Cyber security is essential than ever, and DVSA takes responsibility to safeguard our MOT records, personal information character and MOT Vehicle-related information extremely seriously. The DVSA's Information Management and Security (IMS) team ensure that the data usage and storage are safe across all of our services. All registered MOT Testers and MOT Testing Centres are also forced to comply with DVSA's data privacy rules.
From May 25, 2018, the GDPR establishes standards for how businesses must manage personal data. It would strengthen the rights of persons whose data is held and allow them greater control over what happens to their data, among other things. Any organisation that violates such rights or fails to implement the GDPR accountability principle may face financial penalties. Data controllers and processors, such as MOT Testing Centres and MOT Testers, must take technical and organisational steps to secure the data they store against loss, unauthorised access, and abuse, according to the GDPR.
MOT Testing Centre and MOT Testers should follow the six GDPR principles under the Data Protection Act 2018 are
• Personal data, such as vehicle and customer information, must be handled in a lawful, fair, and transparent manner.
• Personal information must be acquired for specific, stated, and legitimate objectives, and it must not be handled in a way that contradicts those goals.
• Personal data must be sufficient, relevant, and limited to what is required.
• Personal information must be correct and maintained up to date as needed.
• Personal data will only be kept for as long as it is required.
• To maintain data security, personal information must be handled under the Data Protection Act of 2018.
All of the principles above will be followed by the DVSA in all data sources, including the Testing and Registration System (TARS), the online MOT system, the Vehicle Operator Licensing Service (VOL), and internal apps like Yammer and SharePoint. It is essential to follow these by MOT Testing centres, MOT Training Centres, MOT Testers to comply with Data Protection Act 2018. At MOT Expert, our MOT training classes will embed technology to secure the customer and vehicle information. DVSA objective is to tax and licence the correct drivers and vehicles as quickly, safely, and effectively as possible. DVSA manage more than 49 million driver data and more than 40 million vehicle records to perform primary obligations, and they collect about £6 billion in vehicle excise duty (VED) each year.
Personal data is defined under data protection law as any information concerning a ‘natural' (living) person who may be recognised, directly or indirectly, by referring to details like
• a name
• a place
• an identifying number
• an online identification that contains information about a person's physical, physiological, genetic, mental, economic, cultural, or social identity
The DVSA stores personal and non-personal data in several databases and information repositories. Many are essential to the DVLA's operations and law enforcement.
In the MOT Industry, there are several types of personal data
• Personal information
• Financial information of goods or services offered
• Contact information
• Social media identities
• Market research and survey (including opinions and comments)
• Information of complaints, occurrences, and grievances
• Visual pictures
DVSA and MOT Testing Centre may also process additional sensitive information, such as
• Data on health
• Convictions and offences in the criminal justice system
• Racial or ethnic origin
• Religious or other beliefs
• Trade union Membership
• Biometric data
Individuals have a range of rights over their personal data under the General Data Protection Regulation (GDPR). The right to know is an essential component of data protection law's transparency obligations. In the MOT Industry, by law, you have a right to
• view your data - you may view and download your personal information for free in digital format.
• Be informed - you should be aware of and understand what happens to your personal information and why.
• We must erase your data unless there is a "compelling cause" to preserve it.
• You can access and reuse your personal data with other services if you relocate your data.
• Human-made decision-making - If automated decision-making about you has legal or substantial repercussions, you can opt-out.
In the MOT Industry, all must contribute to the Data Protection including MOT Testers, MOT Centre Managers and front office staff to keep the personal and non-personal information secure. Also, the information used in the MOT Testing and Training Centres must comply with the GDPR and Data protection guidelines.