In light of the forthcoming changes to the Personal Data EU Legislation, the General Data Protection
Regulation (GDPR), AP Automotive wishes to inform you as to how we handle your Personal Data within our company
and the Lawful basis for our activities.
What Data We Hold
As a customer of AP Automotive, we hold the following data, as supplied to us by yourselves:
1. Name and address
2. Contact details such as Phone Number and E‐mail address
3. In some cases, we also securely hold your Credit Card details
Why We Hold This Data
Broadly spoken, there are two main reasons for the holding of this data, using the language of the GDPR rules,
these are ‘Legitimate Business Interest’ and ‘Fulfilment of Contract’. Below are some more detailed
1. Name and address – This data is held for Legitimate Business Reasons. For us to
maintain a trading relationship, we need to know who you are and where you are based.
2. Contact details such as Phone Number and E‐mail address ‐ This data is held for Legitimate Business
Reasons. Without this data we would not be able to communicate with you regarding your vehicle status,quoting, upcoming maintenance, new products and pricing changes etc.
3. In some cases, we also securely hold your Credit Card details ‐ This data is held for Legitimate
Business Reasons. Copies of all card transaction receipts are securely held for accounting purposes.
Who We Share This Data With
We do not share your data with any other company for Sales & Marketing purposes.
How Long We Hold Your Data
We hold certain financial information for up to 7 years, to comply with separate UK Accounting Regulations.
Your Rights Under GDPR
If we hold your personal data, you have the following rights afforded to you under the new GDPR legislation:
2. The Right of Access – you can make a request to us for copy of what data we hold on you, where we
hold it and how we use it. This request will be serviced in a reasonable amount of time.
3. The Right to Rectification – if you feel that the data we hold on you is inaccurate, you have the right
for this to be amended. As a matter of course, we try to ensure the accuracy of your personal data with regular reviews.
4. The Right to Erasure – You have the right to request that we erase all your personal data from our
systems. This request should be addressed to our Data Controller and will be performed within a
reasonable amount of time and confirmed upon completion.
5. The Right to Restrict Processing – You have the right to request that we do not use your data for
certain specific activities – as an example, you may not wish to receive certain communications.
However, we would like to state that as a company, in this day of information over load, we strive to
reduce our communications to a minimal level.
6. The Right to Data Portability – where appropriate
7. The Right to Object – you have the right to object to us using your data for certain activities
8. The Right Not to be Subject to Automated Decision‐Making – until further notice, this activity does
not take place within our company. An example of this, to aid understanding only, could be the
online application for a loan or credit card, where your provided details are automatically processed
to result in an approval decision. No such processes currently exist within our company.
Questions or Requests
If you have either a question pertaining to the Personal Data we hold on you or wish to make a requested
based on the Rights afforded to you by GDPR, please address them by E‐Mail, to firstname.lastname@example.org and make it for the attention of the Data Protection Officer. Or via post to AP Automotive, Unit 14 Ketley Business Park, Waterloo Road, Telford, TF1 5JD.