• FOLLOW ACFO
  • Twitter
  • LinkdIn

Fleet operators told ‘don’t panic’ over GDPR introduction

Fleet operators told ‘don’t panic’ over GDPR introduction

Fleet operators have been told “don’t panic” over the introduction of the General Data Protection Regulation (GDPR), which comes into force today (Friday, 25 May).

Vehicle camera and mobile tracking system supplier Crystal Ball says GDPR requires a major change in the way fleets handle telematics data, but if businesses carefully followed a number of steps in managing the information, they should be safe from being fined.

Crystal Ball has published a GDPR white paper and managing director Raj Singh said: “Telematics has revolutionised the fleet sector, making it possible for businesses to get extremely accurate information on the action and behaviours of their employees and the operational state of their vehicles when they are out on the road.

“There was concern that GDPR would negate this at a stroke, because employees may have been able to ask to have their personal data deleted, but if [fleet managers] follow procedure and demonstrate good practice and lawful use of that data, then telematics will still be integral to fleet operations.”

GDPR requires more accountability from firms in holding and processing their employees’ personal data and showing reasons for keeping it. Failure to comply could result in penalties of up to €20 million or 4% of revenue.

Regarding telematics data, covering such information as journeys, mileage, speeding, fuel usage, time on the road and any other statistics produced by tracking that refers to an individual employee, firms will have to prove what lawful basis they have for collection and why it has been kept.

Mr Singh said if companies adopted the ‘legitimate interest’ for processing personal data, they should have carried out a ‘legitimate interest assessment’ on the personal data they collect and keep. They should also have issued a revised privacy notice to all employees dealing with telematics data in detail.

Mr Singh said: “We felt there was a lot of conjecture about GDPR, some of it wildly inaccurate, and so we created a white paper to summarise what fleets need to know. The simple message is ‘don’t panic!’ If fleets managers properly manage telematics data they should have nothing to fear from GDPR.

“There are a number of changes to the way they should manage what they have, not least in ensuring that personal data which identifies employees is securely protected and that employees are fully notified of the collection and processing of their personal data. These are not entirely new processes, however, and are an evolution of the current Data Protection law, not a revolution.”