data sharing agreement between you and us.
  • Certain and specific Special Category Data – See Section 7

How we collect personal information

  • We collect personal information from you directly through our website, over the phone, through surveys and sometimes with paper forms.
  • Local Authorities, third-party intermediaries and our representatives may provide us with your personal information when they register you for membership with us.
  • We may collect information about the software on your computer or device (your browser version etc.) and your IP address (your connection with the internet) to improve your interaction with our website and for our records. This may happen automatically without you being aware of it.
  • We may use cookies (small text files which we and other website operators store on your computer or device when you visit our website) to deliver a better and more personalised interaction. You can set your browser to reject our cookies if you wish (you should consult your browser help section for details); this might restrict your use of our website and other websites. For more information about cookies, please see our cookie policy.

How we use your personal information

We will not use your personal information unless we have first told you how we will use it, or it is obvious how we will use it. As a membership organisation, we need your personal information for:

Managing your membership

  • Processing membership or guest membership applications.
  • Membership administration, including payment processing, renewals, providing event information, delivery of continuous professional development and accreditation, campaigning and keeping a record of our relationship with you.
  • Keeping a record of individuals and/or organisations whose membership may have been suspended or terminated by us or cancelled or lapsed by you; including name, address, email address, telephone number, dates of membership status change.
  • Managing the personal information of your associate members or delegates.
  • Membership benefit administration by post, telephone and electronic means.
  • Evidencing you are a member of the NRLA and an accredited landlord (with your consent).
  • Providing additional member benefits, e.g., tax investigation insurance provided automatically as part of our membership offer.

Communicating with you

  • Keeping a record if you have opted-out of receiving marketing emails.
  • Delivering our member magazine and other relevant communications.
  • Targeting display advertising to users that have previously visited our website and shown interest in our products and services.

Lobbying on our members’ behalf

  • Representation of the whole membership, a workplace, group or individual.
  • Carrying out our own surveys and forwarding surveys and consultations run by other organisations with whom we collaborate or are funding.

Managing your use of our or our partners’ services

  • Keeping a record of individuals and or organisations who have booked or registered to attend an NRLA conference, event, meeting or course and administering their attendance at these. This includes members and non-members of the organisation.
  • Providing services and/or fulfilling orders for products.
  • Event applications, registrations, administration and informing people about our events.
  • Facilitating the registration process, discounts and/or cashback with our partners where we have introduced you to their products & services offered via their website.
  • Receiving information about you from a third party. In some instances, where you request a product or service or a membership benefit via one of our selected providers, the provider will inform us of this request. This enables us to monitor take-up and the usefulness of products, services and benefits and for accounting purposes.
  • Carrying out credit checks on your behalf.

Monitoring usage

  • Understanding your use of our website so we can improve its function, including details of your visits to our website; this might include traffic data, location data, weblogs and other data (whether this is required for our own billing purposes or otherwise) and the resources that you access.
  • Monitoring use of, and satisfaction with, the website, member benefits, services and communications.

General business administration

  • Elections and appointments of directors and committees.
  • Administering General Meetings required by our Articles of Association
  • Recording information about visitors attending our meetings or premises.

Our legal basis for processing personal information

The purposes for which we process personal information are: the performance of our contract with you to provide information and membership services; facilitation of bookings; for our legitimate interests in informing members of the activities of the NRLA or news in the sector we serve; and, via your consent, to provide you with targeted offers and marketing from us or our partners. We process personal information to define customer types and serve relevant messaging to users who could be interested in our products and services.

The law allows us to collect and use personal data if it is necessary for our legitimate business interest and so long as its use is fair, balanced and does not unduly impact your rights. In many situations, the best approach is to process personal data because of our contract with you and our legitimate interests as a trade association, rather than through consent. However, we will ask for your consent to send you marketing emails and text messages. You can withdraw consent for this at any time. In certain instances, we are required by law to process personal data.  This includes doing so when arranging and conducting a general meeting of members.

In extreme situations, we may share your personal details with the emergency services if we believe it is in your ‘vital interests’ to do so; e.g. if someone is taken ill during one of our events. We may also share your personal information where we are compelled by law to do so.

Special Category Data

Special category data (also known as sensitive personal data) is data which requires higher levels of protection. We need to have further justification for collecting and handling this kind of personal information. Special category data includes:

  • Personal data relating to political opinions/philosophical beliefs. Political opinions include views on how government should operate and what policies should be pursued by government, Parliament etc. This will include policies relating to landlords in the private rented sector. It does not just include party political opinions. We do not collect personal data regarding party politics and which political party or parties you support.
  • Personal information about health and disability; race and ethnicity; sexual orientation; and, religious beliefs.

We rely on additional legal gateways allowing the processing of special category data as follows:

  • In limited circumstances with your explicit consent.
  • In our own legitimate interests as a not-for-profit organisation with a political aim. In this case, data can only relate to members (or former members) or those associated with the NRLA through regular contact, such as guests. It cannot be shared further without explicit consent. This enables us to process information about political opinions in particular and normally this will be anonymised. This is done in the course of our legitimate activities with appropriate safeguards and for the purposes of our campaigning activities.

