You are reading the policy related to the service: www.supercarbuildup.com
A- Type of Personal Data Processed
B- Personal Data Processing of Children below the Age of 16 Years
C- Purposes of the Personal Data Processing
D- Lawful Basis for Processing Personal Data, Mandatory/Discretionary Provision of Personal Data and Consequences in case of not providing
E- Personal Data Sharing
F- Personal Data Transfer
G- Personal Data Retention
H- Data Subject Rights
I- Privacy Policy Amendments
J- Orders' Payment Data Collection
The following Privacy Policy is written by The following Privacy Policy is written by Panini U.K. Ltd., registered office at Brockbourne House, 77 Mount Ephraim, Tunbridge Wells, Kent, TN2 3SG, U.K. Business Registered in England No. 1275893 - VAT Number GB244971344 (hereinafter "Panini") as Data Controller of the personal data collected in the website: www.supercarbuildup.com (hereinafter website is referred to as "Application”), provided directly by you or however received or generated by us as a result of us processing your product or service purchase order through our Application.
Panini considers your privacy essential. In general, all the personal data (hereinafter “Personal Data” and/or “Data”) collected by Panini through the Application or given by you when you use service provided by the Application (hereinafter “Service”) as fully described in the following section “C. Purposes of Personal Data Processing” of this Privacy Policy, will be processed lawfully and in a transparent manner in accordance with the principles stated in the current legislation on the protection of personal data, such as transparency, fairness, lawfulness, data minimization, purpose limitation, accuracy, storage limitation, integrity and confidentiality.
This Privacy Policy is written on the basis of the transparency principle using a simple and not too legal language to increase the level of understanding of the statements given. This Privacy Policy is divided into sections (hereinafter collectively "Sections” and/or individually "Section”), each of them dealing a specific topic, so that you can immediately find what you are looking for and concentrate your attention on the topic of interest. The Panini Application may contain links to other websites and/or smartphone applications. Panini is not responsible for privacy practices or the content of such websites and/or smartphone applications.
A- Type of Personal Data Processed
Personal Data collected through the Application are listed below.
Name, Last name, Contact Details and other Personal Data
When you buy a product or service through the Application, Panini may ask your personal information such as: title, name, last name, e-mail address, telephone, billing address and shipping address. In the same way, you may be asked to indicate other Data such as the choice of payment method; Data coming from your submission of texts, drawings or registration information, on the occasion of participation in competitions, promotions, interactive games and initiatives of any kind. Further Personal Data may be collected during the management of each relationship through the Application itself or may consist of those that you decide to provide to Panini through the use of the Application / Contact references of the Application.
If you contact us, for example via email or phone, you may choose to communicate (even inadvertently) particular categories of Personal Data, such as those revealing political opinions, religious or philosophical beliefs, or union membership, as well as genetic data, biomedical data which can permit to uniquely identify a specific person, data related to health or sex life or sexual orientation.
Panini asks you not to disclose any of these types of data, unless you consider it strictly necessary to pursue the request you forward to us. Since the indication of such information is, as said, totally optional, if you choose to do so, Panini could process such data only with your explicit consent and in compliance with the current legislation. Panini, therefore, underlines the importance of expressing your explicit consent to the processing of these particular categories of Personal Data in case you decide to share them with Panini.
Personal Data of Third Parties
If you contact us, for example via email or phone or any other mean through it is possible to forward any type of message, these could in fact contain Personal Data relating also to other people. In all cases in which you decide to share such Data, you will be considered a self-appointed Data Controller and, as such, you will have to assume all the relevant legal obligations and responsibilities. Therefore, in this regard, you undertake to hold Panini harmless from any dispute, claim, request for compensation for damage from data treatment etc. that could reach Panini from people whose Personal Data have been forwarded by you in violation of the applicable rules on the protection of Personal Data.
As, in such cases, Panini does not collect this information directly from the data subjects (but indirectly from you), you guarantee that this specific treatment can be based on the consent of these data subjects or on another suitable lawful basis that legitimizes the processing of the information in question.
