It's safe to say that we're all aware of the upcoming changes as a result of GDPR happening this May, but how much do you understand about the impact this will have for your interaction with customer data?
This legislation is implementing tighter restrictions that protect our personal data and will affect all citizens within the European Union. Some of the information covered by the General Data Protection Regulation includes: name, photo, email address, social media post, personal medical information, IP addresses and bank details.
At incadea, we want to ensure your dealership is prepared for these changes, allowing you to utilise information as effectively as possible, while staying within the law. From this, we've put together a list of five elements that will help you prepare. 1. Have the correct level of security in place
One of the very first things to consider is the level of security you have. Is your system password protected? Do you have encryption software? If the answer to both of these is yes then you're off to a good start! When it comes to your password, how often do you update it? Having the same password for extended periods of time leaves your system open to threats, as well as storing your customer's information on an unsecured server.
We recommend updating your system and user passwords periodically, and having encryption software installed. 2. Are your marketing consents sufficient to be valid under GDPR?
You don't need consent from the individual to justify everything you do with someone's personal data. In fact, you might not need consent to justify most of what you do with it. However, if you want to undertake electronic marketing of your customers using things like telephone calls and emails, then you will need their opt-in consent to do this.
We recommend ensuring you log and manage consents properly, so that you are able to demonstrate that you have consent and know when it was given. 3. Provide users with the option to opt out
Just as consent requires a positive opt-in, you need to make it easy for people to opt out if they wish. We recommend you make it as easy as possible for people to withdraw by giving them a clear communication path to follow - for example, a link they click or a number they call. 4. The right to access information
With these changes fast approaching, it would be advantageous to implement an up-to-date data policy so you're able to see the changes in one informative document - employees will have access to this, and can therefore refer to it when needed. We recommend that you check your current data protection policy, and assess how many updates are required before you create an entirely new policy.
To help your dealership thrive under this new legislation, our incadea DMS
has a range of enhanced features that enable you to meet the needs of your customers with ease, at the same time as meeting the guidelines set out by GDPR. To discover this in more detail, speak to a member of our expert team today.