gdpr
play

GDPR What do the new data protection laws mean for the motor - PowerPoint PPT Presentation

Oct 28, 2023 •237 likes •699 views

Law innovated GDPR What do the new data protection laws mean for the motor industry? Law innovated What do the new data protection laws mean for the motor industry? 18 April 2018 Chair: Bill Fennell Managing Director & Chief Ombudsman

  1. Law innovated GDPR What do the new data protection laws mean for the motor industry?

  2. Law innovated What do the new data protection laws mean for the motor industry? 18 April 2018 Chair: Bill Fennell Managing Director & Chief Ombudsman The Motor Ombudsman Presenters: Iain Larkins Founder & Head of the Automotive Practice Radius Law Natasha Gasson Ombudsman The Motor Ombudsman

  3. Housekeeping points  During the webinar everyone will be muted so that only the presenters can be heard.  The presentation will be followed by a Q&A session.  You can submit your questions throughout the webinar. Simply type your question in the box under the “Questions” tab.  All questions relevant to the topic will be answered during the Q&A session.  If you are experiencing any technical problems please call 020 7344 1673 or let us know via the “Questions” tab and we will get back to you promptly.  Over the course of the webinar, we are doing snapshot polls and will be grateful for your inputs.  You can download a copy of the slides and other material under the “Handouts” tab.  A recording of the webinar will be sent to you after the session.

  4. Agenda 1. About The Motor Ombudsman & Radius Law 2. General Data Protection Regulations (GDPR) – How to achieve compliance in 5 weeks – Common GDPR challenges for the motor industry – What needs to be done after the GDPR day 3. How The Motor Ombudsman will handle data breach complaints against its accredited businesses 4. Questions & Answers

  5. The Motor Ombudsman  The first and only Ombudsman for the automotive industry  A clear channel and point of contact for all motoring-related disputes  Self-regulates the UK’s motor industry through its comprehensive Chartered Trading Standards Institute (CTSI)-approved Codes of Practice  Thousands of businesses accredited to one or more of the Codes covering new cars , sales , vehicle warranties , and servicing and repair .

  6. Radius Law  An automotive specialist law firm  Established by the former Chief Legal Officer of Mercedes-Benz UK, Iain Larkins  The only law firm to have its GDPR services endorsed by the Motor Ombudsman and the MCIA  A modern firm that utilises the latest legal tech and promises to never use legalese

  7. Poll 1 Do you feel you have a good understanding of the new data protection regulation and its implications for your business?

  8. GDPR in 5 weeks

  9. Bury head in sand

  10. The Changes

  11. Poll 2 Is your business ready for the new data protection regulation?

  12. Privacy must be designed into your systems and processes. New security breach reporting requirements. Extra territorial Direct accountability for Data Processors Local adaptions New expanded consent requirements.

  13. Consents must hit GDPR standard or stop.

  14. Consent Opt-in, not opt out Provide a Identify simple the data right to controller withdraw Freely given, specific, informed & Ensure it is genuinely State the unambiguous freely purpose given Separate consents Use local for languages different uses

  15. Consent Notice - Good example (direct marketing) Here at [organisation name] we take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us. However, from time to time we would like to contact you with details of other [specify products]/ [offers]/[services]/[competitions] we provide. If you consent to us contacting you for this purpose please tick to say how you would like us to contact you: Post ☐ Email ☐ Telephone ☐ Text message ☐ Automated call ☐ We would also like to pass your details onto other [name of company/companies who you will pass information to]/[well defined category of companies], so that they can contact you by post with details of [specify products]/ [offers]/[services]/[competitions] that they provide. If you consent to us passing on your details for that purpose please tick to confirm: I agree ☐ For more detailed information, please see our privacy policy. You can unsubscribe at any-time by clicking here

  16. Consent is not the only option. Contractual necessity . Compliance with a legal obligation. Necessary to protect the vital interests of the data subject. Necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Legitimate interests .

  17. Poll 3 How will you ensure your marketing is GDPR compliant?

  18. The Wetherspoon option

  19. The Radius Funnel

  20. Websites

  21. Other actions Data Processor contracts Data Security programme Training and policies – Privacy policies – Data Breach response policy – Subject access policy – Employment contracts Data transfers outside of the EEA

  22. Online GDPR Course  To be launched in early May  Aimed at those who handle people’s information on a day -to-day basis  Interactive, with a motor industry story line & case studies  Key learning outcomes:  What are the key changes between the previous and the new data protection law?  What do I need to know about personal data and how do I handle personal data?  What do I need to do differently with customer and employee data to be compliant with the new legislation? Automotive GDPR E-learning  Where can I go for more guidance?  Email business@tmo-uk.org for more details and to pre-order the course coming soon