Navigation Data and Cookies
The computer systems and software used to run the Application acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected by Panini to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow data subjects to be identified. This category of data includes the IP addresses or domain names of the computers used by the users connecting to the Application, the addresses in URI (Uniform Resource Identifier) notation of the requested services, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (good result, error, etc.) and other parameters related to the operating system and the user's computer.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Application, to check its correct functioning and to identify anomalies and/or abuses. Except in cases where the data are used to ascertain responsibility in the event of hypothetical computer crimes against the Application or third parties, these data do not persist for more than seven days.
Information on the use of cookies is available in our Cookie Policy that we invite you to read by clicking the following link Cookie Policy
B- Personal Data Processing of Children below the Age of 16 Years
Provided that children under the age of 18 are not permitted to subscribe to products through the Application, Panini will not process any minor of 18 Data.
Children under the age of 16 are not allowed to send any Data to Panini through the contact mail indicated in the FAQ page.
C- Purposes of the Personal Data Processing
We will process your Personal Data for the following purposes:
- allowing the execution of operations strictly connected and instrumental to the management of relationships with you, such as managing the response to queries received from you; executing contracts for the sale of goods and/or services, managing and fulfilling orders via E-Commerce platforms; allowing you to participate in games, initiatives, competitions and prize events (Services Provision);
- allowing the correct execution of the contractual obligations we have assumed towards you and vice-versa (Contractual Obligations);
- complying with laws, regulations and EU legislation or with provisions issued by authorities empowered by law and provisions issued by Supervisory and Control Bodies, as well as allowing tax and accounting compliance (Legal Compliance);
- obtaining information necessary to identify anomalies, fraudulent activities and / or abuses in the use of the Application, against Panini or third parties (Security);
- carrying out information activities about our products and/or services as well as promotional, commercial, marketing campaigns and market research through the use of e-mails; performing customer satisfaction surveys (by sending questionnaires or conducting surveys) (Marketing)
- sending you, if you are using or have used a service on the Application or if you are buying or you have bought a product or a service through the Application, direct marketing and promotional communication via e-mail about similar products or services (Soft Spam).
D- Lawful Basis for Processing Personal Data, Mandatory/Discretionary Provision of Personal Data and Consequences in case of not providing
The lawful basis for processing the Personal Data, in accordance with the purposes set in the earlier Section of this Privacy Policy ("Purposes of the Data Processing"), is as follows. The provision of Personal Data and the related processing for the purposes related to Services Provision and Contractual Obligations, is strictly functional to the performance of the requested service and the correct execution of the contractual relationship with you and therefore they constitute a necessary condition for the establishment of the contractual relationship itself and the lawful basis of the processing. Consequently, failure to provide the Personal Data requested for this purpose, or the inaccuracy of the data provided, will make it impossible for Panini to carry out the service and the contractual relationship and would legitimize Panini to refuse to carry it out.
The provision of Personal Data, and the related processing for purposes related to Legal Compliance, is necessary for Panini in order to comply with the related legal obligations. When you provide your Personal Data to Panini, we must process them in accordance with applicable laws which may include the storage and communication to the competent authorities for compliance with tax, customs or other obligations.
The provision of Personal Data, and the related processing for the purpose related to Security, is based on the interest of Panini to identify and prevent unlawful conduct and for the related ascertainment of responsibility in the event of computer crimes against the Application, by Panini or third parties.
The provision of Personal Data, and the related processing of such data for the purposes related to the Marketing activity, is based on your explicit consent collected through a specific checkbox. You are not forced to provide such consent to Panini and, if you do so, you are free to withdraw it at any time without suffering any consequence (other than not receiving marketing communications from Panini). You can withdraw your consent for this purpose by following the instructions contained in the "Data Subjects Rights" section of this Privacy Policy.
The provision of Personal Data, and the related processing, for the purposes related to the activity of Soft Spam is based on the legitimate interest of Panini to send marketing communications via e-mail regarding products and services similar to those you have already used or purchased through the Application. You can stop the receipt of these communications without suffering any consequence (other than that of not being able to receive further communications of this kind by Panini) by following the instructions contained in the "Data Subjects Rights" section of this Privacy Policy.
E- Personal Data Sharing
The Personal Data will be made known to the Panini staff in charge of the management of the Application that is authorized to process them for the purpose of achieving the aforementioned purposes and who are committed to confidentiality or otherwise have received an appropriate legal obligation to confidentiality.
