404 Are some car dealers about to commit GDPR suicide? - Ignition

Are some car dealers about to commit GDPR suicide?

driving tips for neck and back pain
Driving tips for neck and back pain
Top Web Building Sites home builders Wix, Squarespace, Weebly,
Show all

Are some car dealers about to commit GDPR suicide?

GDPR suicide

Dealerships risk losing 85% of their customer data overnight due to a misunderstanding about the General Data Protection Regulation that takes effect on 25 May.

Recent research by our company, Ignition-Online, reveals that some dealers and manufacturers believe that, to comply with GDPR, dealers must send a re-permissioning email to their entire customer database, asking for confirmation that they wish to continue receiving email communications from the dealership. But according to the Information Commissioner’s Office (ICO), this is completely unnecessary!

It seems that everyone is running so scared of GDPR that they are confusing the very thing it is there to protect – privacy. It’s not about closing down legitimate businesses that have built up genuine customer data over many years. Some GDPR Steering Groups are trying to find complications in something that is very simple and completely black and white. The ICO told me “If you have collected data during the course of a sale or negotiation you have every right to continue using it”.

Soft opt-in, or re-permission?

The truth of the matter is that dealerships need to decide whether to ask their customers for re-permission, or to continue as before with a soft opt-in. The ICO has made it crystal clear, in writing, that car dealers can continue contacting previous customers, as well as anyone who they carried out negotiations with but who ultimately decided not to purchase.

The relevant text is Section 131 of the Privacy & Electronic Communications Regulation for direct marketing, which states:

 Although organisations can generally only send marketing texts or emails with specific consent, there is an exception to this rule for existing customers, known as the ‘soft opt-in’. This means organisations can send marketing texts or emails if:

  •  They have obtained the contact details in the course of a sale (or negotiations for a sale) of a product or service to that person;
  • They are only marketing their own similar products or services; and
  • They gave the person a simple opportunity to refuse or opt out of the marketing, both when first collecting the details and in every message after that. 


There is a lot of talk in the industry at the moment about ‘grey areas in GDPR’ and ‘let’s wait to see what happens’ but this is actually one area that is not grey at all. It is completely black and white.

Re-permissioning is irreversible!

It is a critical issue for dealers because the decision to ask for re-permission is irreversible. A re-permissioning email can only be sent once. It asks the customer to click to confirm that they wish to continue receiving future emails from a business. If they do nothing, the GDPR requires that this customer is removed from the database and is never contacted by email again.

What this means in practice is that if a mid-sized dealership with around 10,000 customer email addresses sends a re-permissioning email to every customer and the open rate is, say, 30%, then it has immediately lost 70% of its customer data! Furthermore, if only 50% of those customers who do actually open the email decide to click to confirm (and even that figure might be a little ambitious), that would mean the dealership only has 1,500 contacts left from its original database and that 8,500 have been wiped out overnight.

Just in case there is any doubt about how many times a business can go back to the customer for re-permissioning, the ICO is very clear on this as well. They told me “If you are asking them to re-consent and you do not receive a response, you should not continue to market, as no response is no consent.”

Ask a simple question

Dealerships should ask themselves one simple question. Will today’s online retail giants for example be sending emails to their entire database telling them that if they do not click a button to opt-in they will never receive another email from them again?

Of course they wont, because they understand the value of an email address to their business. In fact, they realise that having email addresses is their business, so why would they do anything to risk decimating that? They will do everything they possibly can to hold on to every single customer contact. Why should an email database be worth any less to a car dealership, and why would they give it up lightly? Especially when they have worked extremely hard to build it up.

Leave a Reply

Your email address will not be published. Required fields are marked *

Ignition is a Trading style of YCom Ltd registered in England & Wales. Reg. no: 05797705. Privacy Policy