Privacy Policy

Privacy and Personal Data Protection Policy

Definitions

Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Controller: the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Principles Relating to the Processing of Personal Data

Personal data shall be:

  • Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be incompatible with the initial purposes (‘purpose limitation’).
  • Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’).
  • Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay (‘accuracy’)
  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’).
  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’).
  • The controller shall be responsible for and be able to demonstrate compliance (‘accountability’).
  • Collect and use the personal information to operate its website and deliver the service requested
  • Disclose personal information, without notice, if required to do so by law or in the good faith of belief that such action is necessary to confirm to the edicts of the law or comply with legal process served on Car Tech LLC or the site; to protect and defend the rights or property of Car Tech LLC and/or to act under exigent circumstances to protect the personal safety of users of Car Tech LLC, or the public
  • Automatically collected by Car Tech LLC website. This information can include IP address, browser type, domain names, access times and referring website addresses. This information used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Car Tech LLC website
  • Contact person via email for the purpose of providing announcements, alerts, confirmations, surveys, and/or other general communications

Car Tech must comply with all these principles, in both current and future processing methods, such as the new IT systems. The operation of an information security management system (ISMS) that conforms to the ISO/IEC 27001 international standard is a key part of that commitment.

Policy and Obligation

Car Tech is obligated to comply with all legislation regarding data protection.

Car Tech does not sell or gather personal data. Car Tech is contracted to transfer data, the data is not retained and may not be used for any other purposes. Car Tech is contractually obligated to these terms. Car Tech does not have the right to release, alter, or delete any personal information found in transferred data. Any request by a consumer cannot be fulfilled by Car Tech because Car Tech does not have the rights nor the ability to verify a consumer request.

Car Tech will notify people about significant changes in the way treat personal information by sending a notice to the primary email address, by placing a prominent notice on website, and/or by updating any privacy information on the page of website.