Personal Data may be shared, used and transferred within the companies belonging to the Panini group for accounting and administrative purposes.
Personal Data will be made known to third parties, appointed as Data Processors, as they process Data on behalf of Panini (for example, companies responsible for managing and processing sales orders, suppliers with whom it is necessary to interact for the Service Provision such as hosting providers, platform providers for sending e-mails or, again, suppliers who perform technical maintenance activities including the maintenance of network equipment and electronic communications networks, suppliers who develop interactive games and competitions, software developers for the payment systems, suppliers providing the technological platform and payment gateway for orders for products in the e-payments area, payment service providers for e-payments activities).
Personal Data may be shared with third parties with whom Panini has ongoing contractual relationships concerning services functional to the performance of the activity (such as couriers for the delivery of products, audit firms, persons, companies or professional firms that provide assistance and advice on the subject, administrative, legal, tax, financial and credit recovery firms relating to the provision of the Services).
Finally, Personal Data will be communicated when requested to the competent taxation offices, or to other public bodies, according to the provisions of the laws in force.
Personal Data is not intended for publication or dissemination.
F- Personal Data Transfer
Given the international presence of Panini, some of your Personal Data may be shared with recipients, referred to in the previous paragraph, which could be found in countries outside the EU or the European Economic Area. Panini ensures that the processing of your Personal Data by these parties will be in compliance with applicable law. Therefore, the transfers will be made with adequate guarantees, such as adequacy decisions or other models of Standard Contractual Clauses approved by the European Commission or other guarantees considered adequate.
More information is available by writing to Panini at the following address: webprivacy@panini.co.uk
G- Personal Data Retention
The Personal Data processed for the purpose of Services Provision and Contractual Obligations will be retained by Panini for the time strictly necessary for the execution of the requested service and for the correct execution of the contractual relationship with you. As this Personal Data is processed to provide you with the Services and allow the execution of the contractual relationship, Panini may keep them for a longer period, in particular for what may be necessary in order to protect the interests of Panini against possible claims arising from the Services Provision.
In any case, Panini specifies that the retention time related to any orders and purchases you have made is equal to 36 months after the termination of the Contractual Obligations towards you. At the end of this period the data will be made anonymous.
Your requests, and the data contained in them, received using the e-mail address included in the FAQ will be maintained for one year from the closure of the request in order to allow Panini to handle any additional requests received after closure. At the end of this period the Data that permit the identification, even indirect, of a physical person (such as name, surname, e-mail) will be made anonymous and maintained, only in the form of aggregated data, for statistical purposes.
The Personal Data processed for the purposes of Legal Compliance will be retained by Panini for the period envisaged by specific legal obligations or applicable legislation.
The Personal Data processed for the Security purpose will be kept by Panini for the time strictly necessary for the aforementioned purpose and therefore until the moment in which Panini is required to keep them for legal protection to communicate such Data to the competent authorities.
The Personal Data processed for the purposes of Marketing and Soft Spam will be retained by Panini until the revocation of the consent you have given. Once your consent is withdrawn, Panini will no longer use your Personal Data for such purposes, but may retain them, particularly as may be necessary in order to protect Panini's interests from possible liability based on such processing.
Panini informs you that, in order to respond to the principle of limitation of conservation, the data processed for the purposes of Marketing will in any case be maintained for a maximum of 36 months after the termination of the contractual relations between you and Panini.
The Personal Data processed for the purpose of Soft Spam will be kept by Panini until you object to the process by following the instructions contained in the "Data Subjects Rights" section of this Privacy Policy.
H- Data Subject Rights
At any time you are entitled, as Data subject, to:
- request access to your Personal Data, (and/or a copy of such Personal Data), as well as further information on the current treatment of them;
- request the correction or updating of your Personal Data processed by Panini, where they are incomplete or out of date;
- request the deletion of your Personal Data from the Panini databases, where you deem the processing unnecessary or illegitimate;
- request the limitation of the processing of your Personal Data by Panini, where you believe that your Personal Information is not correct, necessary or is unlawfully processed, or if you had opposed its processing;
- exercise the right to data portability, i.e. to obtain a copy of the Personal Data supplied to Panini that relates to you in a structured format, for common use and readable by an automatic device, or to request transmission to another Data Controller;
- oppose the processing of your Personal Data, using a legal basis relating to your particular situation, which you believe should prevent Panini from processing your Personal Data;
- revoke your consent for the purposes of Marketing and to oppose the processing for the purpose of Soft Spam.
