Deleting Personal Data from Vehicles: a GDPR Obligation for Automotive Businesses

This whitepaper and legal analysis clarifies GDPR obligations of automotive-related Controllers to delete personal data in vehicles, including dealerships, leasing, motor finance, motor insurance, car rental/car sharing companies, manufacturers, fleet management, and more have in regards to the personal data collected and stored in vehicles (e.g., navigation and smartphone data). It clarifies the roles and responsibilities of certain Processors when it comes to data deletion. It also clarifies the need for a documented procedure, robust process and relevant software to be used, relying on the knowledge and judgement of individuals is unlikely to meet requirements to demonstrate GDPR compliance.

The legal analysis of Aidan Eardley, King’s Counsel should be reviewed by legal counsel in the automotive industry operating in the United Kingdom and European Union.

By submitting your personal information you agree we may send you an email with the link to download this white paper.

User consents to receive marketing information from Privacy4Cars