Everyone’s talking about the GDPR (General Data Protection Regulation) and with only a month to go until implementation, businesses are reviewing and improving their procedures for collecting and storing customer and employee data.
The GDPR applies to every UK business, but for logistics firms, where creating and collecting large amounts of customer data is the backbone of daily operations, compliance with the GDPR will involve some adjustments to your procedures, even if your business is currently in compliance with the Data Protection Act.
What is the GDPR?
The GDPR is a legislation that comes into force on May 25th 2018, with the sole purpose of protecting an individual’s personal information. It also gives individuals, be it customers or employees, more rights in terms of how their data is collected and used.
What are the penalties for non-compliance?
The maximum fine for being in violation of GDPR is €20 million (roughly £16 million) or 4% of your annual turnover (whichever is higher).
In addition, any breach or investigation can be made public by the Information Commissioner’s Office (ICO), causing irreputable damage to your company’s reputation.
Why is GDPR so critical to the logistics industry?
Advancements in technology have meant that over the past few years the logistics industry has become heavily digitalised. In order for logistics firms to respond to customer demand quickly and efficiently, large amounts of data are generated on a daily basis, and under the new GDPR, that data must be safeguarded. Drivers alone collect huge amounts of personal information from handheld devices – names, addresses, phone numbers. If this information was leaked and fell into the hands of a third party, the consequences would be severe, especially if no provision for GDPR compliance can be demonstrated.
How does it affect drivers?
It’s impossible to operate a fleet of vehicles without needing to collect a wide range of personal data on your drivers. Contact details, health records, driving licence checks – all of this sensitive information must be securely stored and protected in-line with GDPR legislation.
How have my customers’ privacy rights changed?
Post GDPR, individuals will be more aware of their rights and at any time could contact you to find out where their data is stored and how it is being used. You will have 30 days to respond to such queries, so as part of your GDPR preparations, reviewing how and where your customer data is stored is essential.
Individuals will also have the power to evoke the ‘right to be forgotten’, which means they can request that any data you have on them is deleted from your records.
If you’ve taken professional advice and prepared your business and employees to ensure your procedures are GDPR compliant, you should be safe in the knowledge that you have made adequate provision to protect your customer and employee data and reduced your risk or incurring fines post the May deadline. If GDPR isn’t on your radar yet, it should be. Time is running out!
Savanna Driver Recruitment is a specialist driver recruitment and training provider, matching experienced temporary and permanent LGV (HGV), HIAB and Moffett drivers to businesses throughout London and the South East. We have a bank of experienced and reliable drivers ready to meet your requirements, whether that’s multi-drop pallet distribution, general haulage or courier deliveries.
To enquire about a driver, please call Savanna today on 0330 335 8367 or complete our client Enquiry Form, and one of our team will be in touch within 24 hours.