Privacy for Automotive

Creating value from data while complying with the GDPR



Connected vehicles are becoming the standard, and IoT-technology turns vehicles into massive data hubs that store and transmit large amounts of personal data. This means not only that the amount of data processed is increasing, but also that state-of-the-art technology allows us to collect more sensitive information, like biometric data. The opportunities that emerge from this development, lead to a revolution in value creation within this industry. But how can companies in the automotive industry take advantage of this, and at the same time make sure that the personal data involved is handled with the utmost care in compliance with the General Data Protection Regulation (GDPR)? And how can core principles like privacy-by-design and privacy-by-default in the development of IoT technology ensure that this is done in a cost-efficient way? Important issues that DPO Consultancy can help you with!

Complex ecosystem

Where in-vehicle connectivity was initially primarily found in elite luxury models, it has expanded rapidly in recent years to high-volume, mid-sized models. In almost every new vehicle, it is now possible to collect and record, for example, the locations visited, engine performance, driving habits, or even the driver’s eye movements. An increasing amount of personal data is being processed in a complex ecosystem, which includes traditional players from the automotive industry, but also new players in the digital market economy. It is no surprise that many companies in the automotive industry struggle to determine what they can and cannot do within the boundaries of the GDPR. DPO Consultancy, therefore, works with and for automotive companies on specific products and solutions for privacy management, with which they can organize their data processing in such a way, that they can still create value and reduce costs.

“The opportunities in using data leads to new business models on the one hand, and possibilities to reduce costs on the other hand.”

Jelmer Pieters – Managing director DPO Consultancy – MBA CIPP/E

Industry specific solutions

With the level of sensitivity of the data collected in connected vehicles, it is important that every category of data should has a tailored security level. The principles of privacy-by-design and privacy-by-default tremendously support the process of reducing costs because of early involvement (no need to make expensive adjustments later in the process) and reducing privacy and security risks, with the usage of, for example, local storage of data, anonymization, and pseudonymization. Based on our experience, we have developed specific industry solutions for automotive companies. Using best practices, templates and standard procedures, we can set up privacy management within automotive companies quickly, efficiently and professionally. And with our DPO-as-a-service solution, we ensure a strong, durable, and resilient data privacy program to stay compliant in the future.

Connected vehicles: How to create value and reduce costs while complying with the GDPR?

White paper

Connected vehicles and the GDPR, what data needs your special attention?


Connected vehicles and privacy. How to manage individual’s rights under the GDPR