DIA GDPR Guide 2018

Screen Shot 2018-05-25 at 14.14.32

Data protection law has changed. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

Any company, big or small, will need to be aware of the new regulations regarding the secure collection, storage and usage of personal information and how they relate to their business. But the good news is that the GDPR recognises that smaller businesses require different treatment to large or public enterprises.

Read our GDPR Guide to help you get your head around all of the updates made.

We have also compiled a list of some useful links from the Information Commissioner’s Office (ICO) for you to look at.


While this is not an exhaustive list, the aim is to point you in the right direction:

Privacy Policy
Ensure you have a Privacy Policy in place – here’s a good sample Privacy Policy to use as a starting point from Invest Northern Ireland, the official online channel for business advice and guidance in Northern Ireland. You’ll find several sample Privacy Policies around if you do a quick Google search, so you don’t have to use this one, but it might be useful to give you an idea of the sort of things to include.
 

All ADIs run their business in different ways and so you will need to write a Privacy Policy that is applicable to your business. Let your customers know that you have a Privacy Policy and ensure they are happy with it – get them to have a read of it when you start working together, just as you would with introducing them to your business terms and conditions. 

We have been informed by DVSA that the ICO will be updating their own information and FAQs to include specific guidance for ADIs, so keep your eyes peeled for this in due course. 

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

2 thoughts on “DIA GDPR Guide 2018”

  1. Stephen Rudgley

    I have read through this and a number of other pages offering advice. You make the assumption that all driving instructors do training.
    Training is usually to a group not a individual. You are telling us to register to protect yourself in case you got it wrong. I am not registering I am complying only. No one can sort this as the regulations are so open as they try to deal with individuals and multi national companies.

  2. Edward Voller

    I see lots of posts on social media where an instructor has taken a photo of a client with their pass certificate in clear view after passing their driving tests.
    This must have a GDPR implication as there are personal details on view with a photo of the person and often the name of the individual is clearly stated in the social media post.
    I don’t think that sole trader ADIs realise what they’re doing, probably through lack of awareness. Larger brands must make their employees and franchise holders aware of the rules and demonstrate due diligence appropriately.
    What does the DIA think?

Leave a Comment

Scroll to Top
Read about our response to COVID-19