At the VALEO CAR we want to make sure you know what data we collect from you, why we collect it, what we do with it and how you can ask us questions about it or exercise your rights
Before we tell you what we do with your data, let us tell you who we are.
When we say “VALEO CAR ” we mean the VALEO company and this Privacy Notice applies to all the companies in our group.
If you are reading this notice on a company website, then it is part of our group.
If you want to know more about the companies that make up the VALEO plc then contact us
VALEO is a data controller for all our customer and colleague personal data whether we collect it from you when you visit one of our websites, one of our stores or autocentres, or when we visit you with our mobile expert services.
We’d like you to read all of our privacy notice, but we understand that sometimes you know exactly what you want and just want to go straight to it, so we’ve listed below the most common things customers ask us – the “FAQ’s”
Our postal address is:
Valeo, 30 N Gould St Ste R Sheridan, WY 82801.
You can find the contact details for the DPO at the bottom of this notice but please have a look at these FAQ’s first as they may be able to assist you with your problem.
No problem, this is called a “Subject Access Request” or SAR. But first we need some information from you to ensure we only disclose your personal data to you, or your representative. To make sure we have all the information from you that we need to fulfil your request, we have created a form The form is simple to complete, is free and allows you to access your personal data securely.
The Legal – By law we have one month to provide you with a copy of your personal data which starts from the moment you have provided proof of your identity. We may extend the time limit by a further two months if the request is complex or if we receive a number of requests from you.
You have a right to erasure also known as the” right to be forgotten” but this doesn’t always apply. We will always review each request for erasure on a case-by-case basis. However, If you have bought something from us, we will be unable to erase your personal data because legally we have to keep records of commercial transactions for Her Majesty’s Revenue and Customs for 6 years. This data will automatically delete 6 years from the date of your last transaction with us. If you still want to ask us to delete your personal data.
The Legal – we have one month to respond to your request which starts from the moment you have provided proof of your identity.
This is your right to rectification. Tell us what you think we have that’s wrong, such as the wrong vehicle registration number, a previously owned vehicle registration number, or a booking error. We will check it and if the data we hold is wrong, we will change it. We have a duty to ensure all personal data we hold is accurate. You can ask us to rectify your data here.
The Legal – we have one month to respond to your request which starts from the moment you have provided proof of your identity.
Marketing emails and text messages have an opt out or unsubscribe button at the bottom of the email/text. This is the quickest and easiest way for you to unsubscribe. If you have already deleted the email or text, then you can send us a request to unsubscribe you
If the email/text does not contain an opt out or unsubscribe button it’s because it’s a service message not a marketing message. A service message may be an MOT reminder or an invitation to provide feedback, or a product review request. If you no longer wish to receive any communications from VALEO,
Yes, we can do that as CCTV images are personal data, however, please be aware that we only retain CCTV images for 30 days from when they were recorded, after which they are deleted by the system and we are unable to recover them. To request a copy of your CCTV images
The Legal – we have one month to provide you with a copy of your personal data which starts from the moment you have provided proof of your identity. We may extend the time limit by a further two months if the request is complex or if we receive a number of requests from you.
As an essential part of our business, we collect and manage customer data. In doing so, we observe all relevant data protection legislation, and are committed to protecting and respecting customers’ privacy and rights. Specifically, VALEO acts as “Data Controller” in respect of the information gathered and processed by this website, when customers visit one of our stores or autocentres or use one of our mobile services.
In order that you are reliably informed about how we collect, process, store and share your information, we have developed this Privacy notice. This notice also advises how you can have control over our use of your data.
The information that we collect from our customers is known as “personal data” and may include your name, home address, e-mail address, telephone number and vehicle registration number.
This could be when you fill in a form on a website, or when you correspond with us by telephone, e-mail, webchat, or letter, when you buy something from one of our stores or websites or visit one of our autocentres.
We don’t store your payment card details as we use a third-party payment processor, so we never see your payment card information.
Haynes Pro, who give us information about your vehicle like the make, model and age of your car using the Vehicle Registration Number. We do this when we need to order the correct car parts or to provide you with the most up-to-date and relevant messages regarding your car’s safety, maintenance, and upkeep.
Third parties such as Google Analytics, may drop cookies on your computer or mobile devices. These cookies may use information about your visits to our websites to provide relevant advertisements about goods and services that you may be interested in. They may also employ technology used to measure the effectiveness of our advertising using cookies to collect information about your visits to our sites in order to provide relevant advertisements about goods and services you may be interested in. The information collected through this process doesn’t let us, or them, collect your name, contact details or other personally identifying details unless you choose to provide them. We have cookie controls in place on all of our websites that allow you to choose how much, if any, personal data you provide. For more information about cookies go
Because we are a group of companies, we combine data. We sometimes call this a “Single Customer View” it helps us to better understand your requirements, and how we can make our service better. We may also combine the data with data from selected third parties. This is a legitimate business interest necessary for providing you with the best products and services. It also helps us ensure our data is always up to date and accurate.
