Let’s Talk GDPR Compliance For Your Dealership…
- January 31, 2018
- Posted by: Pip Moxham
- Category: Tips For Dealers
Many of the GDPR main concepts are the same as what’s currently in place with the existing Data Protection Act, so don’t panic, if you’re already complying you’re in a great place to be prepared for the changes in legislation.
As a very brief overview the concept of GDPR is to ensure that personal data is processed lawfully, fairly and in a transparent way, it ensures that data is collected accurately for specified, explicit and legitimate purposes and is stored securely.
So, What Information Does GDPR Apply To?
The GDPR applies to ‘personal data’ meaning any information that can identify an individual person.
This could include many things, a few could be; a customer’s name, identification number, location data or even online identifier.
Keep in mind that the GDPR applies to both digital data capture and to manual filing systems or storage.
The GDPR also covers sensitive personal data which is known as “special categories of personal data”. These special categories specifically include genetic data, and biometric data that can be processed to uniquely identify an individual. So not the kind of information you regularly capture from your customers in a vehicle dealership.
The GDPR legislation categorises organisations into two; Data processors and Data Controllers.
In the scenario where Click Dealer is the provider of DMS and Web to you our dealers, we would be your Data processor and you as a dealer would be the data controller of your customer’s data. Your responsibility here is to make sure that we are compliant with GDPR processes, so that’s the first tick in the box. We’ve been preparing for the changes for months now and can put your mind at ease.
Here are some simple steps that will help your dealership to get prepared:
Awareness – A great starting point is to make sure all of the staff at your dealerships are aware of GDPR and the changes in process that are being implemented to be compliant.
You should be aware of the information that you currently hold – Know where it came from and who you share it with, you may need to do an audit of this information to ensure it’s up to date.
When collecting new data from your customers – You will need to clearly communicate how you intend to use the information that you are capturing as well as how long you plan to keep it for.
Individual’s rights – You should check your procedures to ensure they cover all the rights that individuals have, this includes how you would delete data? Individuals have the right to be informed, access their data, delete, move, restrict processing and more. If asked you would need to provide the data in a structured, commonly used, and machine readable form free of charge.
Consent – you should review how you seek, record and manage consent for marketing and other communications not core to the enquiry or sale. When capturing data you must have a positive opt-in, data capture cannot be inferred from silence in a pre-ticked box or hidden in a policy document and you will need to have simple ways for people to withdraw consent.
Data Breaches – you must have effective systems in place to detect, report and investigate a data breach. Breaches that would impact an individual based on the data you have stored would need to be reported to the ISO.
Appoint a data protection manager – It’s a great idea to appoint somebody within your dealership to take responsibility for data protection compliance. If this isn’t going to be possible, look to see how a third party can assist.
If your dealership operates in more than one EU member state – You will need to understand where your data processing takes place.
For a more detailed overview check out: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
To find out more about what Click Dealer is doing to support you during the changes in legislation keep an eye out for our upcoming 3 part video series that includes:
- What is GDPR And How Will It Affect Me?
- Dealer Specific Questions and Answers With Our Specialist Legal Team
- Introduction of Click Dealer’s Solutions And Products To Help You To Comply And Update Your Existing Data So That You Can Continue To Use It Effectively To Improve The Performance Of Your Dealership