Privacy Policy for mercedesgp.com
1. Introduction
At mercedesgp.com, we are fully committed to upholding your privacy and safeguarding your personal data. We understand the paramount importance of data protection, and we strive to handle your personal information responsibly, transparently, and in full accordance with applicable data protection regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how your personal information is collected, used, stored, and protected when you engage with our services.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users accessing the website mercedesgp.com, whether on desktop or mobile platforms, and describes how personal data is collected and processed in that context. For the purposes of applicable data protection laws, the data controller responsible for your personal information is Mercedes GP, contactable at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Information on how you use our site, including IP address, browser type and version, pages visited, session duration, referral URLs, and other diagnostic data.
– Account Data: Personal details provided during account registration or profile creation such as your name, residential or billing address, email address, telephone number.
– Profile Data: Information relating to your interests, preferences, purchase history, feedback, and behavioral trends on mercedesgp.com.
– Communication Data: Records of correspondence exchanged through support requests, contact forms, or other communication channels.
– Technical Data: Details from your device and internet connection, such as device identifiers, operating system, hardware specifications, screen resolution, language settings, and system configurations.
– Transaction Data: Records concerning your transactions with us, including payment details, delivery addresses, and order history (excluding full payment card details which are handled by secure third-party processors).
– Preference Data: Data related to your selected communications preferences, including subscription status to marketing emails and expressed interests in specific products or services.
4. Legal Bases for Processing
Under GDPR, we rely on the following lawful bases for processing personal data:
– Contractual Necessity: Where the processing is required to fulfill a contract with you, including account management, transactional engagement, or delivery of services.
– Legitimate Interest: Where processing is necessary to pursue our legitimate interests and such interests are not overridden by your data protection rights (e.g., fraud prevention, site operation, internal analytics).
– Consent: Where you have explicitly agreed to specific processing activities, such as receiving marketing communications or the placement of optional cookies.
– Legal Obligation: Where processing is necessary to comply with a legal requirement or a binding legal request.
Under CCPA, we do not sell personal information and only disclose personal data as necessary to deliver our services and operations in alignment with user expectations and applicable law.
5. Your Rights
You are entitled to exercise your rights in relation to your personal data, which include:
– Right of Access: You may request confirmation as to whether your personal data is being processed and obtain a copy of such data.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete personal information.
– Right to Erasure: You may request that we delete your personal data where there is no compelling reason for its continued processing.
– Right to Restriction: You may request limitation of processing under specific conditions.
– Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transfer it to another controller.
– Right to Object: You may object to the processing of your data under certain circumstances, particularly where processing is based on legitimate interest or for direct marketing purposes.
To exercise these rights, please contact us at [email protected]. We will verify and respond to your request in accordance with applicable data protection regulations.
Residents in jurisdictions with specific rights under CCPA (such as the right to know, delete, and opt out of selling) may also contact us using the same details.
6. Security Measures
We implement stringent security protocols to ensure the confidentiality and integrity of your personal data. These measures include:
– Encryption of data transmissions via HTTPS.
– Secure storage using firewalled infrastructure and access controls.
– Role-based access to personal information, limited to authorized personnel only.
– Regular data backups and recovery mechanisms in case of data loss.
– Employee training and awareness programs to maintain compliance and vigilance against data breaches or misuse.
While no system is entirely impenetrable, we maintain robust security frameworks to reduce risk to the lowest feasible level.
7. International Transfers
If and when your personal data is transferred outside of your jurisdiction, including internationally, we ensure that such transfers are subject to one or more of the following safeguards:
– Standard Contractual Clauses as approved by the European Commission.
– Transfers to countries recognized by the European Commission as providing adequate data protection.
– Legally binding and enforceable instruments between public authorities or bodies.
We will take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy.
8. Data Retention
Your personal data will be retained only as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, or accounting requirements. Retention periods include:
– Account and Profile Data: retained while your account remains active and for 6 years thereafter per accounting standards.
– Transaction Data: retained for 7 years to comply with regulatory and financial reporting obligations.
– Usage and Technical Data: retained for up to 2 years for analytics and service improvement.
– Communication Data: retained for 3 years following last contact to resolve any ongoing matters.
– Cookie and Tracking Data: managed according to cookie lifespan (detailed in the Cookie Policy below).
Upon the expiration of the applicable retention period, personal data will be securely deleted or anonymized.
9. Cookie Policy
Cookies are small digital files placed on your device when you visit mercedesgp.com. We use the following categories of cookies:
– Essential Cookies: Necessary for basic website functionality, such as securing login sessions and managing cart operations.
– Functional Cookies: Enhance user experience by remembering preferences such as language settings or location.
– Analytics Cookies: Collect anonymized information for statistical purposes to improve site performance, content efficiency, and navigation.
– Performance Cookies: Monitor system performance and identify loading issues, lag, or operational inefficiencies.
10. Cookie Management and Compliance
You may manage cookie preferences via the consent banner presented on your first visit to mercedesgp.com or through your browser settings. You can revoke or update your consent at any time. We honor “Do Not Track” signals in accordance with applicable laws like GDPR and CCPA.
Where consent is required for non-essential cookies, you will have an explicit option to opt-in before such cookies are enabled. You may also disable cookies in your browser settings, though some essential functionalities may be impaired as a result.
11. Children’s Privacy
Mercedesgp.com is not intended for or directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe that a minor has submitted personal data to us without parental consent, please contact us at [email protected] so that we may take appropriate steps to delete such data promptly.
12. Policy Updates and User Notifications
We reserve the right to modify or update this Privacy Policy periodically. In the event of significant changes, affected users will be notified through prominent announcements on mercedesgp.com or via email correspondence, where applicable. Users are encouraged to review this page regularly to stay informed on how their data is handled and protected.
13. Contact Us
If you have any questions, concerns, or privacy-related requests in relation to this policy or your personal information, please contact us at:
Email: [email protected]
We are committed to respecting your privacy rights and will address your inquiries as swiftly and thoroughly as required under applicable data protection laws.
—
This Privacy Policy reflects mercedesgp.com’s ongoing commitment to full compliance with GDPR, CCPA, and other data protection standards. Should you have any concerns about your privacy or wish to exercise your rights, please do not hesitate to contact us.
Thank you for trusting mercedesgp.com.