Privacy Notice
The SEG Automotive Germany GmbH (“SEG”, “the Controller”) offers aftermarket products and spare parts for passenger cars and commercial vehicles (the “Products”) to customers (the “User”) via this aftermarket platform (the “Platform”). By using the Platform, personal data of the Users will be processed as described in this Policy. SEG takes privacy very seriously and operates at all times in accordance with applicable data protection laws.
Controller
SEG Automotive Germany GmbH
Lotterbergstraße 30
70499 Stuttgart
Germany
Data Protection Officer
Phone: +49 711 4009 - 8000
Email: dataprotection.officer@seg-automotive.com
Personal data
The following personal data of the User is processed by SEG for the purpose of offering and selling the Products:
- Name
- Company Name
- VAT Registration Number
- Telephone Number
- Mobile Number
- Shopping Address (Street, City, Country)
- Billing Address (Street, City, Country)
Cookies
Furthermore, the Platform uses cookies that are essential to navigate around the Platform and use its features. These cookies do not gather information about the User that could be used for marketing or remembering where he or she has been on the internet.
Lawfulness of processing: By acknowledging this Privacy Policy, the User consents to SEG processing his or her personal data to the extent and for the purposes described (Art. 6 para. 1 lit. a GDPR). All data processing activities in connection with the purchase of products via this platform are additionally based on the legal basis resulting from Art. 6 para. 1 lit. b GDPR.
Transfer to third parties: For certain technical processes involved in data processing, the Controller relies on assistance from external service providers, who might be given access to the personal data of the User for the purpose of rendering these services. These service providers are carefully selected and meet high standards of data privacy and data protection. They are obligated to maintain strict confidentiality and only process data on behalf of and under the instructions of the Controller. The legal basis for the involvement of these service providers is GDPR Art. 28.
For the purpose of global cooperation with subsidiaries, the Controller can disclose data to other affiliates. The legal basis for this disclosure is Art. 6 para. 1 lit. f GDPR.
The Controller works with companies and agencies with special expertise in specific areas or in certain subjects (e.g. tax auditors, attorneys, consulting companies, logistic service providers). These agencies are either subject to a professional duty of confidentiality or have entered a confidentiality agreement with the Controller. Should it become necessary to disclose personal data to these agencies, the legal basis shall be Art. 6 para. 1 lit. c or Art. 6 para. 1 lit. f GDPR.
Aside from the cases stipulated in this Privacy Policy, the Controller will not disclose personal data of the User to third parties without the User’s express consent unless the Controller is obligated to do so by law or based on licensing requirements or injunctions.
If personal data is transmitted to states outside of the European Union and the European Economic Area, the personal data of the User will be protected through appropriate safeguards.
Term of storage
The aforementioned data is deleted once it is no longer required for the specified purposes, unless a longer term of storage is legally required or unless continued storage is in the legitimate interest of the company and provided that this is not outweighed by the interests or fundamental rights and freedoms of the User.
Furthermore, the User can request the deletion of personal data related to user accounts.
Rights of the Data Subject
The User has the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to that personal data. Given the applicable legal prerequisites, the User has the right to rectification, deletion or restriction of processing. Given the applicable legal prerequisites, the User also has the right to receive this personal data in a structured, conventional and machine-readable format. This includes the right to have this data transmitted to another controller. Provided that it is technically feasible to do so, the User can also request that the Controller transits the personal data directly to the other controller.
If the User’s personal data is processed as described above based on a balance of interests in accordance with Art. 6 para. 1 lit. f GDPR, the User has the right to opt out of this data processing.
If the User has given consent to the processing of his or her data (Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR), the User has the right to revoke consent at any time. This will not affect the legality of the data processing which occurred prior to the revocation of the consent.
The User has the right to file an appeal through the appropriate controlling authorities.