With great power comes great responsibility

Data, data, data. Organisations are inundated by data every day, from sales, to clicks on websites, and the people entering a car park. Individually, the data points may seem random, but, with the right tools, the millions of data points may tell a story. As has been explored by many a new technology, like sensors within car parks and wayfinding apps.

A treasure trove of data that analysed properly can provide you with great feedback help you create a better experience for your customers.

But with great power comes great responsibility.

This is where GDPR comes in, to keep us all in check. GDPR is the topic of the moment, it is the acronym spoken in hushed tones by those of us unsure of the changes, and wary of the increased fines that have been splashed across the tabloids. So let us help you as much as we can.

The General Data Protection Act, more commonly known as the GDPR, is an EU regulation intended to strengthen and unify data protection for all individuals within the European Union. It applies to ‘personal data’. However, the GDPR’s definition of it is far more detailed than the Data Protection Act and makes it clear that information such as an online identifier – for example an IP address – can be personal data. The more expansive definition reflects changes in technology and the way organisations collect information about people.

For some organisations, this big issue, is BIG, for example healthcare organisations collect a minefield of data, they are a huge collector of personal data, and rightly so to provide you with great health care.

For parking there are a number of considerations and we list a few here to get you started:

• Vehicle registration marks are considered personal data as they can be linked back to personal data held by DVLA
• Payment data
• Does someone have to sign up to use the EV charger? Do they have to provide personal details?
• Can they book to park in your car park on your website?
• Do they appeal through your website?

Of course GDPR will have an impact on this. But my purpose here is not to scare you or your organisation. Don’t shy away from what you are not familiar with, face it.

There is time, the GDPR will apply in the UK from 25 May 2018.There is also plenty of help about. Take a look at the ICO information, which provides a clear overview of the GDPR and 12 steps to compliance.

Keep an eye out on future guidance in articles on our website and in Parking News too, for helpful case studies and legal advice from Lawline.

If you have any questions about GDPR and you are a BPA Member, you can get up to 30 minutes of free advice from our dedicated GDPRLine, part of the BPA Lawline service. Phone 0345 241 3024 or e-mail bpa@jmw.co.uk