Maximum number of cars added to compare list.

What's your postcode?

We need your postcode in order to provide accurate search results.

Enquire

Enter your full name
Enter a valid phone number

Tick this box to receive the Trusted Dealers newsletter.

Enter your first name
Enter your last name
Enter your phone number

Got a part exchange?

Tell us your reg plate and receive a part exchange valuation on your car?

Tick this box to receive the Trusted Dealers newsletter.

What's this?

Compare cars side by side to save time clicking backwards and forwards between them.

NFDA WORKING WITH DEALERS TOWARDS GDPR COMPLIANCEBack

A survey of almost 900 members of the Institute of Directors shows that 30 per cent of them have not even heard of the General Data Protection Regulation, The Times reported this week. With the approaching deadline of 25 May 2018 for all organisations to comply with the new General Data Protection Regulation, NFDA continues to work very closely with its members to assist them in meeting the challenge of compliance. However, it is concerning to see that many organisations are still ‘unprepared’ for GDPR.

New General Data Protection Regulations apply to all organisations that control and process personal data. Failure to comply with GDPR can result in fines of up to €20 million or 4% of annual turnover for the most serious contraventions. To support its members, NFDA has already held three very successful workshops which saw a total of over 500 attendees engaging in the GDPR debate with NFDA legal partners. A fourth workshop, now fully booked, is lined up for 1 December.

Some of the crucial steps that must be part of organisations’ strategy for compliance include:

  • Carrying out a data mapping exercise to understand how their personal data are being collected and used
  • Reviewing contracts which include data processes and data sharing with third parties
  • Reviewing cases where personal data is processed based on the “consent” of the individual
  • Ensuring current privacy notices have mandatory information required under GDPR
  • Appointing a Data Protection Officer (DPO) where necessary
  • Ensuring that language used in privacy notices is clear, concise and easy to understand and that contractual provisions clearly set out the rights and obligations of both parties.

Preparing for GDPR compliance requires significant time and resources and having in place a successful GDPR implementation programme must be a critical priority for dealers to ensure that they can continue to use and share data. Over the past few months, the NFDA has been in contact with manufacturers and finance houses to request what steps they are taking and ensure that there is a co-ordinated industry approach.

Once again, we urge all our members to take GDPR very seriously and contact us if they need any further guidance on the issue.

Please contact the NFDA on 01788 538303 or email louise.woods@rmif.co.uk if you need any clarifications or would like to receive the questionnaire and template letter which can be sent to manufacturers, suppliers, DMS providers, insurers and finance houses, to ask them how they use your data and ensure it is protected.

For further guidance and helpful information on the use of data and GDPR requirements, please visit the GDPR page on the NFDA website: http://www.nfda-uk.co.uk/policy/gdpr/  or the Information Commissioner’s Office (ICO) website https://ico.org.uk/.

On another note, if you receive emails from us, including the NFDA newsletter, to your personal email, rather than a business one, please let us know as soon as possible if you wish to continue to do so.  Under the new GDPR, we must delete all personal email contacts unless we receive explicit permission from you to continue to use them. 

Posted by Sue Robinson on 20/10/2017