Rovertune Ltd is committed to protecting your privacy, and we take our responsibilities regarding the security of user information very seriously. This Privacy Statement sets out how we comply with both UK and European Union data protection requirements.
We have structured our website so that you can visit without identifying yourself or revealing any personal information, other than an IP address. Once you choose to provide us with any information by which you can be personally identified, it will be used only to process enquiries. Any information that we hold will not be disclosed to anyone outside of Rovertune Limited, except for the purposes stated below. For your protection, we are currently registered with the Information Commissioners Office (ICO), and you may make a complaint to the ICO should you find that we are not complying with our obligations.
We are compliant with the General Data Protection Regulation (GDPR) [Regulation (EU) 2016/679] which is intended to strengthen and unify data protection for all individuals within the European Union when it becomes Law from 25th May 2018. This Regulation will remain in UK Law after the UK leaves the European Union in March 2019.
We will not sell, distribute or lease your personal information to third parties unless we have your permission, or are required to do so by legal requirement or request from HMRC, the Police or any Law Enforcement Agency.
Under the GDPR Regulations, you may request a copy of any personal information which we hold about you. You may also ask us to update your information if anything is inaccurate, as well as request that we restrict the processing of, or delete your data. If you would like to exercise your rights as noted, please write to the address below or email us at firstname.lastname@example.org. Any request will be actioned immediately and notification will be forwarded to you to confirm such alteration has been made (normally within 30 days). Please note; personal data cannot be deleted if it is subject to a claim, or any legal proceedings.
The following table details who we share data with by category, what data we collect and/or share, how long the data is kept for and why, and the legal basis that allows us to process that data.
|Category of Data Processor||What data we collect/share||How long the data is kept for, and why||Legal basis||Notes|
|Business support services (such as our accountants, insurance providers and legal advisers)||
Customer data, including vehicle data
All Employee data
|Minimum 7 years, to comply with HMRC. In the case of our staff pension provider, for the lifetime of the employee. We retain service history connected with customer data for the lifetime of the vehicle.||Legal requirement|
|Partners and Suppliers||
Occasionally, Customer data/service history in the event of a warranty or insurance claim (we seek permission from the customer first)
|In most cases, only for as long as is required to provide the quote/service/support requested from a supplier. In the case of data recorded with the manufacturer for the vehicle service history, for the lifetime of the vehicle.||Contract||We often use trusted partners and suppliers to deliver specialist products, parts or services. However, pseudonimisation is applied in that the registration number, VIN number or make/model cannot be used to identify an individual.|
|Google Analytics||IP Address of visitors to our website||26 months, to allow statistical reporting||Legitimate interests||IP address data is collected to monitor visitor numbers to our website, and is pseudonimised to prevent identifying an individual.|
We do not use or employ any systems which perform automated decision making or profiling of personal data.
We do use two ‘Software-as-a-Service’ providers who are based in the United States, but the data we control and they process on our behalf is held in data centres within the EU, and complies fully with the GDPR. All data on these systems is encrypted to military standards, and is only readable by us unless we explicitly allow access for support purposes, and in that circumstance access is restricted and monitored to ensure only the minimum data necessary is exposed. It is further protected by being encrypted in transit using SSL technology. We do not pass any data to international organisations.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information we collect.
We ask customers whose vehicles contain a dashboard mounted camera to disconnect the device before we work on the vehicle. If a dashcam is installed in a vehicle when it is left in our care, we will keep it connected during road tests and delivery, but while the vehicle is in our workshop, the device will be disconnected.
This website may contain links to enable you to visit other websites of interest. However, once you have used these links to leave our site you should note that we do not have any control over any other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other sites and such sites are not governed by this Privacy Statement. You should exercise caution and read the Privacy Statement applicable to the website in question.