  23. Risk identification Risk review Risk assessment Risk mitigation

  25. GDPR and The Motor Ombudsman Natasha Gasson

  26. Key Points  The Codes and TMO’s process  How TMO would handle a dispute about data protection  What you can and can’t send to us  Tips for your business  TMO Online Course

  27. The Codes and TMO’s process

  28. Codes of Practice Cover the entire customer purchase and vehicle ownership experience Service and New Cars Vehicle Warranties Vehicle Sales Repair Advertising Advertising Advertising Advertising Parts and accessories Billing Clarity of information Used car presentation Availability Booking process Claims handling New car presentation New car provisions Work standards Insured and non- Sales process insured products Warranty provision New car warranty Staff Complaints handling Finance provision Provisions Complaint handling Vehicle purchase Complaints handling Aftersales support Complaints handling

  29. How TMO works to resolve a case 1. CONSUMER CONTACT RECEIVED BY TMO gathering  assessment  Information Remit TMO receives dispute Early resolution 2. CASE ADJUDICATION if possible   Formal case raised Evidence Adjudicator by adjudicator to review delivers outcome business 3. OMBUDSMAN Appeal  Ombudsman delivers Ombudsman reviews case plus final decision any additional information 4. CLOSED Court if consumer rejects the Ombudsman’s decision

  30. How TMO would handle a dispute about data protection

  31. What TMO will do  The short answer is…we wouldn’t!  We would signpost any disputes solely around the GDPR to the Information Commissioner’s Office as we would be unable to adjudicate  However, we might try and help to find a resolution informally depending on the nature of the issue

  32. What TMO will do  If you are found in breach of the GDPR by the Information Commissioner’s Office or the courts, you may also be found to be in breach of our Codes of Practice  As such, we would log this against your business and would consider how best to deal with the breach

  33. What you can and can’t send to us

  34. Poll 4 If you have a dispute with a customer, do you think you can share the customer details with us?

  35. Before the consumer has made a complaint to TMO  Unless the consumer has given their express consent for you to contact us about their dispute, you should not give us any personal details  If you’re looking for information on a dispute before the consumer has raised it with us, you can tell us about it generally

  36. Before the consumer has made a complaint to TMO Miss Natasha Gasson, registration number AB12 3CD, bought her car 21 days ago and it’s developed a fault with the engine. Should she be allowed to reject or can we try to repair the vehicle? A customer has contacted us looking to reject their car. It has been 21 days since they took delivery and it has developed a fault with the engine. Should we accept their rejection or can we try to repair the car?

  37. After the consumer has made a complaint to TMO  Our enquiry form ensures the customer gives their express consent to us obtaining the data we need to assist us in our investigations  This includes:  Telephone call recordings  Email exchanges  Documentation e.g. invoices, sales contracts etc  System screen shots  You do not need to seek the consumer’s permission or ask them to do a subject access request before providing us with data as the customer has already given us their consent

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you have specific

495 views • 35 slides
GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB GDPR TIMELINE Definitions GDPR is a set of EU laws that come into affect on May 25th 2018. GDPR rules are designed to give more control over

587 views • 30 slides
GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get Compliant Agenda GDPR at a glance What does GDPR mean for IT departments Microsoft and GDPR M365 O365 Azure Dynamics

349 views • 18 slides
GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR applies to you because you hold data it does not discriminate on size / profit 2. Deadline to comply 3. Fines 4. Book stops with you ? 5. Piece

1.05k views • 37 slides
REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

GENERAL DATA PROTECTION REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General Data Protection Regulation (EU) 2016/679, commonly known as GDPR, applies from 25 May 2018 and regulates the processing by a

318 views • 12 slides
EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda

EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda

Reaz Khedarun and Ian Davis EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda Implications and opportunities of GDPR New obligations and liabilities for suppliers How GDPR compliance can

437 views • 24 slides
Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data Protection ECCB 2018 / Athens 11. September 2018 GDPR is catching up with us GDPR: General Data Protection Regulation GDPR Became

439 views • 26 slides
The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and GDPR-related applications 11 December 2019, Madrid, GDPR@Jurix workshop Giovanni Sileno (g.sileno@uva.nl), Thomas van Binsbergen

527 views • 23 slides
Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin Aslan Legal Counsel - Sinequa Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR takes effect on May 25, 2018 with no further

285 views • 26 slides
Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to:

Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to:

Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to: Provide an introduction to the GDPR Explore how the GDPR will impact on Early Years settings Highlight resources available to support Early

477 views • 45 slides
GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief

GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief

GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief Pharmacist and Director of Pharmacy General Data Protec<on Regula<on (GDPR)

576 views • 36 slides
GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin

GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin

Holdingbay GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin rolling out? Holdingbay Tristan Bailey Working with marketing and sales data for over 15 years Develop applications Brighton, UK

404 views • 15 slides

More recommend