Contis Group Limited (“We”, “us” or “our”) is committed to protecting and respecting your privacy.
We will be the data controller of your personal data which you provide to us or which is collected by us via our Website. This means that we are responsible for deciding how we hold and use personal information about you and that we are required to notify you of the information contained in this policy. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
You can contact us using the details provided at the end of this policy in the “Contacting Us” section.
What information we collect from you and how we use it
We will collect various types of personal information from you when you use our Website or interact with us. Further details of how we use your personal data are set out below.
In this section, we have indicated with asterisks whether we need to process your personal data:
- * = to pursue legitimate interests of our own or of third parties, provided your interests and fundamental rights do not override those interests;
- ** = to enable us to comply with our legal obligations; and/or
- *** = where you have consented.
When you visit our Website
The Contis website is used for people to understand the products and services we provide. It also allows for people to contact us from the website. When you visit to use our Website, we may need to collect from you:
- Email address
- Telephone numbers (not mandatory)
You will not be able to contact us on our Website without providing this information*. This information will not be used for any other purpose, unless you subscribe to our newsletter***.
Other uses of our Website
We will also collect the personal data you provide when you use our Website to:
- provide you with information about our services, offers, events or promotions we feel may interest you where permitted by law*/***;
- notify you about changes to the services provided through our Website*; and
- ensure that content from our Website is presented in the most effective manner for you and your device*.
With your agreement, we may also disclose your information to other third parties, whose products and services may be of interest to you. If we transfer your information to third parties outside of the European Union we may take steps to ensure that the third party agrees to apply the same levels of protection that apply in the UK.
Automatic Personal Data Collection
Each time you visit our Website or mobile app, we may automatically collect the following information:
- Technical information: including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, operating system and platform; and
- Information about your visit, including the URL clickstream to, through and from our site (including date and time); pages, resources and/or products you viewed or searched for; page response times, errors, length of visits to certain pages, page interaction, and methods used to browse away from the page.
When we communicate with you by email, we may automatically collect the following information:
- Information about your interaction with our emails, including whether you have opened the email, the number of times the email is accessed, and your interaction with email content including the links you have clicked.
We will use the above information in order to:
- to administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes to comply with our legal obligations*/**;
- to improve our Website to ensure that content is presented in the most effective manner for you and for your computer / device*;
- as part of our efforts to keep our Website safe and secure to comply with our legal obligations*/**;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you*; and
- to make suggestions and recommendations to you and other users of our Website about goods or services that may interest you or them*.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will usually notify you and we will explain the legal basis which allows us to do so.
Disclosures of your information
We will disclose your information to:
- Our group companies, third party service providers and agents in order to provide the products and services;
- Other third parties, with your consent, whose products and services may be of interest to you;
- In the event that we sell or buy any business or assets, to the prospective seller or buyer of such business or assets;
- If Contis Group Limited or substantially all of its assets are acquired by a third party, to the acquiring third party; or
- A third party if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, or safety of Contis Group Limited, our customers or others.
Protecting your information
Your data is secured by encryption, firewalls and Secure Socket Layer (SSL) technology. This is industry standard encryption technology which manages the security of messages transmitted across the internet. When we receive your data, we store it on secure servers which can only be accessed by us.
Storing your data within and outside the EEA
Our third party data host provider uses servers located in the US to store personal data. As a result, when you use our Website, your personal information (such as your name, e-mail address, and phone numbers) will be transferred to the US which is located outside of the European Economic Area and so is not governed by European data protection laws.
The US has not been deemed by the European Commission to provide an adequate level of protection for personal data originating in the European Union.
However, we have entered into the standard contractual clauses (Model Clauses) adopted by the European Commission with OrcsWeb in order to safeguard personal data when it is accessed from outside of the European Economic Area. You can request a copy of these Model Clauses by contacting us using the details provided at the end of this Policy.
If you connect or integrate any social media services with services we provide, you may receive social notifications either from us or from third party companies providing social media services on our behalf. You can manage these social notifications through changing your privacy settings on the relevant social media site or discontinuing any interaction. If you register and provide information to a forum or blog on our Website, the information you provide will be published and will be publicly available on our Website. It will not be used for any other purpose.
Any changes we make to our policy will be put on the Website and, where appropriate, notified to you by e-mail. Please check for updates from time to time.
Retention of your Data
We will only keep your personal information for as long as is reasonably required for the purpose(s) for which it was collected, as set out above in this policy and for legal purposes.
Data protection laws provide you with the following rights to:
- request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request a copy of your personal information which you have provided to us, in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller; and
You also have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Where we rely on your consent to process your personal data, for example if we need your consent to send you any direct marketing, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us using any of the details set out below in the “Contacting Us” section. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you are unhappy about how your personal data has been used please refer to our complaints policy. You also have a right to complain to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office https://ico.org.uk/, which regulates the processing of personal data.
If you have any questions about this policy, you can contact us by using the ‘Contact us’ facility on the Website or in the following ways:
By post at:
Data Protection Officer
Contis Financial Services
By email at: [email protected]