Information on data processing – IC Website
2024-07-24
1. INTRODUCTION
The data controller of the personal data collected in particular through the online platform operating at www. intercars.com.al (hereinafter: Service or Platform), i.e. the entity that decides how your personal data will be used, Inter Cars Albania ShA (hereinafter: Controller). Contact with the Controller is possible via the telephone number +355696845985 and email [email protected]. The Data controller is responsible for the security of the personal data provided and for processing them in accordance with the law.
Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: GDPR) and other currently applicable data protection laws.
During a visit to the Website, the collection of:
- personal data provided by the user of the Website,
- data collected and recorded automatically.
2. DATA COLLECTED - BASIC INFORMATION
The following information refers to all the uses of the personal data provided by you by the Controller.
The Controller processes personal data of:
- users of the Website using services and functionalities the use of which does not require logging in (e.g. contact form, access to information and content not requiring the creation of an account),
Your data will not be used to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 GDPR.
Subject to all data security guarantees, personal data processed through the Service may be communicated - in addition to persons authorised by the Controller - to other entities, including:
- entities entitled to receive them in accordance with legal provisions,
- entities processing them on behalf of the Controller, e.g. technical service providers, analytical service providers, entities providing consulting services,
- other data controllers to the extent necessary for the performance of the contract, services and legal requirements, e.g. notary or legal offices, contractors providing services to the Controller on the basis of concluded contracts, auditors.
The Controller, to the extent necessary for the proper performance of the contract, may transfer your personal data to countries outside the European Economic Area (hereinafter: EEA), which guarantee a high level of personal data protection. These guarantees arise in particular from the obligation to apply the standard contractual clauses adopted by the European Commission. The Controller may also transfer data to countries outside the European Economic Area which do not guarantee an adequate level of protection. However, the Controller shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with their recipients that meet the conditions set out in Chapter V of the GDPR.
3. USERS RIGHTS
The Controller informs that, in relation to the processing of personal data obtained through the Service, each data subject has the right to make a request regarding:
1. access to the data (information on the processing of personal data or a copy of the data),
2. rectification of data (when they are incorrect),
3. erasure of personal data (right to be forgotten),
4. restriction of processing of personal data,
5. data portability to another controller,
6. to object to the processing of your data when the basis of the processing is the legitimate interest of the Controller,
7. withdrawal of consent where the Controller will process personal data on the basis of consent, at any time and in any way, without affecting the lawfulness of processing performed on the basis of consent before its withdrawal - according to the principles set out in the GDPR.
Any data subject has the right to lodge a complaint with the supervisory authority Right to Information and Data Protection Commissioner if they consider that the processing of personal data is not in compliance with the law.
4. PERSONAL DATA PROVIDED BY USER
Your personal data may be processed by the Controller in particular:
For the use of the website (legal basis - Article 6(1)(b) GDPR) - ‘performance of the contract’.
For the purpose of marketing communication by means of electronic communication (in particular e-mail, web push), if you have given your separate consent to the processing of your data for this purpose (legal basis - Article 6(1)(a) GDPR) - ‘consent’.
5. DATA COLLECTED AUTOMATICALLY
The use of the Website involves sending requests to the server, which are automatically recorded in event logs. The event logs record user session data. In particular, these include the IP address, device type and name, date and time of the visit to our service, information about the web browser and operating system.
The data stored in the event logs is not associated with specific individuals. Access to the contents of the event logs is available to persons authorised by the Controller to administer the Service.
A chronological record of information about events is only auxiliary material used for administrative purposes. The analysis of event logs makes it possible, in particular, to detect threats, to ensure appropriate security of the Service and to perform statistics in order to gain a better understanding of how the Service is used by users.
User session data is used to diagnose problems with the functioning of the Platform and to analyse possible security breaches, to manage the Service and to perform statistics (legal basis - Article 6(1)(f) GDPR) - ‘legitimate interest’.
The Service uses cookies for its operation. Please see below for more information – cookies policy.
6. FINAL PROVISIONS
The Controller reserves the right to make changes to this document, in particular in the event of:
- development of technology,
- changes to the generally applicable provisions of law, including those concerning personal data protection or information security,
- development of the Service (e.g. implementation of additional functionalities and services).
The Controller shall inform users of changes to this document by posting an appropriate announcement on the website.
