GDPR (General Data Protection Regulation) Protecting your data
WE CARE ABOUT YOUR PRIVACY
1. WHY DO WE COLLECT YOUR DATA?
PROTECTING YOUR PERSONAL DATA IS OUR PRIORITY. WHEN WE KNOW A BIT ABOUT YOU, WE CAN PROVIDE A BETTER PERSONALISED SERVICE.
Using your personal data helps us improve our service to you. We can process your requests faster and manage our relationship better. Here is how we use your personal data:
|Passing your request to the relevant dealer.||This processing is based on our legitimate interest (to provide a quality service).|
|Providing information you might have requested (whether from us or our authorised dealership network).||This processing is based on the pre-contractual relationship resulting from your request (for example, to respond to your enquiry or fulfil any requests you make regarding test drives, service requests, brochure requests or information about specific vehicles) or our legitimate interest.|
|Sending you relevant information about your vehicle(s) and our services.||This processing is based either on our legal obligations (for example, sending you information about recalls on your vehicle), performance of a contract (for example, sending you information about your existing warranty agreement with us) or legitimate interest (for example, sending you information about system updates, service or MOT reminders or aftersales services such as information about your existing warranty or warranty extension).|
|Measuring the performance of our advertisements (including the effectiveness of marketing campaigns).||This processing is conducted based on our legitimate interest (to measure the performance of our activities), where possible using pseudonymised data.|
|Measuring the performance of our sales and after sales services.||This processing is based on our legitimate interest (to ensure that the services we are providing meet our quality and standards).|
|Sending you direct marketing communications (including newsletters) about our vehicles, products, and services.||
The processing is based on your consent (for example, where such marketing communication is sent by electronic means).
Where postal direct marketing is sent, this processing is based on consent or our legitimate interest (for example, where you have already purchased a vehicle or service from us, made a purchasing enquiry or requested a test drive, brochure, or other request for information. We will only contact you with information about our own vehicles and services (and in ways the laws allows).
You have the right to object to us sending you this information at any time.
|Sending you online targeted advertisements about our vehicles, products, and services, through our social media and advertising placement partners.||Where you have provided us with your consent to receive direct marketing communications (as described above) by email, we may share your email address with our social media and advertising placement partners (such as Facebook and Google) to send you online targeted advertisements and offers on their platforms. This processing is based on our legitimate interest.|
|We will use profiling, including segmentation tools to improve our customer and market knowledge.||This processing is based on our legitimate interest (to get to know the behaviour of our customers and prospects better and/or to provide you with relevant content).|
|Carry out customer satisfaction surveys (unless you object to such processing).||This processing is based on our legitimate interest (to improve our products and services).|
|Utilising customer feedback via surveys for the research and development of new products and services.||
Where possible, this will be using anonymised or pseudonymised data.
This processing is based on our legitimate interest (to improve our products and services).
|Call recordings of your interactions with Nissan and Nissan dealers (unless you object to such processing).||This processing is based on our legitimate interest (and those of the Nissan dealer) for quality and training purposes.|
|Provide you with connected services and on-board driving assistance applications (advance messages, eco-driving, park assist in so far as data used for such activities is considered to be personal data).||This processing is based on either consent, legitimate interest, the performance of the contract you have entered into with us or our legal obligation depending on the service provided by Nissan to you.|
You may change your preferences and stop receiving marketing communications from us (including online targeted advertising) at any time by clicking here.
When you visit our Nissan Facebook Fanpage, Nissan and Facebook process your personal data (including but not limited to your username, any comments that you post, direct messages that you send to us and your activities (such as the time and date of your posts and “likes”), via the Facebook Insights services). Nissan and Facebook are regarded as “joint controllers” for this processing.
2. WHAT KIND OF DATA DO WE COLLECT?
Your data helps us make sure that if we send you something, it’s something that’s relevant to you.
Any personal data we hold is collected via the purposes outlined in the table above. We may also rely on anonymised statistical data or work with third party companies to enrich our knowledge about you.
The personal data that we collect includes:
• Any personal information that can be used to identify you either directly or indirectly – the personal data we collect depends on our interaction with you and may include (but not limited to):
- contact details (such as first name, surname, postal address, email address and phone number);
- payment and transaction data (such as payment type, discount granted);
- purchase details and order history (such as service agreements for products and services);
- vehicle identification data (such as vehicle model, registration, registration number, vehicle identification number -VIN-, service reminders and warranty information);
- data relating to our interactions (such as call recordings between you and Nissan and you and the Dealer);
- data from your connected services (such as geolocation data);
- data relating to the use of the vehicle (such as mileage, journey, use of multimedia);
- where you have a connected vehicle, data allowing control of the vehicle and, where applicable, its battery (such as locking/unlocking, pre-conditioning, battery charge programming), relating to driving mode (such as use of controls, acceleration, braking) or to the provision of connected services or on-board applications;
- data required to carry out loyalty, direct marketing, market research or survey actions (such as your vehicle preferences);
- data relating to your online accounts;
- data concerning the use of our websites;
- date and time you used our services;
- GPS location (where you have permitted access to this);
- the internet browser and devices you are using;
- details of any transactions between you and Nissan or any authorised dealer or repairer;
- voice recordings of calls made to Nissan customer services centre;
- “live chat” records;
- details of services provided by Nissan group companies and authorised dealers that you have received or for which you have registered;
- where you act on behalf of a business, any information we collect as part of business telemarketing activity;
- where your vehicle is financed by RCI Financial Services (t/a Nissan Finance), information relating to your agreement (such as agreement length and parity date);
- information relating to your service plan, warranty, and extended warranty; and
- information about your insurance policies relating to your vehicle, (such as the type, level, and period of cover, which we receive from insurance companies or brokers.
