Please read this policy carefully and ensure that you understand it because describes how we process personal data as part of our business operations, including the types of personal data that we collect, the purposes for which we use it, the types of third parties to whom we share it, and your rights and responsibilities you may have with respect to such personal data.
Our site may contain links to other websites. Please note that we have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
We have updated this policy to reflect changes in data protection law. This policy was last updated 31st March 2020.
At Auto Integrate, we’re committed to protecting and respecting your privacy
This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.
Any questions regarding this policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to The Data Protection Officer, 2000 Lakeside, North Harbour, Portsmouth, PO6 3FE.
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. For purposes of this policy, we use the terms “personal data” and “personal information” interchangeably.
Who are we?
We’re Auto Integrate, a specialist provider of revolutionary e-commerce solutions to the automotive service and fleet management industry
In this policy ‘Auto Integrate’, ‘we’, ‘us’ or ‘our’ means:
- Auto Integrate LLC, a Delaware limited liability company, 801 W Thorndale Ave Itasca, IL 60143 United States
- Auto Integrate LTD (company no. 08478923, VAT No. GB173428012). Registered address is 24 The Vulcan, Gunwharf Quays, Portsmouth, Hampshire, PO1 3BF
How do we collect information from you?
We obtain information about you in the following ways:
Information you give us directly
For example, we may obtain information about you when you apply for a job, contact us to ask a question, to request support or register your shop to join the Auto Integrate platform.
Information you give us indirectly
Your information may be shared with us by third parties, which might include:
- fleet management companies
- rental-car companies
- subcontractors acting on our behalf who provide us with technical, payment or delivery services, our business partners, advertising networks analytics providers and search information providers.
When you visit this website
We, like many companies, automatically collect the following information:
- technical information, including the type of device you’re using, the IP address, browser and operating system being used to connect your computer to the internet. This information may be used to improve the services we offer.
- information about your visit to this website, for example we collect information about pages you visit and how you navigate the website, i.e. length of visits to certain pages, products and services you viewed and searched for, referral sources (e.g. how you arrived at our website).
What type of information is collected from you?
The personal information we collect, store and use might include:
- Identity data, such as your name and contact details (including email address and telephone number);
- Technical usage data, such as information about your activities on our website and about the device used to access it, for instance your IP address and geographical location;
- Registration data, such as information provided by you when you register for an account to use our website, including user names and passwords;
- Business contact data, such as information related to employees, owners, directors, officers, or contractors of a third-party organization (e.g., business, partnership, sole proprietorship, nonprofit, or government agency) with whom we may conduct, or possibly conduct, business activities;
- Recruitment data, including information derived from employment applications or submitted in connection with a job posting or inquiry;
- Marketing and communications data, including your marketing preferences and your subscriptions to our publications or marketing materials;
- Your feedback and comments, including comments or any statements you provide to us through the website;
- Transaction data, including orders for our products and services and details of payments to and from you;
- any other personal information shared with us.
Data protection laws recognise certain categories of personal information as sensitive and therefore requiring greater protection, for example information about your health, ethnicity and religion.
We do not usually collect sensitive personal data about you unless there is a clear and valid reason for doing so and data protection laws allow us to. On those occasions where we do need to obtain sensitive personal data, we shall undertake reasonable measures to attempt to obtain your explicit consent in advance of doing so.
Where appropriate, we will make it clear why we are collecting this type of information and what it will be used for.
How and why is your information used?
We may use your information for a number of different purposes, which may include:
- providing you with the services, products or information information (including marketing materials) you asked for.
- processing repairs that you have submitted or had submitted on your behalf;
- carrying out our obligations under any contracts entered into between you and us;
- keeping a record of your relationship with us;
- conducting analysis and market research to better understand how we can improve our services, products or information;
- checking for updated contact details against third party sources so we can stay in touch if you move;
- seeking your views or comments on the services we provide;
- notifying you of changes to our services;
- sending you communications which you have requested and that may be of interest to you.
- to comply with law enforcement and maintain the security of our website, services, rights and property;
- processing job applications.
How long is your information kept for?
Who has access to your information?
We do not sell or rent your information to third parties.
We do not share your information with third parties for marketing purposes.
However, we may disclose your information to third parties in order to achieve the other purposes set out in this policy. These third parties may include:
Third parties working on our behalf
We may pass your information to our third party service providers, suppliers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process repair orders and send you mailings). However, when we use these third parties, we disclose only the personal information that is necessary to deliver the services and we have a contract in place that requires them to keep your information secure and prevents them from using it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Third Party Service Providers we work with
We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing services.
These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf.
Our service providers are predominantly located in the European Union and the United States of America.
Circumstances may arise where we decide to sell, buy, divest, merge or otherwise reorganize our business in some countries. We may disclose information we maintain about you to the extent reasonably necessary to proceed with the negotiation or completion of a merger, acquisition, divestiture or sale of all or a portion of our assets.
If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely and in accordance with your rights, our obligations and the third party’s obligations under the law. Where any personal data is transferred outside of the EEA, we shall take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under such data protection legislation in force in the UK.
You can find an up-to-date list of these sub-processors and service providers at https://www.autointegrate.com/gdpr
Lawful Processing (EEA Only)
Data protection law in the European Union (and the United Kingdom post-Brexit) requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Where you have provided specific consent to us using your personal information in a certain way, such as to send you email, text and/or telephone marketing.
Performance of a contract
Where we are entering into a contract with you or performing our obligations under it, like when you license Auto Integrate.
Where necessary so that we can comply with a legal or regulatory obligation to which we are subject.
We’re committed to putting you in control of your personal data so you’re free to request to review, change, or update your personal Iinformation at any time using: email@example.com, or post: The Data Protection Officer, 2000 Lakeside, North Harbour, Portsmouth, PO6 3FE.
