The NDFA is concerned that dealers may not be ready to comply with new General Data Protection Regulation (GDPR), when it comes into force on May 25 2018.
A recent survey, carried out by The Times newspaper, of almost 900 members of the Institute of Directors showed that 30% have not even heard of GDPR but NFDA Sue Robinson assured members that it would be available to assistance.
AM will also be hosting a special GDPR conference at the Doubletree, Milton Keynes, in February, for retailers keen to gain more insight into the GDPR.
“With the approaching deadline of 25 May 2018 for all organisations to comply with the new General Data Protection Regulation, NFDA has been working very closely with dealers to assist them in meeting the challenge of compliance,” said Sue Robinson (pictured), director of the National Franchised Dealers Association (NFDA).
The crucial steps that must be part of organisations’ strategy for compliance include:
- Carry out a data mapping exercise to understand how personal data is being collected and used
- Review contracts which include data processes and data sharing with third parties
- Review cases where personal data is processed based on the consent of the individual
- Ensure current privacy notices have mandatory information required under GDPR
- Appoint a Data Protection Officer (DPO) where necessary
- Ensure that language used in privacy notices is clear, concise and easy to understand and that contractual provisions clearly set out the rights and obligations of both parties
Preparing for GDPR compliance requires significant time and resources but Robinson warns that having a successful GDPR implementation programme must be a "critical priority" for dealers to ensure that they can continue to use and share data.
Failure to comply with GDPR can result in fines of more than £17 million or 4% of annual turnover for the most serious contraventions.
“We urge NFDA dealer members to take GDPR very seriously and contact us if they need any further guidance on the issue," added Robinson.
AM will host a GDPR conference covering the major aspects of the new EU legislation at the Hilton Doubletree, Milton Keynes, on 22nd February 2018.
The speakers include data experts from the Direct Marketing Association and cyber security experts.
For more information about the event – or to confirm your attendance by booking a place – visit https://amgdprconference.am-online.com/