Special category data is processed by us as follows:

  • We may collect and handle special category personal data through the work of our advisors. It may be shared with us to enable us to advise a member in connection with the enforcement or defence of legal claims. This is done for contractual performance, as use of this service is also a membership entitlement.
  • In the case of our research activities, we handle special personal data as part of our campaigning activities on behalf of landlords to promote their interests. In this case, we process this is in our own legitimate interests and as special category data as a not-for-profit organisation. We may also collect and hold the political opinions of members etc., which they communicate to us on the same basis.
  • Information that you may provide to us about your special dietary requirements e.g., when you book to attend a course or event. This could contain reference to religion. It will only be collected or handled for the purpose of providing appropriate food and beverages.
  • Information provided about your health, including any medical condition, disability, health for sickness purposes. This is processed for the purposes of providing access at any course or event or to any premises.
  • The processing of equality and diversity monitoring.


Where we store your personal information

All our information is stored electronically on secure servers located within the United Kingdom. Certain information is also retained on a secure basis in hard-copy format. Telephone conversations are recorded electronically for monitoring, auditing and training purposes. This includes advice given over the telephone by our advisors.

By submitting your personal data, you agree to the transfer, storing or processing of your data as set out in this Notice. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice.

All information you provide to us is stored on our or our partners’ secure servers. Any payment transactions are encrypted and the NRLA do not store any payment information other than your bank details and transaction history. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

How we may share personal information

We share your personal information across the NRLA group of companies to carry out our various activities required in administering your membership and bookings and to provide different entitlements and benefits.

We may share some of your personal information with organisations that carry out processing operations on our behalf, such as web services companies and mailing organisations. We carry out checks on these companies before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal information that we give to them.

We will share the information that you are an accredited landlord with anyone that has your membership number and name unless you choose not to share this. We reserve the right to publish the names of individuals and/or businesses on our website whose membership has been suspended or terminated by us, including the date the suspension or termination came into effect.

We also share your contact and membership information with partners who provide membership benefits so these can be administered on our behalf, specifically:

  • Tradepoint so they can provide a discount card
  • Rentguard and HFIS PLC for Insurance Services inc. Tax Investigation insurance cover
  • Tenancy Deposit Scheme and MyDeposits to help administer your deposit
  • FLS Tenant Referencing Services to help approve prospective tenants
  • Landlord Vision to provide property management software

We do not sell or share personal information with third parties for the purposes of marketing.  But if we run an event in partnership with another named organisation, your details may need to be shared with them.

We will not sell personal information other than as part of a sale of a substantial part of our assets. We may disclose it to a prospective purchaser, but only for use in connection with that sale. We may need to disclose your details, if required, to the police, regulatory bodies or legal advisors. We also may need to make available our members’ details, on request, for Tax Investigation Insurance services. We will only ever share your data in other circumstances if we have your explicit and informed consent.

How we protect personal information

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff and contractors. We also provide guidance and regular data protection training to our staff.

We ensure there are appropriate technical controls in place to protect your personal details; e.g. our computer network and servers are protected and routinely monitored.

We store all personal information you supply on secured servers or in secured paper files. For your protection, any payment details you provide to us will be encrypted using SSL (Secure Sockets Layers) technology.

Unfortunately, the transmission of information over the internet can never be completely secure. Although we will do our best to ensure that your personal information is protected, we cannot guarantee the security of your data transmitted to the website. Any transmission of your personal information by you is, therefore, at your own risk. Once we have received your information, we will use strict procedures and security features to try and prevent unauthorised access.

How long we keep personal information

We will only keep personal information for as long as we have a valid reason for keeping it. After that, we delete or dispose of the information securely. We keep personal information about:

  • our membership so that we can administer and prove membership. Non-core information (e.g., personal details not relevant to prove membership at any point in time) about members is destroyed five years after membership has lapsed.
  • advice we have provided for two years irrespective of whether the membership has lapsed.
  • complaints and feedback for two years.
  • tax investigation insurance claims for three years after a settlement has been made to maintain a record that a claim was made and keep a record of the results.
  • event applications, registrations and administration for two years until after the event has taken place.
  • surveys of members for three years after the survey so that data can be referenced for statistical analysis.
  • analytics information from Google for three years and two months.
  • Job applications for three months.
  • employees for the duration of their employment and six years after employment ceases in accordance with the law.

Your rights

  • You have a right to know what personal data we hold, who we acquired it from, how we process it, the logic involved in any automatic processing and to whom we disclose it.
  • You have a right to ask us not to process your personal data for direct marketing purposes unrelated to NRLA membership.
  • You have a right to ask us not to make decisions based solely on the automatic processing of your personal information.
  • You have a right to ask us not to process your personal information in a way that is likely to cause unwarranted and substantial damage or distress.
  • You have a right to ask us to erase your personal information.
  • These statutory rights are qualified by exceptions and exemptions. To exercise any of these rights, please contact us using the details shown at the start of this Privacy Notice.
  • You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy.


We operate our own internal complaints policy; if you have any concerns about the way we collect or handle data please contact us. You can find out more information on this process on our website.

Additionally, you have the right to lodge a complaint with the Supervisory Authority at The

Information Commissioner, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Changes to this policy

We may change this Privacy Notice from time to time. If we make any significant changes in the way we treat your personal information, we will make this clear on our website or by contacting you directly.

NRLA Privacy Notice

Last updated: 13/01/2021 at 11:51 - 172.38 KB