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted and will retain your details on a suppression list to help ensure that we do not continue to contact you. However, we may still need to contact you for administrative purposes.
Under UK data protection law, you have certain rights over the personal information that we hold about you. Here is a summary of your rights:
Right of access
You have a right to request access to the personal data that we hold about you. If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a ‘subject access request’.
All subject access requests should be made in writing and sent to the email address detailed above. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is complex, more time may be required up to a maximum of three months from the data we receive your request. You will be kept fully informed of our progress
Right to have your inaccurate personal information corrected
You have the right to have inaccurate or incomplete information we hold about you corrected. The accuracy of your information is important to us so we’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or if you believe any of the other information we hold is inaccurate or out of date, please contact us via email or post (see below).
Right to restrict use
You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy, or we’re not lawfully allowed to use it.
Right of erasure
You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymise that information, rather than delete it.
Right for your personal information to be portable
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.
Right to object
You have the right to object to processing where we using your personal information (1) based on legitimate interests, (2) for direct marketing or (3) for statistical/research purposes.
If you want to exercise any of the above rights, please email us at firstname.lastname@example.org or write to the Data Protection Officer, 2000 Lakeside, North Harbour, Portsmouth, PO6 3FE. We may be required to ask for further information and/or evidence of identity. We will endeavour to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.
Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UK’s Information Commissioner’s Office.
Keeping your information safe
When you give us personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it.
Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software: 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Non-sensitive details (your email address etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Keeping your information up-to-date
We take reasonable steps to ensure your information is accurate and up to date.
Where possible we use publicly available sources to identify deceased records or whether you have changed address.
We really appreciate it if you let us know when your contact details change.
Use of ‘cookies’
Use of Log Files
We may use log files containing IP addresses to analyze trends, administer the Website, track the movement of users, and gather broad demographic information for aggregate use. IP addresses are not linked to Personal Information.
Links to other websites
Our website may contain links to other websites run by other organisations. This policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access those using links from our website.
Residents of the European Economic Area (EEA), the UK and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA, the UK and Switzerland is Auto Integrate Ltd, a company incorporated in the UK and with offices at 2000 Lakeside, North Harbour, Portsmouth, PO6 3FE. To exercise your rights, the Data Protection Officer may be contacted via email@example.com.
California residents. This section applies to California residents only. Auto Integrate provides e-commerce solutions to the automotive service and fleet management industry. To the extent we collect and process personal information on behalf of these other entities, we are considered a “service provider” under the California Consumer Privacy Act (“CCPA”), and you should direct any questions or inquiries you have about our data processing to the applicable automotive service or fleet management company with whom you have a relationship (i.e., these entities may be considered a “business” under the CCPA). In other circumstances, Auto Integrate is considered a “business” under the CCPA because we control how personal information is collected and processed, such as with employment applicants or when we process personal information on our website for reasons unrelated to the services that we are providing to others. In the event you have questions or inquiries with regard to how Auto Integrate, as a “business” (under the CCPA) collects and processes your personal information, or you would like to exercise your rights under the CCPA, you may contact us by email at firstname.lastname@example.org or by writing to The Data Protection Officer, 2000 Lakeside, North Harbour, Portsmouth, PO6 3FE.
Under the CCPA, certain California residents have the right to know and access the categories or specific pieces of personal information we have collected, used, disclosed, or sold about them over the past twelve (12) months; the categories of sources from which the personal information is collected; and, the business or commercial purpose for which your personal information was collected, used, disclosed, or sold. In addition, certain California residents have the right to request we transfer, to the extent feasible, personal information in certain forms and formats. California residents have the right to request that we (and any applicable service provider) delete/erase your personal information under certain circumstances. In some circumstances, certain California residents have the right to opt-out of the sale of their personal information; however, Auto Integrate does not sell personal information (related to any individual) to third parties for profit or other valuable consideration. California residents have the right not to be subject to discrimination for asserting their rights under the CCPA. If you make, or an authorized agent on your behalf makes, any request related to your personal information under the CCPA, we will ascertain your identity (and the identity of the authorized agent, to the extent applicable) to the degree of certainty required under the law before addressing your request. We may require you to match at least two or three pieces of personal information we have previously collected from you before granting you access to, or erasing, specific pieces, or categories of, personal information, or otherwise responding to your request. We may require written documentation that demonstrates a third party is authorized to serve as your agent for the purposes of submitting the requests set forth herein. In the event you submit, or your authorized agent submits on your behalf, a data request, you (and your authorized agent) hereby acknowledge and agree, under penalty of perjury, that you are (or the authorized agent of) the California resident whose personal information is the subject of the request. We will respond to any data requests within the timeframes required by the CCPA, and we may charge a fee to facilitate your request, where permitted by the CCPA. The rights afforded under the CCPA are not absolute, and we may be permitted to refrain from undertaking any action or changing our data processing activities, in response to a data request you submit to us.
No Data Collected from Children
Our website is not directed at, nor intended for use by, children. As a result, we will not knowingly collect information from children under sixteen (16) years of age with or without consent from their parents or guardians. If you are under the age of sixteen (16) you are prohibited from using our website or with providing us with your personal information, unless you can demonstrate affirmative authorization from your parent or legal guardian to do so.
Our website may also use the Hotjar website recording service. Hotjar is a product that has been developed by Hotjar Ltd. Hotjar may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive personal data. Data collected by Hotjar is for Auto Integrate’s internal use only and is not shared with, or accessible by, Hotjar or any other third party. The information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting.
Changes and Access to this Policy
Review of this Policy
We keep this policy under regular review. This policy was last updated 31st March 2020.
Print this Document
A printer friendly PDF of this policy is available for download here