Your consent is required

In this section, external content is being embedded from .

To display the content, your consent is required for the following cookie categories:

  • Targeted Advertising
  • Analytics
  • Person­al­iz­ation
  • Essential

For further details, please refer to our privacy policy. If you are interested in how ###vendor_name### processes your data, please visit their privacy policy.

Are you ready for the GDPR? A reminder of what’s changed

With the GDPR upon us, the chequered flag for compliance has been waved for fleet operators.

Businesses and their supply chains must ensure they have the appropriate infrastructure, procedures and culture in place if they’re to avoid infringements.

The good news: for many it will largely be a case of business as usual as the majority of the GDPR requirements are already covered by existing European data privacy laws. Yet there’s still some key changes for you to be aware of if you’re responsible for a fleet.

The role of fleet departments in compliance

Although fleet departments will rarely shoulder ultimate responsibility for compliance, they will have an important part to play ensuring that driver data usage is lawful, there’s a documented audit trail, responsibilities are clearly communicated and fleet supplier relationships are managed.

In some quarters, the lawful basis for processing data under the GDPR, such as that generated by telematics systems, may lead to confusion but fleet operators will often find they have either a legitimate interest or a contractual justification for doing so.

Below we provide you with an at a glance summary of the key changes fleet operators should be aware of.

Greater emphasis has been given to the rights of the individual

Company drivers, along with other employees and relevant individuals, must be fully informed in advance about how their personal data is used, why, by whom and for how long. Furthermore, processes should be in place that empower them in this area, allowing them to either grant permission or, with some restrictions, request that use of their data be stopped.

Fleet operators will often have a legitimate interest or a contractual justification for processing personal data. Legitimate interest may cover the likes of mileage data processing for leased vehicle contract management or driver behaviour data to protect drivers’ road safety. Contractual justification might include using telematics data to record drivers’ start and finish times.

All personal data risks must be mitigated

You have a duty to identify and mitigate the risks of personal data being misused. We believe this requires documentation outlining how and why you’re using personal data. From a fleet perspective, this data might include drivers’ GPS location data, their driving hours, medical conditions relating to ability to drive or performance and disciplinary information.

You now only defer to a single regulator

Dealing with just one regulator with regards to data protection could prove a big advantage for multi-national fleet companies. For fleets operating vehicles across country borders, it also means being governed by just one set of laws – the country where they’re headquartered. It also means drivers can liaise with the regulator in their own country.

Data security requirements have been strengthened

Greater protection is now afforded to wider unauthorised use of personal data, taking into account the new digital environment. This protection is based on an assessment of the sensitivity of the data in question. From a fleet perspective, sensitive data might include anything from speeding tickets to the GPS location data generated by telematics systems.

Fleet operators should review the GDPR compliance of their suppliers and seek out those with demonstrable competence, such as certification to ISO 27001.

Heavier fines for non-compliance

The cost of failing to comply with GDPR can be huge, and in some cases could prove business critical. Infringements can result in maximum fines of €20 million or 4 per cent of annual turnover – whichever is higher.

Want to get all the information on what the GDPR means for you and your fleet? Then make sure you check out our free guide to the GDPR.

Beverley Wise
As Webfleet Regional Director UKI for Bridgestone Mobility Solutions, Beverley Wise has more than 20 years of experience in the automotive industry, primarily within the leasing sector. She firmly believes that being a decisive leader is key to delivering great success. She likes to innovate with her mantra of "Ask for forgiveness, not permission," helping to move businesses forward. She has a strong work ethic and strives to be the best she can be, which she likes to instil into teams she manages, being fair but firm with a high degree of empathy. Beverley has been with Webfleet overseeing UKI sales for six years, where she has seen several changes. She is passionate about the future of the automotive industry, believing that the transition to electric or alternative-fuelled vehicles is a real game changer.

Subscribe to the Webfleet Blog

Sign up for monthly news and tips to improve fleet performance. You can unsubscribe at any time.

Please provide a valid email address.
Please choose the type of industry.

Your personal data is safe with us. See our privacy policy for more details.

Apologies, but no results were found.


Search blog

Fleet management