Blue and White paper - GDPR

We outline what is new vs familiar, and offer practical steps you can take today

Published: 7th December 2017

In the third "Blue and White paper" from Cox Automotive Data Solutions, we take a detailed look at a hot topic for the automotive industry: GDPR. Read the Executive Summary, or download the full paper below.

GDPR and the automotive industry

Author: Ian Inman, Head of Privacy and Data Protection
Editor: Dr Shaun McGirr, Lead Data Scientist

Executive Summary

  1. The General Data Protection Regulation (GDPR) comes into force in the UK on 25 May 2018. It builds upon existing data protection law, adding more detail to existing requirements, new rights for individuals, and new obligations on those who process personal data.

  2. The GDPR provides several legitimate grounds for processing personal data. Not all processing need be based on the consent of the individual and all grounds are equally valid.

  3. The maximum fine for contraventions of the GDPR is 20 million euros or 4% of global turnover. However, these fines are not mandatory and are the absolute maximum.

  4. Organisations must comply with the GDPR’s requirements and be seen to be compliant. It makes concepts such as privacy by design and default a legal requirement and encourages Data Protection Impact Assessments in all cases, requiring these in some cases.

  5. The GDPR introduces a higher standard of consent and explicitly prohibits silence, inactivity and pre-ticked boxes as valid consent. Organisations are not required to get fresh consent if their current consents meet the GDPR standards.

  6. The right to erasure, right to restrict processing and right to data portability are all new rights created by the GDPR. Dealers and Manufacturers will need to check their Dealer Management System, Customer Relationship Management systems, and any others that store personal data, to ensure they are functionally compliant.

Note: this is our view based on the data available to us at present. Readers should compare our findings with their own experience before making the decision that is best for their business. This technical paper does not constitute legal advice on GDPR compliance or any other matter of data protection.

If you have any questions about this paper, please get in touch.

Media contact: Gwen Allen, 07392 082320

Blue and White paper 3 - GDPR - 2017-12-07.pdf


Download pdfDownload pdf file

Our Blog for the latest news, views and market intelligence.


Big Data LDN 2017: Cox Automotive – Big Data Journey

Allison Nau, Managing Director of Cox Automotive Data Solutions, spoke at Big Data London - watch the video here.

Read more
Data 17th January 2018

Blue and White paper - GDPR and the automotive industry

We outline what is new vs familiar, and offer practical steps you can take today

Read more
Data 7th December 2017

Cox Automotive Data Solutions sponsor the AM Magazine Data special edition

In November Cox Automotive Data Solutions sponsored the Data special edition of AM Magazine - find out what we talked about.

Read more
News 7th December 2017

Why Digital Analytics Matters

Digital Analytics & Your Automotive Business - Modix explains why analytics is crucial to the dealership of today.

Read more
Data 28th November 2017