• Special category of personal data in very limited circumstances only (such as medical personal data which you may have provided to us during a complaint or an enquiry) – please note that such special category of personal data shall only be processed where strictly necessary, and we will take appropriate measures to ensure the adequate protection of such special category of personal data.
Please note that the products and services that we offer are primarily for adults. Therefore, we do not carry out any specific personal data processing on minors.
We encourage you to keep us updated, in writing, of any changes to your personal data.
3. HOW LONG DO WE KEEP YOUR DATA?
We are committed to holding your personal data only for the time necessary to achieve the objective pursued, to meet your needs, or to meet our legal obligations.
In determining this time (retention period), we take into account, in particular, the following:
- The length of your contract;
- The time required to process your request or complaint;
- The length of time your user account has been open, unless it has been inactive for 3 years;
- Your interest in our brands;
- The need to keep a record of your interactions with us, to effectively manage our business relationship. This period will vary depending, in particular, on whether you have bought a vehicle or a service such as repair, or whether you have only interacted with us without entering into contracts with us; and
- Our legal or regulatory obligations (this is particularly the case for the technical data of our vehicles).
When we no longer need to use your personal data, it is deleted from our systems and records or made anonymous so that we can no longer identify you. However, it may be necessary to archive some of your personal data in order to be able to respond to any legal proceedings, throughout the statute of limitations provided for in the applicable legislation.
4. WHO DO WE SHARE DATA WITH?
We might share your personal data with our partners in order to improve our service. We make sure that they are as committed as we are to protecting your personal data and information.
Our dealers use your personal data to provide you with a better service. This includes handling special requests, personalised offers, and keeping you informed of information or news.
In most cases, Nissan and the dealers will process your personal data as independent data controllers.
We share your personal data with companies that provide services on our behalf. This includes:
- Website hosting including the operation and/or maintenance of our databases, websites, and mobile applications
- Email services
- Credit / debit card payment processors (where relevant)
- RAC and Car Care Plan or other provider of services directly to you
- Provision of authentication services
- Provision of services relating to our marketing, including the sending of commercial offers
- Social media and advertising placement partners
- Sweepstakes sponsors
- Organisation of contests, promotions, and events
- Auditing and statistical analysis
- Customer orders
- Data analytics
- Customer service including customer relations management (such as call centres, communication tools)
- Customer research and satisfaction surveys
- Any associated or connected motor manufacturer from whom we purchase or hire goods (and their group companies)
- Third party insurance providers
- Debt collection agencies
- The police, fraud prevention and identity authentication entities, other law enforcement agencies, government, and tax authorities in the United Kingdom or abroad in order to detect, investigate and prevent crime (please note that fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime)
- The courts in the United Kingdom or abroad as necessary to comply with a legal requirement, for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.
We may share information with other Nissan companies and transfer it to a third party in case of a merger, reorganisation or similar event.
COMPLIANCE AND SECURITY
It may be necessary for us to disclose your personal data to public and governmental authorities for reasons of national security, law enforcement or other issues of public importance. Where legally permitted we will inform you ahead of such transfer.
We may also disclose personal information if we determine in good faith that disclosure is necessary to protect our rights, resolve legal conflict, enforce our terms and conditions, investigate fraud or protect our users.
TRANSFERS OUT OF THE EEA
Your personal data may be processed outside of the UK or European Economic Area (EEA) i.e. the Member States of the European Union from time to time, together with Norway, Iceland, Switzerland and Liechtenstein.
We want to make sure that your personal data is stored and processed in a way which is secure. We will therefore only process your personal data outside of the UK or EEA where it is compliant with data protection laws and the way we transfer it provides adequate safeguards in relation to your personal data (for example, by using EU Commission approved agreements or other transfer mechanisms specified agreed by the ICO that we put in place between ourselves and the recipient organisation of your personal data).
5. What are your rights?
You have various rights in relation to the personal data which we hold about you. You can exercise these rights where applicable at any time by visiting this page.
• Right to object
This right enables you to object to us processing your personal data. If you object, we will stop using your data unless we can demonstrate compelling legitimate grounds (which overrides your interests) or if our use of your data is necessary for the establishment, exercise, or defence of legal claims.
• Right to withdraw consent
Where we have obtained your permission to process your personal data for certain activities, you may withdraw this consent at any time. If you ask us to do this, we’ll stop using your data unless we consider that there is an alternative legal reason to justify our continued processing of your data for this purpose, in which case we will tell you.
• Right to access your data
You may ask us for a copy of the information we hold about you at any time here. We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We may request proof of identification to verify your request. If you request further copies of this information from us, we may charge you a reasonable administrative cost. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will always tell you the reasons for doing so.
• Right to erasure
You have the right to request that we "erase" your personal data in certain circumstances. We would only be entitled to refuse to comply with your request for erasure in limited circumstances and we will always tell you our reason for doing so.
• Right to restrict processing
You have the right to request that we restrict our processing of your personal data in certain circumstances, for example if you dispute the accuracy of the personal data that we hold about you or you object to our processing of your personal data for our legitimate interests. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.
• Right to rectification
You have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. You may also request details of the third parties that we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.
• Right to portability
You have the right to request to receive your data in a structured, commonly used, and machine-readable format.
• Right to complain
You also have the right to lodge a complaint with a supervisory authority – for us this is the Information Commissioner's Office ("ICO") in the UK. For further details, please visit www.ico.org.uk. We encourage you to contact us first, so that we may attempt to resolve your problem together.
6. HOW TO CONTACT US?
Alternatively, you can contact our Data Protection Officer by email at: email@example.com.
MODIFICATION OF THIS POLICY
We may amend this policy from time to time. We will inform you and/or seek your consent whenever necessary or required. We therefore recommend that you consult this policy each time you visit our website in order to review the latest version.
Updated on April 4th 2022