Car dealers preparing for the arrival of General Data Protection Regulation will be able to gather valuable insight and guidance on all aspects of compliance at AM’s forthcoming GDPR conference.

With new EU data regulations coming into force in less than six months and updated guidance from the Information Commissioner’s Office, the regulatory body tasked with responsibility for data protection, published in December, AM has launched its own specialist GDPR conference.

Covering some of the major aspects of the new EU legislation – General Data Protection Regulation or simply GDPR – the conference takes place at the Hilton Doubletree, Milton Keynes on 22nd February 2018.

The biggest shake-up in data protection regulation in decades, preparations in the automotive sector are well underway and the AM event has been designed to provide a guide to compliance and deliver insights to help dealers ensure their preparations are far-reaching enough.

AM editor Tim Rose said: “Data has always been the lifeblood of the automotive retail sector and dealers now have extremely sophisticated contact cycles in place which utilises all methods of communication from telephone to email incorporating social media and website tracking.

“Whilst most dealers will already have stringent practices in place as required by the current legislation, they will undoubtedly need to firm-up practices and tighten procedures to comply with GDPR.

“We have designed this conference as a ‘checklist’ for dealers so they can be confident they have covered everything off and compare their strategy to colleagues and GDPR experts.”

Drawing on the expertise of compliance specialists, marketing gurus and data protection experts, this event tackles a host of questions such us what amounts to a security breach and when it needs to be reported to the ICO and whether dealers can continue to contact their database.

The ICO provided expanded guidance in December including the lawful basis for processing data and in particular surrounding legitimate interest https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/ , viewed to be one way in which businesses could contact their current database prior to gaining the enhanced consent.

Speakers include data experts from the Direct Marketing Association exploring the implications for marketing including consent and other ways data can be processed. Legitimate interest, for example, could provide a means to maintain contact (prior to obtaining the new enhanced consent), but processes will still need to be followed.

For example, an audit trail which explains why a communication falls under legitimate interest should the ICO come calling as a result of a complaint will need to show the reason for the contact and how a decision of legitimate interest was reached.

Specialists in cyber security will explore data breaches and how to determine if there has been a risk to people’s rights and freedom and how to put it right.

Insights will help dealers decide whether the organisation or suppliers should be ISO27001 accredited, the international standard for best practice for international security management systems, and what it means in practice.

The conference will also discuss the new guidelines for telephone contact which could prevent companies from making call reminders for car servicing and MOTs.

Members of the Telephone Compliance Council, set up to represent the interests of businesses that rely on calling members of the public, take a closer look at the forthcoming EU e-Privacy Act against the backdrop of GDPR.

Customer information used for calling will be covered by the new data regulations although the actual telephone contact with the public is governed by privacy law - currently that’s the Privacy and Electronic Communications Regulations (PECR) which will be replaced by the new act.

The event explores the biggest challenges facing dealers and how dealers are preparing to tackle the GDPR legislation as well as providing advice and guidance.

It will include understanding how dealers should ensure employees have the right knowledge and training to be compliant and whether a data compliance or data protection officer is necessary.

The conference provides dealers with the opportunity to find out how other businesses are approaching GDPR and to benchmark strategy and processes against the opinion of the experts.

The event also provides delegates with the chance to exchange views with dealer and manufacturer colleagues.

Dealers can book their place at https://amgdprconference.am-online.com/