1. LEGAL INFORMATION
2. COLLECTION OF INFORMATION
- 2.1 We collect personal data, which under applicable data protection legislation, in particular Regulation EU 679/2016 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also referred to as the "GDPR"), includes information that can be used to identify you, including some or all of the following: your first and last name, address, phone number, date of birth, email address, vehicle information (including registration number, VIN, the vehicle’s make and model, service reminders, the use of the vehicle and mileage), the date and time you purchased any of our products or services and from who, device information, images and videos of you at any of our marketing events, CCTV, GPS information, your IP address, the pages you visited on our website, your social media profile/ accounts, voice recordings of calls to and from us (including our contact centre), any information within correspondence you send to us and, where you contact us in the course of a business or trade, we may collect your job title, company contact details and other company details (hereinafter as "Personal Data").
- 2.2 We collect your Personal Data when you use our website, applications, attend any of our events, purchase our goods or services or when you contact or interact with us, which includes sales and marketing activities.
- 2.3 We also obtain Personal Data from Pirelli & C. S.p.A. and/or any of its subsidiaries incorporated in Europe (“Group Companies”) and other third parties including, for example, companies that handle services on our behalf, authorised dealers or sellers of our products or services, government departments or public directories. We may also request additional information from you in certain circumstances. When we receive this information we add it to the information we already hold about you in order to help us make sure that your details are as up to date and as accurate as possible.
3. Use of PERSONAL DATA
4. SHARING OF PERSONAL DATA
We may share your Personal Data with other data controllers or data processors when authorised by law or as follows (but please note that we will not sell your Personal Data to third parties):
- (a) Group companies. Your Personal Data may be shared with Pirelli & C. S.p.A. and/or any of its subsidiaries incorporated in Europe, to pursue legitimate interests related to the performance of technical and organisational activities functional to the purposes described in Section 3.
- (b) Third party or affiliated service providers. Your Personal Data may also be processed by service providers, including authorised dealers that we use to facilitate or outsource one or more aspects of the operation of our business. These service providers are subject to confidentiality agreements with us and other legal restrictions that prohibit their use of the information we provide them for any purpose other than to facilitate the specific outsourced or service related operation, unless you have explicitly agreed or given your prior permission to them for additional uses.
- (c) Payments by debit or credit card. In order to allow you to pay for the products and/or services purchased by debit or credit card, if applicable, your Personal Data will be processed by the selected operator of the banking circuit, which shall act as autonomous personal data controller.
- (d) As permitted or required by law. In certain cases, we may be required to provide Personal Data in response to a valid court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful or in violation of applicable laws. We may release certain Personal Data when we believe that such release is reasonably necessary to protect the rights, property, and safety of others and ourselves, or to detect, prevent, or otherwise address fraud, security, or technical issues.
5. Your privacy rights
- You have several privacy rights in accordance with the GDPR. You have the right to access to your Personal Data processed by us, correct it, delete it, limit/restrict the processing of your data that can be performed by us, you have the right to transfer your Personal Data and the right to be notified about any possible data breaches. In order to exercise your rights you can contact us at email@example.com. You can also lodge a complaint with the Information Commissioner’s Officer. Their contact details can be found on their website at www.ico.org.uk. We may not be able to accommodate every request related to certain information if we believe this would violate any law or other legal requirement, or other data subjects' rights.
6. Retention of personal data
- We will retain your Personal Data for: (i) as long as any of your accounts remain active (if applicable); (ii) as needed to provide you with services and products, if any; (iii) for a period of 1 (one) year from our last contact, in case you have requested information and/or assistance only; (iv) for the period mandatorily requested by the GDPR with respect to Personal Data collected for purposes of specific activities, initiatives or contests; (v) for marketing purposes, for a period of 2 (two) years from the end of last communication from us, unless otherwise requested by you. We will also retain your Personal Data as necessary to comply with our legal obligations (eg. keep a record of your transactions for administrative purposes), resolve disputes, and enforce our rights (i.e. to defend any claims). We will delete your Personal Data upon your request, if permitted, in accordance with the GDPR.
7. where we store your personal data
- We will store your Personal Data on our IT systems which are based in the European Union.
8. PRIVACY POLICIES OF THIRD PARTIES
9. LIMITATIONS TO MINORS’ PERSONAL DATA
- If you are a minor, please do not provide us any Personal Data about yourself without the provision of adequate consent by the holder of parental responsibility over you. If we learn that we have collected Personal Data from a minor, without the holder of parental responsibility's consent, we will promptly delete that information. If you believe we have collected Personal Data from a minor, please contact us at firstname.lastname@example.org.
10. SECURITY OF PERSONAL DATA
- 10.1 We have security protocols in place to protect your Personal Data from unauthorised access, improper use or disclosure, unauthorised modification, and unlawful destruction and accidental loss. We only allow access to our databases when necessary, and then under strict guidelines as to what use may be made of such data.
- 10.2 It is your responsibility to protect the security of your login information, and we recommend that you use a unique password for our website that is different from the password you may use on any other site.
12. HOW TO CONTACT US