Data Protection is real and mistakes can cost your business

legal updates

Most fines from the ICO are against large companies that send out unsolicited marketing messages.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

We continue to see cases whereby a member of the public is looking for a cash payout for what they claim as a personal data breach. General Data Protection Regulation (GDPR) came into law in May 2018 and was incorporated into the updated Data Protection Act 2018 (DPA). Although data protection is less talked about now, it still applies. Dealers and garages must continue to monitor how they treat personal data and review their privacy policies each year.

The Information Commissioner’s Office (ICO) is the body that deals with complaints in this area and it only takes a simple human error, such as mixing up two customer’s details, for a compensation claim to land in your inbox.

Most fines from the ICO are against large companies that send out unsolicited marketing messages. We Buy Any Car was fined £200,000 in September 2021 for sending marketing emails and texts to people who had previously signed up for an online quote. Sending the quote was fine as this is what was requested, but using their contact details to send further marketing messages was not.

For our dealers, most complaints relate to human error. Complaining customers dream of hundreds, and in some cases, thousands of pounds of compensation as they claim the error has caused them so much distress. In some cases, there will be genuine distress and those cases must be considered appropriately. However, this rarely occurs, and the recent High Court case of Rolfe and others v Veale Wasbrough Vizards LLP [2021] EWHC 2809 (QB) saw the courts dismiss such a claim for distress with the Master (High Court judge) deciding that no harm was credibly shown when an email was sent to the wrong person in error.

Mistakes do happen, but as with most things, it’s how the mistake is dealt with that will help determine any consequences. If you do find out that details have been sent to the wrong customer, ask the recipient to delete the email, and let the customer who should have received the email know what has happened. These sorts of errors do not need to be reported to the ICO, but you should keep an internal log, so you can monitor if there is a particular member of staff who repeatedly makes these sorts of mistakes.

GDPR is here to stay and while you might not find it very interesting, it will apply to you. And you need to have the right procedures and policies in place. Lawgistics can help your GDPR compliance in two ways. Firstly, our award-winning software, HR Manager, is a secure database to store both employee and customer information, such as employment contracts, sales transactions, warranties, etc. And secondly, we will shortly be launching our new Training Academy, which includes a GDPR Awareness Training bite-sized course that you can use to train your employees and to ensure you are GDPR compliant.

Octane FinanceFuel Your Finance

Octane Finance is the broker of choice for new and used car dealers nationwide. With our uncompromising service levels and our genuine and professional approach, you and your customers can trust us to deliver.

Nona BowkisHead of Legal Services / SolicitorRead More by this author

Related Legal Updates

Time to review your privacy policy?

Our members should be aware of whom they are sharing their data with, and ensure any third-party companies are registered with the ICO.

Do you know what a personal data breach is?

If a security incident has taken place, you should quickly establish whether a personal data breach has occurred. If yes, promptly take steps to address it, including telling the ICO if required. You need to keep a log of any breaches, record the details, and actions taken.

Are you ready for the UK’s data landscape change?

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach

Used cars – a treasure trove of personal data and a data breach in the making

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.

Police ordered to disclose information

Citing the provisions of the Data Protection Act 2018.

£820 out of pocket due to a data breach

Ex-employee admitted to three offences of unlawfully obtaining personal data.

Whistleblowing and data protection

Employee’s complaint had to be considered as a protected disclosure relevant to their dismissal.

Get in touch

Complete the form to get in touch or via our details below:

01480 455500

Vinpenta House
High Causeway

By submitting this quote you agree to our Terms & Conditions and Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.