Time to review your privacy policy?

legal updates

Our members should be aware of whom they are sharing their data with, and ensure any third-party companies are registered with the ICO.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

Over the last few months, members have informed us of data breach examples, that although only minor, the complainant has perceived the breach to be serious enough for them to believe that they may be entitled to receive compensation.

The Information Commissioner’s Office (ICO) has the power to issue fines of up to £17.5 million or 4% of your annual worldwide turnover for serious breaches of the data protection principles. Therefore, you can understand that if you believe your personal data has been breached, it is serious, and therefore, you are entitled to an amount of compensation.

Many of these breaches can be dealt with fairly swiftly, especially if the complainant is unable to quantify any loss due to the breach. The concern is when the complainant reports the matter to the ICO. As with any regulatory body, we would not recommend any additional scrutiny, as this can be time-consuming and cause anxiety.

Our members should be aware of whom they are sharing their data with, and ensure any third-party companies are registered with the ICO. An example of a third-party company could be a marketing company that assists you with promotional events. Sending a text to a customer who has previously opted out of marketing can be a problem. These messages may not have been sent by our member directly, however, the data that is shared by our member with another company needs to be accurate, have the correct consent, and the reason shared should be clearly stated within a privacy policy.

Earlier this year, a financial services company received a £50,000 fine from the ICO, as they had sent thousands of spam text messages without valid consent. This was a breach of the Privacy and Electronic Communications Regulations (PECR). The company blamed the third party who sent the texts, the ICO advised that relying on third parties leaves organisations open to enforcement.

As the General Data Protection Regulation (GDPR) came into being on 25 May 2018, it may be time to review your policies. Our HR Manager software, which is free to our members, helps dealers conduct their GDPR audits and keep on the right side of any breach and consequential claim. If you are unsure or need assistance with GDPR issues, you can give us a call for any advice.

WeRecruit Auto LtdPermanent Automotive Recruitment from an experienced and trustworthy recruitment partner.

We cover roles within all departments and sectors of the Automotive industry, and are here to listen to your specific needs and find the most suitable candidates to fit your business.

John McDougallLegal AdvisorRead More by this author

Related Legal Updates

Data Protection is real and mistakes can cost your business

Most fines from the ICO are against large companies that send out unsolicited marketing messages.

Do you know what a personal data breach is?

If a security incident has taken place, you should quickly establish whether a personal data breach has occurred. If yes, promptly take steps to address it, including telling the ICO if required. You need to keep a log of any breaches, record the details, and actions taken.

Are you ready for the UK’s data landscape change?

The ramifications for not having the correct policy and procedures in place could be costly, not only by a fine from the ICO for not paying your fee, but also by being reported for data breach

Goodbye 2021, hello 2022!

Despite an excess of 100 different commission claims hitting the Lawgistics’ desks, not one single dealer has had to part with their money.

Used cars – a treasure trove of personal data and a data breach in the making

Modern cars pair with smart phones and other electronic devices via Bluetooth or USB and absorb huge amounts of our personal data.

Police ordered to disclose information

Citing the provisions of the Data Protection Act 2018.

£820 out of pocket due to a data breach

Ex-employee admitted to three offences of unlawfully obtaining personal data.

Get in touch

Complete the form to get in touch or via our details below:

01480 455500

Vinpenta House
High Causeway

By submitting this quote you agree to our Terms & Conditions and Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.