Purpose of this privacy policy
The purpose of this privacy policy is to provide you with information about how the company AUGUST SA collects and processes your personal data as part of your relationship with the company AUGUST SA and the use of its websites, digital platforms, vehicles, products and services.

To clearly know why and how we use your data, it is important that you read this document as well as any other privacy policy that we may provide to you on particular occasions when collecting or processing personal data about you. . This privacy policy supplements our other privacy policies and is not intended to replace them.

Data controller
AUGUST SA trade names and site names: “ AUGUST-PORSCHE (.EU, .COM, .BE)", " AUGUST-CLASSICS
(.BE)", " AUGUST-ADDICTION (.BE)”, “ AUGUST PORSCHE ADDICTION (“we”) is a company registered in Belgium (Company registration under company number 0893.167.288 and subject to VAT under the same number.).

Contact information
The Designated Data Protection Officer (DDPD) of AUGUST SA is responsible for handling matters related to this Privacy Policy and our privacy practices. If you have any questions regarding this privacy policy or wish to exercise your legal rights, please contact the DDPD at the following contact details: 

Full name of the legal entity: AUGUST SA
E-mail adress : info@august-porsche.be
Address : AUGUST HER, 15, Route de Genval 1380 Ohain – Belgium

Privacy Commission: Rue de la Presse 35 – 1000 Brussels Tel. +32 2 274 48 00 Fax +32 2 274 48 10 e-mail: commission@privacycommission.be  Website: http://www.privacycommission.be/ , governs the processing of personal data in Belgium and is the supervisory authority responsible for matters relating to data protection. You have the right to lodge a complaint at any time with the  Privacy Commission; However, we invite you to first submit your concerns and complaints to us, which we will try to resolve.

Changes to the Privacy Policy and Obligation to Notify Us of Any Changes
Our privacy policy is subject to regular review. This version was last updated on March 29, 2019. We recommend that you periodically review this privacy policy to check for updates or changes.

It is important that the personal data we hold about you is accurate and up to date. We therefore thank you for keeping us informed in the event of any modification of your personal data during your relationship with us.

Third party links
Our websites and digital platforms may contain links to third party websites, plug-ins and applications. Your clicking on those links or making those connections may allow those third parties to collect or share data about you. We have no control over these third-party websites and are not responsible for their content, security or privacy policies. We recommend that you review the security and privacy policies of each website and social media service you visit and/or join. 

Personal data or information means any information about a living individual from which that person can be identified. It does not include data from which the identity has been removed (anonymous data). We may collect, use, store and transfer different types of personal data about you which we have classified into the following categories:

• Identity data (eg, name, username or similar identifier, title, date of birth); 

• Contact information (eg, billing or delivery address, telephone number(s), e-mail address); 

• Information about your vehicle (eg, VIN, make, model, year, dealer, purchase or lease date, purchase or lease price, equipment, service history, warranty period);

• Vehicle data (eg, vehicle location and general condition data, warning lights, next service appointment, fuel level, battery level, tire pressure, service history, fault or fault codes, performance data, other status information);

• Areas of interest/preferences (eg, purchases or orders you have made, comments);

• Profile images/information (eg, photographs or other user-generated content, such as materials provided as part of sales announcements, or interests you cite on social media platforms);

• Transaction data (eg information about the products and services you have purchased from us); 

• Usage Data (eg, information about how you use our websites, products and services);

• Marketing and Communications Data (eg, your preferences for receiving marketing communications from us and our third parties, your communication preferences).

  If You Use a Digital Device to Activate Company Services AUGUST SA or access it, we may collect data about this device, including:

• Technical data (eg, IP address used to connect your computer to the Internet, login information, type and version of your browser, time zone and location, type and version of your browser plug-ins, operating system and platform you use);

• Location information (eg, IP address, GPS data);

• Information about your visit (e.g., your URL navigation path to, on and from our website, products viewed or searched for, page response times, download errors, viewing time for certain pages, information about your interactions with the page, methods used to leave the page, telephone number used to contact our customer service);

• Information about email communications (eg, time and date the email was opened, links viewed from the email, opt-out preferences).

We also collect, use and share aggregate data such as statistical or demographic data. Aggregated Data may be derived from your personal data, but is not legally considered personal data, as it does not directly or indirectly reveal your identity. 

We do not collect any special category of personal data about you (e.g. information about your ethnic origins, religious or philosophical beliefs, sexual life or orientation, political opinions, trade union membership and health, genetic and biometric data). 

We also do not collect information about your criminal offenses and convictions. 

Our websites and digital platform are not directed to children and we do not knowingly collect data about children. If we discover that we have collected information about a child without parental consent, we will delete that data.

Failure to transmit personal data
If the law or the terms of a contract we have entered into with you require us to collect personal data, and if you do not provide this data when requested, we may not be able to carry out the contract we have entered into or intend to enter into with you (e.g. to provide goods or services to you). In this case, we may have to cancel a product or service that you benefit from with us, but we will inform you if necessary in due time. 

We use different methods to collect data from and about you, including the following:

• Direct interactions. You may give us your personal information by filling in forms or by corresponding with us by post, telephone, e-mail, SMS/MMS, instant messaging or otherwise. This data may be provided when you:

• request information about our products and services or purchase our products and services;
    
• attend company events AUGUST SA or trade shows, or participate in test drives;
    
• create an account on or visit our website;
    
• register for our services or publications;

• request to receive marketing communications;

• enter a contest, promotion or survey;

• send us your comments or contact us.

