The protection of your personal data is a priority for us.
General Statistical Information and Its Use
Every time you visit our exonparts website, we get some statistical data that is furthermore processed and collected. By law, these data are understood as "general statistical information" and their use and processing are always governed by applicable law. It also allows us to see whether the customer is visiting the website for the first time (unique visit) or repeatedly. All statistical information is processed in bulk, not individually. As a result, we have comprehensive data for a given period or for a given product and a sub page. It is important to emphasize that we do not acquire or process any personally identifiable data of visitors or customers in statistical activity.
What is the statistical information we receive?
We care about general statistical information. Thanks to them, we gain an overview of product popularity, website visits, e-shop and, of course, workloads. Based on this information, we can consequently correct the product offer and improve the overall performance of our website.
What can we include among general statistical information?
General statistical information is a fairly broad concept, which only few fully understand. Thus, we would like to inform you that this information includes:
- Website traffic
- Time spent on websites
- Time spent by the visitor on the website
- The uniqueness of the visit or its duplicity
Personal Identification Data and Their Collection
As we deal with the distribution and sale of car parts, we use some of your personal identification data for our business. Of course, we use and process these based on your consent. Unfortunately, it is not possible to order the products without providing personal data. However, buyers need not feel concerned that we will provide this information to other parties without their knowledge and consent or sell them. Personal data is safe in our country and used only when necessary, such as for the purpose of concluding the purchase agreement and sending the goods to your chosen address.
The General Data Protection Regulation (GDPR)
What is GDPR for personal data?
Personal information refers to any information that relates to a particular individual, that is, the information according to which a particular person can be identified. To give an example, personal data includes name, gender, age, date of birth, personal status, IP address, organizational data, email address, telephone number or other identification data. This involves, among other things, information about bank accounts, payment cards or cookies.
We already have a consistent level of data protection and security. However, we decided to prepare the GDPR in advance by April 2018.
Steps we had to take:
- Risk assessment - We conducted a company-wide survey and control in order to identify and assess what personal data we own, where it came from, how and why it is processed and who has access to it
- Policies and Procedures - We have implemented new privacy policies and practices to comply with GDPR requirements with applicable data protection laws.
In addition to these policies and procedures, we addressed an email to all affected individuals so as to comply with the right to access personal information. You may want to know:
- what personal information we have about you as a customer
- the purpose of their processing
- personal data categories
- how long the information will be stored
- the recipients to whom this information will or will not be communicated
Right of Deletion:
In addition, our customers have the right to request the deletion of personal data or the restriction of their processing in accordance with data protection laws as well as the right to file a complaint. For the first mentioned option, we have prepared an instant deletion of personal data on our website. This feature allows deletion of your personal information by simply pressing a button in your customer service. Deletion takes place immediately, even at the server level. After such deletion of personal data, we do not have any personal data other than an email address and an encrypted password. This data is used to control the customer account. If you do not wish to continue to use your account, just send an email request to remove any remaining personal information. This request will be accepted without undue delay within 72 hours and all personal and organizational data of that account will be permanently removed from our server.
We strive to ensure the security and protection of processed personal data and provide access to data protection. We have always had an effective data protection program, but we recognize the need and importance of updating and extending this program to meet GDPR requirements. We take seriously the privacy and security of everyone's personal data and take every precaution to protect and secure this data accordingly. We also have security for APIs, access controls, passwords, data encryption or access restrictions to unauthorized people. Furthermore, we are still trying to provide information and training on GDPR staff to engage in this regulation.
We do not process any data regarding racial or ethnic origin, political opinions, religion, philosophical belief, trade union membership, health status, sexual orientation or final conviction.