The data controller of the personal data collected in particular through the online platform operating at www. intercars.com.al (hereinafter: Service or Platform), i.e. the entity that decides how your personal data will be used, Inter Cars Albania ShA (hereinafter: Controller). Contact with the Controller is possible via the telephone number +355696845985 and email [email protected]. The Data controller is responsible for the security of the personal data provided and for processing them in accordance with the law.
Your personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: GDPR) and other currently applicable data protection laws.
During a visit to the Website, the collection of:
- personal data provided by the user of the Website,
- data collected and recorded automatically.
2. DATA COLLECTED - BASIC INFORMATION
The following information refers to all the uses of the personal data provided by you by the Controller.
The Controller processes personal data of:
- users of the Website using services and functionalities the use of which does not require logging in (e.g. contact form, access to information and content not requiring the creation of an account),
Your data will not be used to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 GDPR.
Subject to all data security guarantees, personal data processed through the Service may be communicated - in addition to persons authorised by the Controller - to other entities, including:
- entities entitled to receive them in accordance with legal provisions,
- entities processing them on behalf of the Controller, e.g. technical service providers, analytical service providers, entities providing consulting services,
- other data controllers to the extent necessary for the performance of the contract, services and legal requirements, e.g. notary or legal offices, contractors providing services to the Controller on the basis of concluded contracts, auditors.
The Controller, to the extent necessary for the proper performance of the contract, may transfer your personal data to countries outside the European Economic Area (hereinafter: EEA), which guarantee a high level of personal data protection. These guarantees arise in particular from the obligation to apply the standard contractual clauses adopted by the European Commission. The Controller may also transfer data to countries outside the European Economic Area which do not guarantee an adequate level of protection. However, the Controller shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with their recipients that meet the conditions set out in Chapter V of the GDPR.
3. USERS RIGHTS
The Controller informs that, in relation to the processing of personal data obtained through the Service, each data subject has the right to make a request regarding:
1. access to the data (information on the processing of personal data or a copy of the data),
2. rectification of data (when they are incorrect),
3. erasure of personal data (right to be forgotten),
4. restriction of processing of personal data,
5. data portability to another controller,
6. to object to the processing of your data when the basis of the processing is the legitimate interest of the Controller,
7. withdrawal of consent where the Controller will process personal data on the basis of consent, at any time and in any way, without affecting the lawfulness of processing performed on the basis of consent before its withdrawal - according to the principles set out in the GDPR.
Any data subject has the right to lodge a complaint with the supervisory authority Right to Information and Data Protection Commissioner if they consider that the processing of personal data is not in compliance with the law.
4. PERSONAL DATA PROVIDED BY USER
Your personal data may be processed by the Controller in particular:
For the use of the website (legal basis - Article 6(1)(b) GDPR) - ‘performance of the contract’.
For the purpose of marketing communication by means of electronic communication (in particular e-mail, web push), if you have given your separate consent to the processing of your data for this purpose (legal basis - Article 6(1)(a) GDPR) - ‘consent’.
5. DATA COLLECTED AUTOMATICALLY
The use of the Website involves sending requests to the server, which are automatically recorded in event logs. The event logs record user session data. In particular, these include the IP address, device type and name, date and time of the visit to our service, information about the web browser and operating system.
The data stored in the event logs is not associated with specific individuals. Access to the contents of the event logs is available to persons authorised by the Controller to administer the Service.
A chronological record of information about events is only auxiliary material used for administrative purposes. The analysis of event logs makes it possible, in particular, to detect threats, to ensure appropriate security of the Service and to perform statistics in order to gain a better understanding of how the Service is used by users.
User session data is used to diagnose problems with the functioning of the Platform and to analyse possible security breaches, to manage the Service and to perform statistics (legal basis - Article 6(1)(f) GDPR) - ‘legitimate interest’.
The Service uses cookies for its operation. Please see below for more information – cookies policy.
6. FINAL PROVISIONS
The Controller reserves the right to make changes to this document, in particular in the event of:
- development of technology,
- changes to the generally applicable provisions of law, including those concerning personal data protection or information security,
- development of the Service (e.g. implementation of additional functionalities and services).
The Controller shall inform users of changes to this document by posting an appropriate announcement on the website.