• Automated Technologies or Interactions. When you interact with our websites and digital services, including our social media platforms, we automatically collect Technical Data about your hardware and browsing actions and patterns. We collect this personal data using cookies and other similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies. Please see our Cookie policy .  

• Third parties or publicly available sources We receive personal data about you from the following third parties and public sources:

• Vehicle information and other information provided directly by the company AUGUST approved independent SA (hereinafter “ AUGUST HER ") ;

• Technical data provided by third parties, including analysts and research information providers;

• Advertising networks;

• Event agencies;

• Identity and contact data obtained from publicly available sources and data brokers;

• Information freely available to the public from Internet searches.

We may share your personal data with the following parties, for the purposes described in section 4, "How do we use your personal data?" » :

• Internal third parties (e.g. other group companies AUGUST HER) ; 

• External third parties (eg, dealers, service providers acting on our behalf, professional advisers and other regulatory authorities/bodies);

• Third parties to whom we may choose to sell or transfer parts of our company or our assets or with whom we may merge parts of our company or our assets. We may also seek to acquire other companies or merge with them. If our company changes, the new owners may use your personal data as described in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only allow them to process your personal data for specified purposes and in accordance with our instructions.

The data we collect about you may be transferred to and stored outside of the European Economic Area (“EEA”) (and subject to applicable data localization laws). It may also be processed by staff working outside the EEA, whether employed directly by us or by one of our suppliers, such as AUGUST SA local. Such staff may be involved in, among other things, the preparation of your order, the processing of your payment information and the provision of services, support. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and UK data protection law, unless otherwise stated.

If we transfer your personal data outside the EEA, we will ensure that an equivalent level of protection is ensured by implementing at least one of the following measures:

• We will transfer your personal data only to countries considered by the European Commission to apply an adequate level of personal data protection;

• If we use certain service providers, we may use specific contract models approved by the European Commission which ensure a level of protection of personal data equivalent to that applied in Europe. 

We have implemented appropriate security measures to prevent accidental loss, unauthorized use or access, alteration and disclosure of your personal data. In addition, we limit access to your personal data to employees, agents, contractors and other third parties who have a business need to know. They will process your personal data only in accordance with our instructions and are subject to an obligation of confidentiality. 

We have put in place procedures to deal with suspected personal data breaches and will notify you and any relevant supervisory body of such breaches if required to do so by law.

How long will we use your personal data?
We will retain your personal data only for as long as reasonably necessary to fulfill the purposes for which we collected it, including to meet legal, regulatory, tax, accounting or reporting obligations. We may keep your personal data longer in the event of a complaint or if we reasonably believe that a dispute is likely in the context of our relationship with you.

To determine the appropriate retention period for personal data, we take into account its quantity, nature and sensitivity, the potential risk of harm from unauthorized use or disclosure, the purposes for which we discuss, whether or not we might achieve these purposes by other means and applicable legal, regulatory, tax, accounting and other obligations.

In some cases, we will anonymize your personal data (so that you cannot be identified and the data can no longer be associated with you) for research or statistical purposes. In this case, we may use this information indefinitely without having to notify you. 

In some cases, you have the following rights to your personal data under data protection laws:

• You can request access to your personal data (“data subject right of access”). You will then receive a copy of the personal data we hold about you;

• You can request that the personal data we hold about you be rectified. Any incomplete or inaccurate data we hold about you can thus be corrected. However, we may need to verify the accuracy of the new data that you provide to us. In many cases, you can modify your personal data directly;

• You can request the erasure of your personal data. You can ask us to erase or delete your personal data if there is no valid reason for continuing to process it. You also have the right to ask us to erase or delete your personal data if you have successfully exercised your right to object to processing (see below), in the event that we have processed your information unlawfully or if we are required to erase your personal data in accordance with local law. Please note, however, that we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request;

• You can object to the processing of your personal data. In some cases, we may demonstrate that compelling legitimate reasons which then prevail over your rights and freedoms require us to process your information;

• You can request that the processing of your personal data be restricted. You can ask us to suspend the processing of your personal data in the following cases:

• If you want us to verify the accuracy of the data,
• If the way we use the data is unlawful, but you do not want us to erase it,

• If you want us to keep the data when we no longer need it, because it is necessary for the establishment, exercise or defense of legal rights,

• If you have refused to allow us to use your data, but we need to check whether compelling legitimate reasons allow us to use it;

• You can request that your personal data be transferred to you or to a third party;

• You can withdraw your consent at any time if your consent is required for the processing of your personal data. If you withdraw your consent, we may not be able to provide you with certain products or services. We will let you know if necessary when withdrawing your consent.

If you wish to exercise any of the rights described above, please contact our DPO:

info@august-porsche.be

Cost 
You will not have to pay any fees to access your personal data (or to exercise any other right). However, if your request is clearly unfounded, repetitive or excessive, we may charge you a reasonable amount or refuse to respond to your request.

What can we ask you?
We may request specific information from you to help us confirm your identity and ensure your right to access your personal data (or another right). This security measure aims to prevent your personal data from being disclosed to people who have no right to know them. We may also contact you to ask you for additional information about your request to expedite our response.

Response time
We try to respond to all legitimate requests within one month. However, this period may be exceeded if your request is particularly complex or if you have made several requests. In this case, we will keep you informed.