Are you ready for the UK’s data landscape change?

legal updates

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

Last year, the government launched a consultation on the proposed changes to the UK’s data landscape called Data: a new direction.

The government’s response will be published in spring of this year and we will keep you updated on any changes that may affect the motor trade. There are some elements that may be of interest moving forward, as they are suggesting changes to data breach reporting, the need for a Data Protection Officer, and proposals relating to charges for data subject access requests. As this is a consultation, any changes will not be happening soon, however, it is a good reminder that GDPR or its future reincarnation, is here to stay.

Hopefully, you already have this practice in place, but it is always a good idea to conduct an annual GDPR audit and review your privacy policies and procedures. Your Information Commissioner’s Office (ICO) reminder to pay your data protection annual fee for processing personal data should be a trigger to action this annual audit. If you are now thinking: “we don’t get a reminder and we don’t pay any fee to the ICO”, then you will need to check on the following link as some companies are exempt:

We have noticed some of our members’ privacy policies don’t include that they record inbound and outbound calls, and/or they may also omit that CCTV is captured on the premises. These all need to be included in your privacy policy, and if you are recording this data, then you should certainly be paying an annual fee to the ICO.

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach. Now, this could be a simple error that is easily rectified and you believe there has been no serious damage caused, but unfortunately, it is not always that clear cut.

We had a recent case where our member was unable to evidence that a consumer had consented to his information being passed on to a third party. The customer was encouraged by their solicitor to make a complaint to the ICO. The ICO concluded that a breach had occurred and they considered the matter closed as our client had provided the correct rectification. However, the solicitor further encouraged the customer to take it to court. Our member opted to settle out of court rather than take the risk of a court decision.

Our HR Manager software, which is free to our members, helps dealers conduct their GDPR audits and keep on the right side of any breach and consequential claim. Or, if you are unsure and need assistance with GDPR issues, you can give us a call for any advice.

HaswentWebsites for dealers small and large

Composer is a next-gen automotive platform that has been designed from the ground up to give you an intuitive way to promote your stock. You have extensive stock management options, and you'll gain a brilliantly responsive new website to advertise your stock, starting at just £39.99/month.

John McDougallLegal AdvisorRead More by this author

Related Legal Updates

Time to review your privacy policy?

Our members should be aware of whom they are sharing their data with, and ensure any third-party companies are registered with the ICO.

Data Protection is real and mistakes can cost your business

Most fines from the ICO are against large companies that send out unsolicited marketing messages.

Do you know what a personal data breach is?

If a security incident has taken place, you should quickly establish whether a personal data breach has occurred. If yes, promptly take steps to address it, including telling the ICO if required. You need to keep a log of any breaches, record the details, and actions taken.

Goodbye 2021, hello 2022!

Despite an excess of 100 different commission claims hitting the Lawgistics’ desks, not one single dealer has had to part with their money.

Used cars – a treasure trove of personal data and a data breach in the making

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.

Police ordered to disclose information

Citing the provisions of the Data Protection Act 2018.

£820 out of pocket due to a data breach

Ex-employee admitted to three offences of unlawfully obtaining personal data.

Get in touch

Complete the form to get in touch or via our details below:

01480 455500

Vinpenta House
High Causeway

By submitting this quote you agree to our Terms & Conditions and Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.