© CarOwnerSocial 2024

Privacy policy

Scope

At www.carownersocial.com (“the Website”) we consider the privacy of our visitors to be extremely important. This privacy policy (“Privacy Policy”) describes in detail the types of personal information we collect from our Users (“you” or “your” being interpreted accordingly) as users of this Website and how we use it.

The purpose of this Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process your personal data. The following is a brief summary of our privacy practices.

It provides information on what personal data we collect, why we collect the personal data, how it is used and the lawful basis on which your personal data is processed, and what your rights are under the applicable data protection and privacy laws, including the General Data Protection Regulation (“GDPR”).

Carownersocial is a social media platform for car owners, in which every user can find the owner of a car by searching its car plate (“the Service”). The only way to use our Website is to create an account, so you can find a car owner and let others find you by searching your car plate.

The data controller responsible for your personal data is Carownersocial (“Carownersocial”, “we”, “us” and/or “our”).

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at hello@carownersocial.com.

By using our Website or submitting your personal data you are taken to accept the terms of this Privacy Policy, so please read it carefully.

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). Since the Regulation applies regardless of where websites are based, it must be heeded by all Websites that attract European visitors, even if they don't specifically market goods or services to EU residents.

The GDPR mandates that EU visitors be given a number of data disclosures. The Website must also take steps to facilitate such EU consumer rights as timely notification in the event of personal data being breached. Adopted in April 2016, the Regulation came into full effect in May 2018, after a two-year transition period.

Key Definitions

For the purposes of this Privacy Policy:

  • “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • “recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
  • “third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • “consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • “personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

Personal data we collect

We collect the following personal data about you:

Required Account information: Information about your account can be found on our Terms and Conditions. To use our Services, you must create an account. To create an account, you are asked to submit details such as Name, Country, Car plate, E-Mail Address and Gender.

Additional Information given by Users: Τhis includes information that we may ask Users to provide from time to time to improve the Service. For example, we may collect for you additional details such as your telephone number and your social media accounts (Facebook account).

Automatically collected personal data

Log Data: When you visit our Website, our servers record information (“log data”), including information that your browser automatically sends whenever you visit the Website. This log data includes browser type and settings, the date and time of your request.

Our Website uses cookies (small text files placed on your device) and similar technologies to distinguish you from other users. This is to provide you with a good user experience when you browse our Website and allows us to improve its features. For detailed information on the cookies and similar technologies we use, please see our Cookie Policy.

Cookies and tracking devices

A cookie is a small text file that is downloaded to your browsing device (such as your smartphone or your computer) when you visit a website. We use cookies to help provide Users with a personalised experience when using our Service, to analyse the effectiveness and usefulness of the Service and to avoid the need to log-in each time you access the Website or the Service. We make use of anonymous cookies for research and development purposes such as user analysis and profiling which are carried out on an anonymous basis.

Further information on the use of cookies and tracking devices is provided in our Cookies Policy.

How we use your personal data

We collect and process Users’ personal data for the following purposes:

  • to meet our obligations to you, to provide you with access to the Service and to deliver the Service to you, to support Users’ use of the Service and to enable us to handle enquiries and complaints;
  • to manage your account and from time to time to communicate with you, including if you ask us to delete your data and we are required to fulfill your request, to keep basic data to identify you and prevent further unwanted processing;
  • to personalize Users’ access to the Service, to test, monitor, improve and upgrade the Service;
  • to meet our legal obligations and the regulatory requirements to which we are subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties;
  • for our internal purposes such as keeping records of our communications with Users, compiling statistical data concerning the use of the Service and performing analytics relating to the use of the Service by Users.

We may use your personal data for other purposes which you have consented to at the time of providing your data.

The lawful basis for processing users’ personal data

The processing of your Personal Data is lawful on the basis of the following:

  • your express consent, where you consent for us to process your data for the purpose of receiving the Service;
  • the fulfillment of our contractual obligations to you in accordance with our subscription Terms of Use;
  • our legitimate interests in (among other things) operating and administering the Service, improving and maintaining our Service, personalizing and tailoring content made available to you through the Service, protecting the security or integrity of our databases or the Service, taking precautions against legal liability, protecting and defending our rights or property, or for resolving disputes, investigating and attending to inquiries or complaints with respect to your use of the Service.

Personal data retention

We will keep your personal data only for as long as is reasonably necessary for the purposes outlined in this Privacy Policy, or for the duration required by any legal, regulatory, accounting or reporting requirements, whichever is the longer.

