GDPR – Legitimate Interest is your friend

legal updates

Garages can continue to send MOT reminders to their customer base as long as they offer the customer the option to opt out in every email or text.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

We are pleased to note that the ICO have now produced a document which confirms what we at Lawgistics have been saying for many months and that is that legitimate interest is a business friendly ground for processing data.

As we have previously advised, business do not need to jump through the consent hoops and reviews to continue to market to existing customers.  To reiterate, garages can continue to send MOT reminders to their customer base as long as they offer the customer the option to opt out in every email or text. Further, it is absolutely fine to take a customer’s details and call them back – no separate consent is required, the customer has called you and so is expecting a call back.

The trick to staying on the right side of legitimate interest is to consider the 3 part test which in plain English requires you to consider:

  1. why do you want to process the data in question?
  2. will processing the data help you achieve your purpose and is there a less intrusive way to achieve it? 
  3. would the data subject reasonably expect you to be using their data in this way? 

As examples:

An employer may ask for next of kin details from their employee so they know who to contact in an emergency. There is no need to ask the individual next of kin for their consent to hold their personal data as it is not unreasonable for such details to be held for health and safety reasons. There is no less intrusive way to be able to contact a relative after an emergency, the impact is minimal and only the Line Manager and Directors will have the details.     

A car dealer has a problem customer and seeks help from Lawgistics. The car dealer is entitled to seek specialist legal advice and only provides the customer data relative to the case. It is entirely reasonable for a business to seek advice and the customer’s details are looked after by Lawgistics who are GDPR compliant meaning there is minimal risk to the customer (except that they are likely to lose their case of course!).

The key is giving the matter some thought. If it can reasonably be justified, then legitimate interest is your ground of choice – much less hassle and for marketing to existing customers, more likely to keep your marketing list alive as asking for consent may well end up with a limited response.

So in summary, legitimate interest is your friend but like all good friendships, it shouldn’t be abused. 

Nona has published many legal updates on GDPR and will be conducting workshops at the forthcoming CarDealer Magazine Expo 2018.

DMS NavigatorDealer Management System software for Car Sales, Aftersales and eCommerce

Our dealers use us to help them be more Efficient and Profitable!

You can use our Dealer and Lead Management software to integrate all dealership departments, both online and physical ; providing all in-house functions; Invoicing, Stock Management, Accounting and Marketing as well as interfacing for advertising, ecommerce and more.

Nona BowkisHead of Legal Services / SolicitorRead More by this author

Related Legal Updates

Time to review your privacy policy?

Our members should be aware of whom they are sharing their data with, and ensure any third-party companies are registered with the ICO.

Data Protection is real and mistakes can cost your business

Most fines from the ICO are against large companies that send out unsolicited marketing messages.

Do you know what a personal data breach is?

If a security incident has taken place, you should quickly establish whether a personal data breach has occurred. If yes, promptly take steps to address it, including telling the ICO if required. You need to keep a log of any breaches, record the details, and actions taken.

Are you ready for the UK’s data landscape change?

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach

Goodbye 2021, hello 2022!

Despite an excess of 100 different commission claims hitting the Lawgistics’ desks, not one single dealer has had to part with their money.

Used cars – a treasure trove of personal data and a data breach in the making

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.

Police ordered to disclose information

Citing the provisions of the Data Protection Act 2018.

Get in touch

Complete the form to get in touch or via our details below:

Phone
01480 455500
Address

Vinpenta House
High Causeway
Whittlesey
Peterborough
PE7 1AE

By submitting this quote you agree to our Terms & Conditions and Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.