Automotive distribution and retailing research, insight, implementation

Privacy statement

Privacy statement

Privacy statement

We take your privacy very seriously and we ask that you read this Privacy Policy carefully as it contains important information on:

  • The personal information we collect about you

  • What we do with your information


ICDP ('we' or 'us') is a 'Data Controller' registered with the Information Commissioner’s Office (Z352754X) for the purposes of the Data Protection Act 2008 (i.e. we are responsible for, and control the processing of, your personal information). The majority of processing is conducted at the following two offices:

  • ICDP, Central Boulevard, Blythe Valley Business Park, Solihull B90 8AG, UK

  • ICDP, The Squaire West 12, Am Flughafen, 60549 Frankfurt am Main, Germany


2.1 Personal information provided by you

As a business and employer membership organisation, we may collect the following personal information about you when appropriate, including: when you register with us, become a Member or Subscriber, or express an interest in one of our additional trading activities:

  • Company name and address

  • Contact names

  • Employee contact information i.e. email addresses, direct telephone numbers

  • Social media account details

  • Business information (including number of employees, types of business activities, turnover, site information etc)

  • Employee/Member testimonials

  • Photographs of businesses or individuals, for use on social media accounts, taken during scheduled audits/inspections

  • From business cards provided to us for yourself or others within your business

  • Photographs/videos of individuals/groups attending ICDP events, workshops etc – in such scenarios, attendees will be made aware of a photographer’s presence. Any photographs or film taken will not be used out of context and will only be used for reporting that event and/or promoting similar future events. (Any individual has the right to request they not be included in any photographs or filming and/or that any such photographs/film taken of them not be used)

2.2 We also collect personal information when you:

  • Contact us by telephone, through email or other written communication, submit an enquiry via ICDP

  • Send us feedback

  • Complete surveys or market research

  • When you consent to provide comment to be included in ICDP press releases

2.3 Personal information about other individuals

If you give us information on behalf of someone else (see examples under 2.1), you must confirm that the other person has appointed you to act on their behalf and they have agreed that you can:

  • Give consent on their behalf to the processing of their personal data

  • Receive on their behalf any data protection notices

  • Give consent to the transfer of their personal data abroad; and

  • Give consent to the processing of their sensitive personal data

You will need to be able to provide us with proof of this consent and instruction and the ICDP holds the right to ask you for this proof before performing the specific task.

2.4 Visitors to our websites

When someone visits www.icdp.net  we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will tell you. We will make it clear when we collect personal information and will explain what we intend to do with it.


We collect information about you so that we can:

  • Identify you and manage any accounts you hold with us

  • Process your enquiries

  • Provide advice and assistance through our legal, technical and other helplines

  • Conduct research and statistical analysis

  • Contact you by telephone to ensure you are aware of the services and benefits available to you thereby ensuring you receive value for your membership

  • Carry out Member/business profiling and analyse your membership service usage

  • Let you know about other products or services that may be of interest to you—see 'Communication’ section below

  • Detect and prevent fraud

  • Verify your identity and carry out business health and anti-fraud checks

  • Monitor your use of our Website and any response to communication campaigns

  • Information provided during telephone enquiries may be recorded, where appropriate, on our secure Member Database, to assist our provision of services to you

We do not carry out any processing operations that constitute automated decision making.


ICDP is a membership organisation created to represent the best interests of its members and to disseminate information. As an integral part of your membership, we will provide you with information by post, email and telephone to:

  • Keep you up to date on our research and activities through bulletins/newsletters and other e-mail and postal communications

  • Invite you to participate in surveys or other research specific to your sector

  • Invite you to relevant meetings and workshops

  • Contact you by telephone periodically to ensure you are receiving the most benefit from your membership

  • Ensure that you are kept up to date with the latest member services and benefits available to you

We consider our lawful basis for communication between ICDP and its Members, to be that of “Legitimate Interest” for GDPR/Data Protection purposes.

However, you can choose not to receive any of these types of communications – see Section 6 of this policy - with the exception of those required in order for us to fulfil our contractual obligations to you. Please bear in mind that should you choose to opt out of any communications, you may miss information and important news, and of course details of membership services which could be of significant benefit to your business.

We may, where appropriate, contact you with details of relevant, and association specific, supplier and business partner products – we will never pass your details to any third party for commercial or marketing purposes unless you have specifically requested that we do so. Similarly, we will only pass your details to a business partner/service provider at your specific request. 


We will use technical and organisational measures to safeguard your personal data, for example:

  • Access to website “Members Only” or other online Membership accounts is controlled by a password and user name that are unique to you or your business

  • We store your personal data on secure servers; and

  • Enforce strict and stringent policies and practices in relation to taking and processing card payments for Membership or Purchases in line with the PCI DSS (Payment Card Industry Data Security Standard)

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us projectoffice@icdp.net

5.1 What can you do to keep your information safe?

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses. 


6.1 Right to request a copy of your information

You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of this information, please:

  • Email, call or write to us (see ‘How can you contact us?’ – see section 10 below)

  • Click here to download the request form

  • Let us have appropriate proof of your identity and address (e.g. a copy of your driving licence or passport and a recent utility or credit card bill; or written authorisation on company letterhead etc), and

  • Let us know the information you want a copy of, including any account or reference numbers, if you have them

There is no charge for such requests, unless the request is deemed “manifestly unfounded or excessive, in particular because they are repetitive”, in which case we may charge a reasonable fee taking into account the administrative costs of providing the information, or may refuse to respond.

Subject access requests will be fulfilled within one calendar month of receiving the request, or receiving any additional information required to be able to fulfil the request. Should there be any legitimate or permissible delay (under the General Data Protection Regulation), you will be notified and kept informed of expected timeframes for delivery.

The information will be provided in a format appropriate to the request and the data held, i.e. electronically or hard copy.

6.2 Right to correct any mistakes in your information

You can require us to correct any mistakes in your information which we hold, free of charge. This will be completed within one calendar month. If you would like to do this, please:

  • Email, call or write to us (see ‘How can you contact us?’ – see section 7 below)

  • Let us have enough information to identify you (e.g. account number, user name, registration details), and

  • Let us know the information that is incorrect and what it should be replaced with

6.3 Right to ask us to stop contacting you

You can ask us to stop including you in Member or other communications. However, this would not apply where the communication is required for contractual purposes e.g. annual membership renewals.

If you would like to opt out of any Member communications, please:

  • Email, call or write to us (see ‘How can you contact us?’ – see section 7 below). It may take up to 10 working days for this to take place

  • Let us have appropriate proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill or written authorisation on company letterhead; etc), and

  • Let us know what method of contact you are not happy with if you are unhappy with only certain ways of contacting you (for example, you may be happy for us to contact you by email but not by telephone)

6.4 Right to be forgotten (the Right to Erasure)

Individuals have a right to have personal data erased and to prevent processing in specific circumstances.

The right to erasure does not provide an absolute “right to be forgotten”.  


Please contact us if you have any questions about this Privacy Policy or the information we hold about you.

If you wish to contact us, please send an email to projectoffice@icdp.net or write to the Data Protection Manager, ICDP, Central Boulevard, Blythe Valley Business Park, Solihull B90 8AG, or call on 01564711224 


We may change this Privacy Policy from time to time. You should check this policy periodically to ensure you are aware of the most recent version. 


If you would like this policy in another format (for example: audio, large print, braille) please contact us (see ‘How can you contact us?’ above).