Automotive Compliance believe that the privacy of your personal information is important. This Statement is
therefore designed to provide you with appropriate information, assurance and confidence that we are handling your
data in a secure, professional manner, with the respect it deserves. This statement therefore addresses what personal
information we collect and how we handle the personal information shared with us. Please read the following carefully
to understand our views and internal practices.
For the purposes of the General Data Protection Regulations (GDPR), the data controllers are Automotive Compliance Limited, with the Data Protection contact being Mr Matt Riches.
This statement is subject to regular reviews and may be updated in accordance with changes to legislation or internal processes. The most up-to- date version will always be found on our website.
We will not collect any personally identifiable information about you unless you provide it to us voluntarily. If you do not want
your personal data collected, please do not submit it to us. Some information provided may be legally or contractually required and
therefore, if not provided, will limit the services that Automotive Compliance and its Appointed Representatives are able to provide.
Where a business collects your data using one of the Automotive Compliance systems, they do so as a data processor, and Automotive Compliance
remains the controller of your data.
We process personal information to enable businesses that use our systems to recommend Financial Products and General Insurance Products that you are qualified to use, and which may help protect your vehicle(s); To maintain our accounts and records; To advertise our services to Automotive Businesses; To ensure that products you buy are safely and correctly registered; To ensure that all businesses that use Automotive Compliance systems are fit and proper and to support and manage our employees. We also have a legal duty to process limited data to ensure that businesses that use our systems comply with current legislation set by the Financial Conduct Authority (FCA), Financial Ombudsman Service (FOS) and the Information Commissioner’s Office (ICO).
We process information only relevant for the above reasons/purposes, which may include;
Automotive Compliance may share the information it collects about you and your vehicle (or business) with selected third parties for business purposes only. Where necessary or required, we will share information with;
In some cases, we may collect information about your which is not personally identifiable via our website however, under GDPR,
if that information can be linked in some way to a living individual this can now be classified as restricted data. Examples include
obtaining your IP address, the type of internet browser you are using and the computer operating system that you are using, as well as
the search engine you accessed to locate our website. Although all these are used predominantly for statistical purposes, these do have
the potential to be linked to an individual and therefore fall within this statement.
Under GDPR, individuals have by far greater ownership of the way in which they are able to manage their own personal information.
There are now eight areas in which you have rights to, known as the Data Subject Rights and they are broken down as follows:
Right to Access/Subject Access Requests – The Right to Access provides you with the opportunity to obtain all the information Automotive Compliance holds against you as an individual (also known as Subject Access Requests). The GDPR allows Automotive Compliance one month to provide you with all the information we hold against you, your vehicle and your address. This will solely be in relation to the person making the request. We will review all our manual and electronic data and provide you with everything accordingly. If your request specifies what documentation you require, this will assist us in responding to your request quicker.
Right of Rectification – If you believe that the information that Automotive Compliance holds about yourself is incorrect, inaccurate or incomplete, the right of rectification ensures that you can contact us and we will update it accordingly. We will provide you with confirmation once the update has taken place.
Right to Erasure – Under GDPR, you have the option for all records of your personal information held by Automotive Compliance to be erased. There are however a number of exemptions to this right, given that we may have legal or contractual rights to retain your personal information. If, however it is felt that Automotive Compliance holds information about you which is no longer necessary for the initial purpose it was collected, your right to erasure will be granted.
Right to Data Portability - GDPR provides you with the opportunity for your personal information to be provided back to you in a portable format. This means that you can transfer your data to a different provider without the need for you to provide it again to them. Right to Withdraw Consent – Automotive Compliance would like to give you the opportunity to manage the way in which we communicate with you. Under GDPR, this is known as the Right to Withdraw Consent. If for any reason, you would no longer wish for us to contact you, either entirely, or via certain methods, this right can be exercised. This simply means that Automotive Compliance will update your contact preferences within our systems, as well as advising third parties with whom we have supplied your information, of your updated preferences also.
Right to be Informed – This right encompasses the need for transparency over how we use your data and is the intention for this entire document. It ensures that Automotive Compliance supply appropriate notification about our processing activities and ensure that they are concise, transparent, easily accessible, written in clear, plain language and free of charge.
Right to Restrict Processing – This allows you the opportunity to let us hold your data but not process it for marketing purposes. If you request this right to be actioned, Automotive Compliance will place you on a suppression list where it is no longer processed.
Right to Object – Under GDPR you can object to processing based on legitimate interest or a task classified as being in public interest, direct marketing and processing for purposes of scientific/historical research and statistics.
As detailed throughout this statement, we will endeavour to ensure that your personal information is retained in accordance to legislation.
However, if for any reason we discover that your personal information has been breached in anyway, including lost, stolen or hacked,
dependant on the level of its severity, we will ensure that the ICO and you as a customer, are made aware within 72 hours of us understanding
that a breach has been made.
Automotive Compliance staff have been trained in being able to understand and appreciate whether personal information has been breached, and have a duty of care to ensure that the Automotive Compliance Data Protection Team is informed as soon as a breach has been identified.
Action will then be taken to minimise the risk to your personal data as seen fit in accordance to the incident including following guidance from the Data Protection Team and the ICO. We will also inform you once we are fully aware that the additional security measures have been put in place to further secure your information.
If you wish to contact us regarding;
The manner in which your personal data is handled updating your personal preferences utilising your personal rights wishing to complain
email us at GDPR@automotive-compliance.co.uk
Post your enquiry to The Data Protection Team, Automotive Compliance, The Factory, 44 Alfred Street, Gloucestershire, GL1 4DD
Please note, we may require proof of identity in order to complete some requests. A copy of your driving licence is the most suitable, however other forms of photographic identity are also acceptable.
If you remain unhappy with the manner that your data is being handled in, and/or you feel that the response is not sufficient, please contact the ICO using their website www.ico.org.uk who are the supervisory authority for Data Protection within the UK.
CALL US FOR A FREE HEALTH CHECK 01452 671 570