The Midland Automobile Club (MAC)’s Commitment to GDPR
The Midland Automobile Club (MAC) welcomes GDPR as an important step forward in streamlining data protection requirements across the EU and as an opportunity for The MAC to strengthen our commitment to data protection. GDPR requires a partnership between The MAC and our customers in their use of our services. The MAC aim to comply with all GDPR regulations and have updated our services and documentation to help support the MAC and our customers. The MAC will continue to monitor GDPR and update as the new laws come into effect.
An important aspect of GDPR is how the data is collected and used. As a data processor, the MAC’s key role is to provide our customers (the data controllers) with the access to effectively manage and protect their user data. the MAC is constantly investigating new ways to enhance our service offerings so that we can provide better transparency to our customers.
Data Integrity and Security
As our customers tighten their data security measures, the MAC would like to extend a helping hand. We’re streamlining the processes by implementing IT policies and procedures that provide end-to-end security with a long term view to complete Cyber Essentials Plus over the next 12 months to show we understand the importance of GDPR and they sit inline with our core values.
Working closely alongside our partners, the MAC have reviewed our supplier contracts to ensure GDPR regulations are met throughout our supply chain. All The MAC employees must complete data privacy and security training with GDPR specific content to ensure all our clients data is respected, kept securely and has the relevant retention policy applied.
The MAC generally will act as a data processor while our partners and customers generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to assist our partners and customers to meet their GDPR obligations. In the meantime, the MAC encourages partners and customers to independently familiarise themselves with the GDPR. For more information on GDPR go to the ICO website https://ico.org.uk and European commissioners GPDR page https://ec.europa.eu/info/law/law-topic/data-protection_en