Like the majority of businesses, we analyse customer data and the business information generated by those customer data. Where we can, we anonymise or pseudonymise the customer data to carry out the analysis or research. This is a necessary legitimate business interest used to,
We may disclose your personal information to, (categories of recipients)
When we share your personal information with third party service providers and partners we carry out robust due diligence and ensure there is a contract in place that ensures your personal information is safe and your privacy protected. The contract is a legally binding document that ensures,
If you have any questions about the third parties, we share your personal information with, please contact us using the contact details provided below.
We will only collect personal information from you;
If you need further information about the legality of our processing of your personal data
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of the UK.
Valeo car Website servers are located in the usa, but some of our third-party service providers and partners with whom we share your personal data are located outside of the usa, such as in the EU, the Uk and India.
To ensure your personal information receives the same protection it would if it were being processed inside the UK, we always ensure that ICO guidance on International Data transfers is complied with and, our contracts with third parties contain the standards that must be followed at all times, including where applicable the use of EU Standard Contractual Clauses and UK International Data Transfer Agreements. If you wish for more information about these contracts, please contact us using the contact details provided under the “How to contact us” heading.
Any transfer of your personal data will be compliant with UK data protection law and all personal data will be secure.
You have the right to be informed about how we collect and use your personal data. This is known as a key transparency requirement under the UK GDPR. This Privacy notice provides that information. We regularly review, and where necessary, update your privacy information, if we do, we will highlight those amendments with the date and time they were made. If you require more information about how we process your personal data.
You have the right to ask us for a copy of your personal data that we hold about you. This is known as a “Subject Access Request” or SAR. We will send you a copy of the information within one month of your request once we have confirmed your identity. We can extend the time limit by a further two months if your request is complex or if we receive a number of requests from the you.
A third party can also make a SAR on your behalf but we need to know we have your permission to give them the information so we may need further information from you such as a written authorisation.
We can accept SAR requests either verbally, via email or post or via social media, however, the quickest and most secure way for you to obtain your personal data is via our SAR portal The SAR portal has been set up make the SAR process as quick and easy as possible and we can keep you updated as to the progress of your request. You can communicate with us about your SAR via the portal as well as securely view your personal data.
We can refuse to provide your information if an exemption or restriction applies, or if the request is manifestly unfounded or excessive. However, we will always do our best to provide you with your personal data and help you to change your request, for example if we believe the request to be excessive, by asking you to clarify your request to help us locate the information you are asking us for.
If you think any of the information, we hold about you is incorrect, you can either:
You can ask us to erase your personal information. We can only do this in certain circumstances (see Frequently Asked Questions above). We will consider every request for erasure on an individual basis. You can ask us to delete your data a Right to object
You can object to us using your data in certain circumstances.
If your request relates to direct marketing, we will stop using your data for marketing purposes immediately on request. This is also known as “opting out” of marketing (see Frequently Asked Questions).
If you believe we should stop using your data for any other purpose, you can ask us to stop using your data
You can ask us to restrict the use of your data if you think it is inaccurate, but this will take time to validate, if you believe our data processing is unlawful but you do not want your data erased, if you want us to retain your data to establish, exercise or defend a legal claim, or if you wish to object to the processing of your data. Then you can ask us here but please be aware, you will need to explain to us why you need us to restrict using your data.
If you would like us to move, copy or transfer the data that we hold about you to another organisation, please contact our Data Protection Officer at email@example.com
Please be advised that this only applies to certain data which has been submitted by you electronically for specific purposes only. Our Data Protection Officer can provide further advice.
Where we hold a customer’s details, we will also seek to ensure that, as far as possible, we maintain a single composite record of their interactions with us, which may require us to match their different activities. Where customers have indicated that they do not want us to us their data for receiving communications (other than those deemed legitimate), we will use this information purely for anonymised internal analytics and reporting, for example, looking at sales trends which does not identify individual customers.
If you do not want us to undertake profiling or matching, you may either:
At Valeo car, we maintain a comprehensive data management work programme, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold customers’ personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.
We also maintain an active information security work programme which seeks to protect the availability, confidentiality, and integrity of all physical and information assets. Specifically, this helps us to:
We recognise that the security of data and transactions on this website is of primary importance. We therefore ensure that all connections to secure parts of the website (such as when you login) are encrypted and authenticated using strong protocols, key exchanges and ciphers.
We use a secure third-party payment processor for all digital payments. This means we do not store your financial data and cannot we see the card information we may ask you to enter when purchasing goods over the phone or on- line. The services we provide are compliant with the Payment Card Industry Data Security Standard (PCI DSS). Being compliant with PCI DSS means that we are doing our very best to keep our customers’ valuable information safe and secure and out of the hands of people who could use that data in a fraudulent way.
Questions and comments regarding this Privacy Notice are welcomed and should be sent to our Data Protection Officer at firstname.lastname@example.org
You can also contact our Data Protection Officer if you have any concerns or complaints about the way in which your personal data has been handled or if you think we’ve done something wrong. But first check the FAQ’s as you may find the answer to your question.
Alternatively, if you still feel we have not handled your personal data correctly, you have the right to ask the Information Commissioner’s Office (“ICO“) to look at how we handled your personal data.