Last updated – 05 January, 2021
Your personal data is important and we understand you care about how it is used. When you use our services, you’re trusting us with your information which is a responsibility we take seriously. We work hard to protect your information and put you in control of it.
Who we are
Our website carsgt.co is an online automotive service owned and operated by Cars GT Ltd, who is the data controller of the personal information collected via, or in connection with our website, carsgt.co or our “Apps”.
Cars GT Limited is a company registered in England and Wales, company registration number 11478083 and whose registered office address is at 1 The Oaks, Mill Farm Courtyard, Beachampton, Milton Keynes, England, MK19 6DS.
- Our website – carsgt.co (“Website”).
- Our social media accounts.
- Our mobile applications (“Apps”).
This also relates to our use of any personal information you provide to us by phone, email, other correspondence and in person.
What we collect and store
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it for the purpose of retrieving your Globally Recognised Avatar (profile picture). After approval of your comment, your profile picture is visible to the public in the context of your comment.
When you contact us through our contact forms, as well as the information you provide us, we collect information about you to allow our customer services team to respond to your query.
We do not use any of the information submitted through our contact forms for marketing purposes and following the conclusion of your query, we will not contact you in the future unless you have explicitly given us consent to do so.
The information we may collect about you to assist with your query includes
- Your name: we’ll use this to address our response to you.
- Email address and contact details: we’ll use this to respond to your query.
- IP address and browser type: we’ll use this to, for example, help you resolve any browsing issues you may be experiencing on the site.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
While you browse the shop, we’ll track
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed, or similar products you may be interested in.
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping where relevant, as well as allowing us to optimise your browsing experience based on your access device.
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, payment details and optional account information like username and password. We use this information to
- Send you information about your order and account.
- Respond to your requests, including refunds and complaints.
- Process payments and prevent fraud.
- Set up your account for our store.
- Comply with any legal obligations we have, such as calculating taxes.
- Improve our store offerings.
- Send you marketing messages, if you choose to receive them.
If you create an account, we will store your name and email. If you create an account in the process of making a purchase from our shop, in addition to your name and email, we’ll also collect your address and phone number, which will be used to populate the checkout for future orders.
We will also store comments or product reviews and ratings, if you choose to leave them.
Third parties we receive data from
We may use third parties to provide the functionality to allow you to register for our Website or Services.
Data retention and security
How long we hold your data
We generally store information about you for as long as we need the information to do the activities we told you about, and we are not legally required to continue to keep it. For example, we will store order information for 6 years for tax and accounting purposes. This includes your name, email address, billing and shipping addresses.
For users that register on our website, we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
How we protect your data
We work hard to protect the personal data we process and maintain reasonable and appropriate technical and organisational security measures to prevent unauthorised access, alteration, disclosure, loss or destruction.
When you give us any personal information we’ll let you know how long we’ll hold it for. If we don’t say anything we stick to these principles:
- We use encryption to keep your data private while in transit.
- We store information only for as long as we need it to do the activities we told you about and we don’t hold your information any longer than we have to.
- We think about what type of information it is, the amount collected, how sensitive it might be and any legal requirements.
- We always think about the potential risk from anyone using or sharing this information without permission.
- We may close your account if it remains inactive for an extended period of time, usually 1 year. We’ll notify you by email to tell you that we plan to do this before we delete anything, so please check to see if we’ve sent you any emails about this.
- Access to personal information is restricted by strict contractual confidentiality to Cars GT employees, contractors, and agents who need that information in order to process it.
Data breach procedures we have in place
Should despite of our security measures, a security breach occur that is likely to result in a risk to the data privacy of our Users, we will inform the relevant Users and other affected parties, as well as relevant authorities as required by applicable data protection law, about the security breach as soon as reasonably possible.
Who has access to your data
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfil orders, process refunds and provide you support.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube video, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube to serve video on our Website in context with the relevant content or Service we provide. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
If your browser does not support web fonts, a standard font is used by your computer.
What rights you have over your data
The General Data Protection Regulation, or GDPR for short, is one of the biggest changes to data privacy law in recent years. It is designed to put you in control of how your information is collected and used by organisations.
If you are a resident of a country in the EEA, you have the rights, among others, to
- Access your personal data.
- Ensure the accuracy of your personal data.
- Have us delete your personal data.
- Restrict further processing of your personal data.
- Complain to a supervisory authority in your country of residence in the event that your data is misused.
If you believe that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your residence, your place of work or the place of the alleged infringement.
You may exercise any of your rights in relation to your personal data by
- Accessing and managing your data in your Cars GT Account.
- Emailing our data privacy team at [email protected].
- Written notice to us forwarded to our address, listed at the top of this page – Who we are.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
About this Policy