Maximum number of cars added to compare list.

What's your postcode?

We need your postcode in order to provide accurate search results.


Enter your first name
Enter your last name
Enter your phone number

Got a part exchange?

Tell us your reg plate and receive a part exchange valuation on your car?

What's this?

Compare cars side by side to save time clicking backwards and forwards between them.

GDPR: NFDA working with dealers to meet the challenge of compliance – NEXT WORKSHOP & ONLINE GUIDANCEBack

The new General Data Protection Regulations (GDPR) introduce new stricter requirements for keeping and using personal data. The deadline for compliance is 25 May 2018, breaches of the new rules will have major consequences both reputationally and monetarily due to the introduction of new draconian fines. It is imperative that businesses have a strategy for compliance in place as failure to comply will result in extremely harsh fines

Following two successful workshops, to assist members in meeting the challenge of compliance, we will be holding a third workshop on 15 September at the Warwick Hilton, this will be run again by NFDA’s TLT solicitors.

 Please contact us to attend as soon as possible as places will be available for a short amount of time.

We have also drawn up a questionnaire for dealers to send to suppliers, manufacturers, DMS providers, insurers and finance houses. The questionnaire asks them how they will use your data and ensure it is protected.  This will be an important step in ensuring compliance with the new regulations.  We have also designed a template covering letter which outlines why this process is being carried out, it may be used by dealers when sending out the questionnaire. In addition, we have contacted manufacturers to request what steps they are putting in place to ensure compliance in May 2018 and that there is a co-ordinated industry approach.

The new requirements will have significant impact on dealers, in particular, on how they keep and secure customer data, and their ability to carry out direct marketing campaigns.  There is also an issue around the transferring of personal data to and from suppliers such as manufacturers and how these suppliers keep and use this data.  Preparing for compliance will take significant time and resources and putting in place a GDPR implementation programme is a critical priority to ensure that businesses can continue to use and share data in compliance with applicable laws.

Some of the crucial steps that organisations must take now include:

  • Carrying out a data mapping exercise to understand how their personal data are being collected and used
  • Reviewing contracts which include data processes and data sharing with third parties
  • Reviewing cases where personal data is processed based on the “consent” of the individual
  • Ensuring current privacy notices have mandatory information required under GDPR
  • Appointing a Data Protection Officer (DPO) where necessary
  • Ensuring that language used in privacy notices is clear, concise and easy to understand and that contractual provisions clearly set out the rights and obligations of both parties.

Please visit the GDPR page on our website for further guidance:

If you require more information or would like to receive the questionnaire with the template letter, please contact the NFDA on 01788 538303 or email


Posted by Sue Robinson on 14/07/2017