Data Breach Policy

At Whites Auto Centre we understand that EU citizens have certain rights in respect of their personal data and we need to have a process in place to deal with data breaches should they occur under the GDPR regulations.

Whites Auto Centre will appoint a person responsible for keeping the data breach register up to date and be responsible for all aspects of overseeing the company is compliant for any data breaches within the GDPR regulations.

When a data breach has occurred, the ICO suggests the need to establish the likelihood and severity of the resulting risk to people’s rights and freedoms. If it’s likely that there will be a risk, then we will notify the ICO; if it’s unlikely then we won’t report it.

In any case each breach will be assessed, and the decision agreed will be justified and documented in a register. Assessments will be considered in line with advice from the ICO website.

Reporting time limits

Any applicable data breaches will be reported to the ICO within 72 hours where possible and to the affected individual (s) without delay.

Updated May 2018