To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the personal data, the purposes for which we process your personal data, applicable legal requirements or operational retention needs, and whether we can achieve those purposes through other means.

When you delete your account, we will securely destroy your personal data in accordance with applicable laws and regulations. In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case it is no longer personal data.

Disclosure of your information

We share your personal data with third parties in the following situations:

Service Providers: Carownersocial, sometimes hires selected third parties who act on our behalf to support our operations, such as IT suppliers and contractors (e.g. data hosting providers or delivery partners) as necessary to provide IT support and enable us to provide customer or members services and other services available on this Website. Pursuant to our instructions, these parties may access, process or store your personal data in the course of performing their duties to us and solely in order to perform the services we have hired them to provide.

Administrative and Legal Reasons: if we need to disclose your personal data (i) to comply with a legal obligation and/or judicial or regulatory proceedings, a court order or other legal process. (ii)to enforce our Terms of Use or other applicable contract terms that you are subject to or (iii) to protect us or our users against loss or damage. This may include (without limit) exchanging information with the police, courts or law enforcement organizations.

Transfer of personal data

We operate the Service from Germany. We may use servers and cloud services to store and process data in other countries and may transfer the data to other countries for the purpose of storage and data management. Our Related Parties may have access to your personal data in different countries including, without limitation the EU. We ensure that when personal data is transferred across borders, we do so in compliance with the law including (in the case of data exported from the EU) by putting in place, as between us and the party receiving the data, contractual terms for the protection of the interests of data subjects in the form approved by the European Commission.

Security

We asked you to choose a password or log-in which enables you to access certain restricted parts of our Website, you are responsible for doing everything you reasonably can to keep these details secret. You must not share your password or log-in details with anyone else.

We use a range of technical and organisational measures to protect your personal data including the following:

  • we only collect and maintain personal data insofar as is necessary for the proper functioning of the Service;
  • we limit and control access to records of personal data to members of staff and Related Parties that require such access to perform their duties and services, through passwords, variable log-in rights and other technical and organisational access controls;
  • we apply security measures (including as part of the cloud services we use and when using the services of Related Parties to process your data) including encryption, firewalls and physical security for our servers and information centers.
  • we ensure confidentiality obligations are put in place when dealing with our Related Parties and other third parties;
  • we avoid the collection or storage of personal data when it is unnecessary or for longer than reasonably needed or legally permitted or required and erase it (or anonymise it) once we no longer need it or are no longer required to keep it as personal data;
  • user’s account details are held in our records for as long as the account is maintained. The data is erased when the account is closed down;
  • data collected from monitoring Users’ use of the Service is aggregated and anonymised before we share it with third parties.

Your personal data protection rights

Certain applicable data protection laws give you specific rights in relation to your personal data. In particular, if the processing of your personal data is subject to the GDPR, you have the following rights in relation to your personal data:

  • Right of access: The right to require us to advise you of the categories of your personal data that we process, the purpose of any such processing, the identity of third parties who receive your data from us, the period for which your personal data is stored and whether any automated decision-making processes are being used in relation to your personal data.
  • Right to data portability: You have the right to obtain your personal data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will provide you with your personal data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to rectification: The right to require us to rectify inaccurate personal data records;
  • Right to erasure: The right to request the erasure of your personal data records. You have the right to require us to erase your personal data records:
    1. the data is no longer necessary in relation to the purpose for which it was collected, such as where you choose to delete your account (in which case, it is our policy to delete your data even without your request);
    2. where the processing of the data is based on your consent and such consent is withdrawn;
    3. you object to the processing of your data and there are no overriding legitimate grounds for justifying the data processing;
  • Right to restrict processing: The right to restrict the processing of your personal data in certain circumstances (for example, where an objection has been raised and is being investigated); and
  • Right to object: You have the right to object to the processing of your data in certain circumstances.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the Greek data protection authority (www.dpa.gr), or, as the case may be, any other competent data protection authority of an EU member state that is authorized to hear those concerns (you may find EU Data Protection Authorities’ contact information here.)

If you wish to exercise any of these rights please contact us as described in the “Contact” section below. We may also need to ask you for further information to verify your identity before we can respond to any request.

Contact

Questions, comments or requests regarding this Privacy Policy should be addressed to privacy@carownersocial.com.

Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or modifications. If required by the applicable law, we will notify you of any material or substantive changes to this Privacy Policy.

Your experience on this site will be improved by allowing cookies. Cookies Policy | Terms of Service | Privacy Policy