We hope you will enjoy being a customer of acgautoparts, and we want to make sure your experience is as safe and useful as possible. Here you can find out what data we collect from you, how we use it, conditions where we may disclose this data to others, how we keep it secure and how our website works. We hope you will enjoy being a customer of acgautoparts, and we want to make sure your experience is as safe and useful as possible. Here you can find out what data we collect from you, how we use it, conditions where we may disclose this data to others, how we keep it secure and how our website works.
acgautoparts Limited (SC036386) trading as acgautoparts (‘we’, ‘our’ or ‘us’) takes the issue of security and data protection very seriously and strictly adheres to guidelines published in the United Kingdom Data Protection Act of 1998 and the General Data Protection Regulation (EU) 2016/679 which is applicable from the 25th May 2018. acgautoparts Limited is notified as a data controller with the Office of the Information Commissioner under registration number Z6369745 and we are the data controller of any personal data that you provide to us. Any questions relating to this policy and our privacy practices should be sent to firstname.lastname@example.org.
Personal information that we collect, why we collect it and how we use it
We obtain information about you when you contact us in branch or over the phone, and when you use our website. We also receive information from you via cookies on our website, for example when you are viewing parts or making online purchases. We need this information to enable us to provide our online services and where appropriate, our in-branch services. This section sets out in more detail what information we collect, why we collect it, how we use it and how long we keep your information.
- If you make an enquiry, we will need your name and contact information to provide you with information you request from us. This information will be kept for up to 6 weeks before being deleted from our system.
- We may use your email address to administer an account you may create through our website. This information is not stored by us.
- If you buy from Autoparts UK for audit and tax purposes, we will keep a copy of the invoice on our system for 7 years and physical copies will be kept securely for 3 years.
- If you make a complaint through our customer services department, then to assist you with this complaint, we must collect your name, contact information, information on your complaint as well as your date of birth and/or provided identification to ensure we are speaking to the authorised individual. For our legitimate interest, this information will be stored in our systems and physical archive for 7 years after the complaint and then securely destroyed.
- Phone calls may be recorded, and any recorded calls will be retained for a maximum of 6 months and only be used for training and quality purposes and/or to prevent or detect crime.
- If you visit any acgautoparts site, we use CCTV to monitor all of our premises, therefore your image and potentially your vehicle registration, will be captured and stored for up to 8 weeks depending on the system used at the branch.
- If you injure yourself at an acgautoparts branch then we are under a legal obligation to fill in an accident form. This will include, full name, contact information, nature of injury and description of treatment. We are legally required to keep these forms for 5 years after the incident after which they will be securely shredded.
- Occasionally, we may use your email address to send you information about changes to this website. We will ask you for permission to do so.
We review our data retention periods regularly and will only hold your personal data for as long as is necessary for the relevant activity, or as required by law (we may be legally required to hold some types of information), or as set out in any relevant contract we have with you.
It is your choice whether you receive information such as marketing from us and you can select this by ticking the relevant boxes on the form where we collect your information. We will not contact you for marketing purposes unless you have given your prior consent. If you have agreed to receive marketing from acgautoparts we may email to inform you of new products available from companies within the Arnold Clark Group. If, at any time, you no longer wish to receive this information, please send a written request to email@example.com.
If you have opted in to receive marketing material from us, we will use your name and whichever methods you have selected to send out this information.
Access to your information
You may request, at any time, a copy of the personal information which we hold about you, at no cost. Should you wish to access or update the personal information that we hold, please contact us by sending a written request to Customer Services Department, acgautoparts Limited, firstname.lastname@example.org.
If you wish to have the information which we hold about you removed, please request this in writing from: Customer Services Department, acgautoparts Limited, email@example.com – as long as your information is not pertinent to the completion of a contract or required for any legal reason, it will be removed.
If you are concerned that we are not using your information in accordance with the law, or are not satisfied with our response to a request made above, then you can make a complaint to the Information Commissioner’s Office.
The Information Commissioner in Scotland can be reached by the following means:
Please be aware that the transmission of information via the internet is not always completely secure. Although we will do our best to protect your personal data, we cannot guarantee the complete security of your data transmitted to us electronically; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to restrict unauthorised access.
All credit/debit card data taken through our websites is encrypted in accordance with PCI-DSS.
Data storage and use of data outside of the European Economic Area
We store your data on secure servers inside the European Economic Area (EEA).
Some of our third-party contractors are based outside of the EEA; however, we have strict control over how and why your data can be accessed. By submitting your personal data, you are consenting to this transfer, storing or processing. If we transfer your data outside the EEA we will take steps to ensure that appropriate security measures are taken with the aim that your rights continue to be protected as set out in this policy.
Disclosing your information
As a member of the acgautoparts Limited Group, we may disclose your personal information to another member of the Group
We may also disclose your personal information to third parties under the following circumstances:
- If we sell any business or assets, in which case we may disclose your personal data to the prospective buyer of such business or assets;
- If acgautoparts Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
- We work with various third-party providers to help us deliver our products and services, and we only disclose your information as far as is necessary to provide the service. However, we have contracts with third party suppliers and we will have completed necessary security checks and full due diligence to ensure that your data is kept safe once passed to the third party. All third parties only have the right to use your data to complete an obligation, they do not have marketing rights over your data. Your data is used including in the following circumstances:
- We may contract a data cleansing organisation to ensure all data is accurate and up to date.
- If you input your registration into our website for the purpose of parts lookup this will be fulfilled by a secure third-party partner who has data processing rights only.
- All phone call recordings are kept by a third party who only have processing rights over your data and will not contact you.
Cookies are small text files, placed on your hard disk by a web page server. They are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
We will use encrypted information gathered from the cookies to improve your online experience with us.
Some of the cookies we use will expire after you close the browser window. These are called session cookies. Some cookies last longer than this, because they are used to identify return visits to the website. Please note that cookies do not harm your computer or any software you may have.
What cookies we use and why
If you accept the additional cookies to run during your session, we may then collect information about your computer in the form of server logs, including (where available) your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions. Disabling cookies ensures that your IP address will not be recorded.
We recommend that you accept cookies, as we use them to:
- Customise elements of our website’s layout and content, and test different designs of our websites to improve your experience.
- Recognise when a user has visited before, meaning we can see how many unique visits we receive. We can then make sure the websites are easy to use and have enough capacity.
- Remember your preferences and settings, such as text size and language.
- Recognise your device so you don’t have to provide the same information during your visit, or on subsequent visits.
- Help us identify errors and resolve them effectively.
- Establish what information is relevant to you while you are browsing our websites.
- Collect statistical, anonymous information about how our visitors use/interact with our digital services so we can improve them.
- Learn which parts of our websites are most popular and improve them.
- See how effective our online messages are.
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The website may offer you the opportunity to share or follow information about us (or the website or our services) using third party social networking functionality (such as through ‘share this’, ‘like’ or ‘follow’ buttons).
We offer this functionality in order to generate interest in us, the website and our services among the members of your social networks, and to permit you to share and follow opinions, news and recommendations about us with your friends. However, you should be aware that sharing personal or non-personal information with a social network may result in that information being collected by the social network provider or result in that information being made publicly available, including through internet search engines.
Changes to our privacy and cookies policy
Any changes we may make to our privacy and cookies policy in the future will be posted on this page and, where appropriate, you will be notified by email.
This policy was last updated: 15th May 2018