Optional - Data Management (L3) Flashcards

1
Q

Summary of experience: level one

What is GDPR?

A

GDPR is the General Data Protection Regulation (2016), that came into effect on the 25th May 2018. It aims to create a single data protection regime for the European Union.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Summary of experience: level one

What do you need to do if you have a data breach?

A

Notify the Information Commissioners Office (ICO) within 72 hours of the breach occurring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Summary of experience: level one

What are the fines for non-compliance with UK GDPR?

A

Up to 4% of global turnover, or £7.5 million. (Whichever is greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Summary of experience: level one

What are the principles of Data Protection Act 2018?

A
  • Processed lawfully, fairly and in a transparent manner
  • Collected for specified and legitimate purposes
  • Accurate
  • Not transferred to countries with less info than your own
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Summary of experience: level one

What are the 8 Individual Rights Under GDPR?

A
  1. Right to Information
  2. Right of Access
  3. Right of Rectification
  4. Right to Erasure
  5. Right to Restrict Processing
  6. Right to Data Portability
  7. Right to Object
  8. Right to Automated Decision Making

(IARERDOA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Summary of experience: level one

What is an SAR?

A

Subject Access Request – Demand that the individual be given all the information that a company holds on them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Summary of experience: level one

What are the principles of UK GDPR?

A

A. There are six:
(1) Lawfulness, fairness and transparency
(2) Integrity and confidentiality (security)
(3) Accuracy
(4) Data minimization – only collect it when you need.
(5) Purpose Limitation – be specific about the purpose of the data collection
(6) Accountability – record and prove compliance
(7) Storage Limitations – store data for a necessary limited period and then erase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Summary of experience: level one

Give me an example of how your company is compliant with GDPR

A
  • When we send out marketing emails to prospective purchasers, we send emails individually rather en masse.
  • On marketing emails, we give people the right to be removed from our database
  • Privacy notice when we collect data
  • Fair Processing Notice on website
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Summary of experience: level one

Does your company tell people how their data is stored?

A

Yes, our website gives detail on our ‘Fair Processing Notices’ which outlines:
* our purpose of collecting personal data
* how to unsubscribe from marketing communication
* special catergories of data are necessary for fulfilling legal obligations relating to AML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Summary of experience: level one

What is Primary Data?

A

Data that is collected first hand

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Summary of experience: level one

What is Secondary Data

A

Data that we access from third party sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Summary of experience: level one

What are the limitations of Secondary Data?

A

We cannot verify the accuracy of the data as we did not collect it ourselves

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Summary of experience: level one

How do you check secondary data?

A

Get to the source of the data. If the primary data collector is identifiable, try and verify the information directly with them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Summary of experience: level one

Has the UK got its own version of GDPR?

A

DPA 2018 is the primary piece of legislation that replaced DPA 1998 and filled in the blanks that EU GDPR couldn’t specifically address in the UK.

After the Brexit transition period, UK GDPR came into force 01/01/2021. UK GDPR is essentially the same as EU GDPR and must be read in conjunction with DPA 2018.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Summary of experience: level one

What is personal data?

A

Information that makes someone personally identifiable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Summary of experience: level one

Who is responsible for DPA/GDPR compliance within a business?

A

Data Protection Officer (DPO)

17
Q

Summary of experience: level one

How do you keep personal data secure?

A
  • Authenticated access to systems
  • Two factor authentification
  • Encryption
  • Ensure integrity of data collection systems
  • Continually evolve and test systems
18
Q

Summary of experience: level one

What should you do if there is a data breach?

A
  • Report to DPO
  • If necessary, they will report to ICO within 72 hours
  • If there is high risk to indviduals (e.g. leaked hospital records) then you must notify individuals concerned
19
Q

Summary of experience: level one

What does the UK GDPR state about the processing and collection of data from individuals?

A

Individuals have the right to be informed. You must provide them with privacy information at the time you obtain their data.

20
Q

Summary of experience: level two

For the valuation of a country house hotel in the Scottish Highalnds, what data did you put in Excel?

A

I exported everything that we collate, but not all of it was relevant. So I cleaned up the data to leave:

  • Hotel type: Boutique/Country House/Luxury
  • Address: Region and postcode
  • Turnover: £1m-£2m
  • No. of bedrooms: 20
  • Date Sold: within last four years
  • Multiple Range
21
Q

Summary of experience: level two

What sort of locations were similar?

A
  • Skye
  • Arrochar
  • Islay
  • Oban
22
Q

Summary of experience: level two

What types of transaction were you looking for?

A

Other freehold hotel transactions

23
Q

Summary of experience: level two

What was the multiple range did they have?

A

Between 5x-10x

24
Q

Summary of experience: level two

Why did you look at the apartments on a £ per sq ft basis?

A

We were valuing the freehold value only. Client was looking to acquire the asset as they only managed it on behalf of owner.

25
Q

Summary of experience: level two

How do you check secondary data?

A

Get to the source of the data to verify it

26
Q

Summary of experience: level three

You identified that you were not completing trade assessment analysis as part of profits method valuations as efficiently as possible, how were you doing it previously?

A

Manually adding lines of data together in excel/calculator to summarise data in the format that we wanted to present it

27
Q

Summary of experience: level three

Talk me through the process

A
  • Create a source database that input narrative and translated Christie & Co narrative
  • Use VLOOKUP to automatically transcribe source data narrative into our standard narrative
  • Use PIVOT to prsent a cumulative view of mulitple lines of data
  • Use GETPIVOT to link manipulated data to our trade assessment format
28
Q

Summary of experience: level three

How did you ensure that this was accurate?

A
  • Parallel run of both methods
  • Pilot scheme to test validity of process
  • Lock down formulas once we’d proven it works
29
Q

Summary of experience: level three

What regulation are you mindful of when receiving interest from multiple parties?

A

Estate Agents Acts 1979 states that you must disclose all bids in writing to the vendor

30
Q

Summary of experience: level three

How did you determine the credentials of the prospective buyers to meet the goals of the Client?

A

I am referring to their ability to perform and conclude a deal. This is based on anecdotal evidence from speaking with more experienced Agents in the sector as well as speaking to other professionals in the due dilligence process that may be able to comment e.g. solicitor