Please note that the Personal Data you provided to Panini may be changed at any time by writing to: webprivacy@panini.co.uk. You may exercise the above rights by means of the methods indicated above.
We inform you that for the Marketing and Soft Spam purposes you can revoke and terminate at any time the sending of this commercial information, by writing to the e-mail address indicated above.
Panini also informs you that you always have the right to lodge a complaint with the competent Supervisory Authority (for example that of the State in which you have your habitual residence, in UK the ICO) if you believe that the processing of your data is contrary to the legislation in the field of personal data protection actually applicable.
I- Privacy Policy Amendments
This Privacy Policy version 1.1 is effective from 1 January 2019. Panini reserves the right to modify or simply update its content, in part or completely, also due to changes in the applicable legislation. Panini will be able to inform you of these changes as soon as they are introduced and they will be binding as soon as they are published on the Application. Panini invites you to visit this section regularly to get to know the most recent and updated version of the Privacy Policy in order to be always updated on the Personal Data collected and on the use that Panini makes of them.
J- Orders' Payment Data Collection
Furthermore we hereby inform you, in connection with your order, your personal data relating in particular to your identity, domicile, personal status, phone number, email address and bank account numbers, or to the transactions you enter into or payments you make, are processed by CCA International Ltd ("CCA")
- with the purpose of allowing CCA to be able to perform its agreement with Panini U.K. Ltd,
- with the purposes of fraud monitoring and fraud management (determining the risk levels associated with transactions, detecting and managing any resulting alerts), and
- with the purpose of compliance with CCA legal obligations under the applicable legislation relating to the fight against money laundering and the financing of terrorism and
- with the purpose of compiling market analysis, statistics, analysis of transaction data, improvement of the service provided by CCA.
The collection of your personal data is a mandatory requirement for these purposes. Without this personal data your transaction could be delayed or rendered impossible and your order cancelled.
Please be informed that CCA, with registered office at 4-6 Dudley Road, Tunbridge Wells, Kent TN1 1LF and with company number 02824494 is the data controller for such data processing.
CCA will not communicate your personal data to third parties, except in the following two cases:
- Communication by CCA of personal data to its affiliates, subcontractors or other parties with whom CCA has a contractual relationship and that provide services for / assistance to CCA in the framework of i) the performance of the agreement between us and CCA, ii) fraud prevention and management and iii) with the purpose of compliance by CCA with its legal obligations under the applicable legislation relating to the fight against money laundering and the financing of terrorism and (iv) communication to third parties of anonymous or aggregated data. The third parties that are providing service/assistance to CCA with regard to fraud monitoring and fraud management can insert your personal data into their own specific database(s) that is (are) used by them to provide services for a multitude of merchants to prevent and manage fraud.
- If CCA is required by law to communicate certain information or documents to the British or foreign authorities, or generally speaking to any judicial or administrative authority, law enforcement authorities or any legal or administrative authorities. Communication of personal data to those entities will be limited to the extent necessary or required under the applicable regulations.
Furthermore, a fraud may give rise to the recording of certain personal data relating to you in a dedicated file managed by CCA. The purpose of such file is to retain a trace of previous frauds, in particular to provide information for criteria used to evaluate transaction risks and the scoring templates used for this purpose. The recording of your data in this file may also lead to you being assigned a higher risk level in the event of any subsequent order placed with a merchant that is customer of CCA, and consequently could potentially lead to the rejection of this order. You are entitled to have access to your personal data and have the right to query, access and correct your data, as well as the right to object, for a legitimate reason, to the processing of your personal data. For the exercise of these rights, please address a written request (by registered mail), dated and signed, to the registered office of CCA (see above) or send an e-mail to customercare@dbfactory.co.uk and mention in this letter or e-mail your name, address and telephone number where you can be reached during office hours, and enclose a copy of both sides of your identity card or passport. You may hide the data that you are not required to provide according to your local legislation.