On May 25th, 2018 GDPR came into effect, we will continue to ensure that we are doing everything necessary to ensure we remain compliant.
We will be making a change to remove all customer personal details from the emails advising a dealer that they have a new sales lead.
Each email may contain a different selection of personal details. These can range from only an email address for an emailed quote to name, two phone numbers and an email address.
To comply with GDPR legislation, we are going to be removing all reference to the customer's personal data and instead, the retailer will need to click the link and login to Showroom in order to view the customer's details.
We will continue to send the emails, it is only the content that will change.
Before we set this change live, we would like to hear from anyone who may be negatively impacted by this change so that we can discuss possible solutions with you. If you feel this will have an adverse effect on the way you process finance leads please contact a member of our client support team via phone on 0800 021 0888 or email firstname.lastname@example.org@codeweavers.net
We’ve made a few changes to Codeweavers' Privacy Notices. Here's a summary of the changes made:
We have added new Privacy Notices to our products for any instances that we are collecting and processing personal data.
The main areas Codeweavers collect and process personal data on your behalf are through finance forms within a Codeweavers Calculator or Showroom System such as:
Email Me This Quote - Privacy Notice can be found here
Apply for Finance - Privacy Notice can be found here
Motor Credit Check - Privacy Notice can be found here
Reserve it Now - Privacy Notice can be found here
If you require us to add additional information to cover you as the Data Controller or if you need Codeweavers to implement your Privacy Notice, please email: email@example.com
With the GDPR legislation coming into effect in May 2018, we will need some important information from you. In order to ensure we are GDPR compliant, we will need the contact details of your Data Controller Officer. In order to keep these records up to date, it is a requirement that you provide us with the full name and email address of your Data Controller Officer by the 18th May 2018 to firstname.lastname@example.org.
These details will be added to your account that we have stored on our system, we will need this information to ensure our Processing Activities document that is required by the ICO is relevant and accurate.
To find out what changes are being made to the Apply Form and the Showroom System to ensure it is GDPR-compliant click here.
If you would like any further information in regards to how Codeweavers are gearing up for GDPR, please email our team on: email@example.com
In February, the Compliance Consultant helped the Codeweavers team put together a list of outstanding items that need to be actioned before GDPR comes into play in May 2018. Codeweavers current privacy policies have now been finalised, along with a version ready to implement before GDPR. Throughout February, the Compliance Consultant got in touch with the ICO in regards to a series of questions Codeweavers required answering to ensure that Codeweavers are heading in the right direction to be fully compliant for GDPR.
In February, Codeweavers updated our terms and conditions to describe in detail what it means for Codeweavers to be a Data Processor on behalf of our customers. Codeweavers have also put together a communications plan to how we are going to update our customers in regards to the updated privacy policies and terms and conditions.
This month we have been finalising Codeweavers privacy policies for our range of products. As many of Codeweavers products capture personal data, but Codeweavers only process the data on behalf of our clients (the data controllers), the way we have put together the privacy policies have changed. Codeweavers have hired a Compliance Consultant to go through where Codeweavers are at and what needs to be done to ensure Codeweavers processes and products are compliant for the GDPR regulations.
In addition to this, this month we have been reviewing our processes for the 'Right of Access' from all areas of the business and completing many Data Processing documents for our clients.
In addition to this, the Codeweavers team have refined how we are undertaking audits to gear up for GDPR and we have put together a smaller more concise list of processes that need to be audited to ensure that they are manageable and can be updated on a bi-weekly basis. These audits have been added in a digital format in a process queue so we can review at what stage the audits are at.
We stopped the entire business for a day in October 2017 so the whole company could go through all Codeweavers products and databases to find anywhere where we process or store personal data. This was then looked at to see if there were any non-conformities and Product Owners who manage Codeweavers main pipeline of work are adding solutions to the pipeline to ensure we comply with GDPR requirements.
In October we also implemented a checklist of GDPR items that need to be ticked off when we start any project going forward.
In September we continued auditing different processes within Codeweavers - areas included marketing, HR and client support processes, we also audited what personal data Codeweavers developers handled. Any nonconformities found were put in the main pipeline of work as a priority to be resolved with a long-term solution.
The lean auditing training took place in August with an external Lean Auditor Training coming to the Codeweavers headquarters and training a member of each department for two days. Since then we have been auditing Codeweavers processes to ensure they are GDPR compliant. Any non-conformities found so far have been put in Codeweavers main pipeline of work to get sorted quickly and efficiently.
In July 2017 we started a continuous audit and compliance program. It was decided that a member of each department would take part in 'Lean Auditing' training
Codeweavers started gearing up for GDPR back in June 2017. Codeweavers put a team together consisting of eight employees from different areas of the business. The team coordinates the processes and requirements going forward to ensure Codeweavers will be fully compliant with the new regulations by May 2018. We have created an email address so any emails relating to GDPR should be sent to firstname.lastname@example.org.
It was decided by the team to launch a program to educate Codeweavers staff about the obligations under the GDPR, this has been ongoing from GDPR presentations to spot check questions being asked to members of the team to GDPR posters up in the office.
Please click this link to view Codeweavers Privacy Notice to find out why and how the information on this form is processed
By clicking continue, you are acknowledging that you have read the full privacy notice, and that you agree to proceed