Professional Documents
Culture Documents
Customer data is one of the most important assets of a dealer / AR. From the past, we within the Opel
organization are used to sharing our customer data with Opel, including via SADE, but also via other systems.
Besides the fact that this is a contractual agreement between dealer / AR and Opel, this method also has
advantages for dealers, such as handling (after-sales) marketing programs, proper functioning of myOpel and
jointly approaching certain customers. The customer data was synchronized daily and this method was
acceptable to many parties.
Many things have changed over time. The European Union has issued various data regulations, including the
GDPR. With the implementation of the GDPR at a national level, we see that the regulation for companies have
increased and the rights of customers have also increased. In addition, we see a significant increase in possible
penalties for companies if those regulations are not complied with.
In addition, the role of the importer / manufacturer in terms of customer approach has changed. The importer
/ manufacturer is appropriating an increasingly active role in the field of (online) retail and therefore also a
customer approach. This process has certainly accelerated with the entry of Opel to the PSA concern.
There is a great need to gain insight into the future retail landscape - as PSA envisions - for lead follow-up,
(online) retail and the provision of services. We see an increase in activities in the field of independent retail
from the PSA group, including by Distrigo, F2M, Spoticar, Mister Auto, Eurorepar and Autobutler. Questions
that arise here are:
- How will leads be followed up in the future. Will this process remain assured at dealers, or will PSA
take a more active role in this through the Customer Engagement Centre. What will be the role and
activities of such a CEC and for which costs and quality agreements?
- What does a joint contact plan look like. It is important that dealers maintain their independent role as
processor and that they always have access to their own customer data. The parties will have to make
a joint agreement on who, when and what communicates to a specific customer and also with what
timeframe also taking into account that specific customers are not always located in the same market
area as that dealer.
- Dealers are asked to share data with the PSA concern. To what extent will PSA share this dealer data
with other brands, but also with other group entities?
- What does the future IT network structure of the PSA organization with its dealers / AR look like and
what agreements will be made about this. Which documentation is available and which interfaces are
provided. This will also require inspection of the costs of various systems.
- What are the rules in case of contractual withdraw in protection to the dealers asset (customer data)
Next to these fundamental questions we would like to focus on the dealer / AR agreement articles and
appendices and highlight different GDPR issues and different Customer first issues. We have divided both
topics in no go items and items that address our concerns or questions to be solved. In the finale part we would
like to address some end of contract issues.
GDPR
A. No go items
1. The missing distinction between prospect and customer data is a must. The purposes of customer
date need to be different form the purposes of a prospect;
2. Dealers must be assured of keeping their full right of Processing Data at and the full access to the
Personal Data of their own customers and prospects at all times.
3. GDPR regulates customer data and allows controllers to ensure good protection and good
management of this data. The PSA data disclosure acts in full contrast with GDPR, in the way that
dealers have no full access to his own data, his data is shared with other parties and the dealer
can get (his own) data back under strict conditions.
4. A dealer that provides specific customer data (his own customer) needs to have the highest
hierarchy.
5. The mentioned cases of joint controllership are limited to one. We believe, that because of the
width of the shared data and multiple purposes, the specific GDPR regulation asks anyhow for a
joint ownership.
6. The content of the dealer agreement in art. 10.7.x.x / 11,7.x.x. gives a broader range of data
sharing in comparing to the Charta. In the contractual articles, we should make reference to a
Privacy Agreement.
7. in point 3.2 where it is provided the possibility for the Parent company to modify Appendices 1,2,3
it would be useful to insert the provision "following the joint agreement between the Parties"
C1st Process
A. No go items
1. The interface with C1st has to be bi-directional, real time and include contact history, purposes
and legal basis (consent, contract, legal obligations, vital interests of the data subject, public
interest and legitimate interest)
2. Many IT systems, platforms and other tools seem to coexist and are part of the C1 process and it
is necessary to have all the legal and technical information for each of them before any data
agreement can be made.
3. Dealers / AR have to be able to work on their own systems and according to their own processes