SEAT ID & CUPRA ID PRIVACY POLICY
“For us privacy matter is part of our core business. We design and make cars and mobility products that process big data to make your life enjoyable, making it possible to enjoy the driving experience at the highest level. We give you control at any time over your information and data, so that you, and only you, decide what to share, when to share, and who you share with. It’s a big value still our essence”.
1. General information
This Privacy Policy follows the provisions of regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, "GDPR"); as well as the Spanish Data Protection Act 3/2018; and other local regulations that complement it.
- Personal data is all information that relates to an identified or identifiable natural person.
- Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.
Therefore, we are going to explain to you below, in a clear and transparent manner, how and when we access, collect, share and protect your personal data arising from the registration and use of the SEAT & CUPRA ID user account (hereinafter referred to as the "SEAT & CUPRA ID").
The SEAT & CUPRA ID account allows you to use the service as unique login for several products and services. Please note that some related services and products you can log in (including third-party services) may have their own privacy policies informing about the specific data processing carried out through them. We also recommend that you read the privacy policies corresponding to each product and services.
2. Who is the data controller?
| Data Controller: | SEAT, S.A.U with VAT number A-28 049 161 |
|---|---|
| Address: | Autovía A-2, Km. 585, Martorell (Barcelona) |
| Contact: | SEAT: customercare@seat.com CUPRA: customercare@cupraofficial.com |
3. User and settings
The SEAT & CUPRA ID settings can be accessed through the SEAT & CUPRA ID official website: SEAT & CUPRA ID (vwgroup.io). Users must be identified with their email and password to be able to access the settings menu. Inside, you will be able to consult, edit or delete your services, applications and account.
If an application or service is no longer linked to the user's account, we won’t process any further personal data from you. However, you won’t be able to stop or delete the data processing where there is a service or contract in force.
4. What kind of personal data do we process?
Within the framework of the functionalities offered by SEAT & CUPRA ID and other products and services related to your account, we may process the following information from you.
- Name, surname
- Alias
- Telephone number
- Postal address
- Profile image
- Language
- Payment data
In the SEAT & CUPRA ID, you can voluntarily enter other personal information in addition to the mandatory fields. There are some digital services connected to SEAT & CUPRA ID than can require additional and accurate information to be used.
5. From whom can we obtain your data?
We obtain and collect your data directly from you through the information received directly in the process of creating and completing your account, as well as through the use of products and services related to your SEAT & CUPRA ID account.
6. For what purposes do we process your data and what is the lawful basis?
We process the personal data that you provide us with, as well as those that derive with us for the following purposes and under the following legal grounds set out below.
Please note that, for processing based on legitimate interest, you may at any time object to the processing of your personal data by contacting us through the contact channels indicated in this text, unless it is necessary for compelling legitimate reasons, or for the exercise or defense of possible claims.
Below you will find a detailed information on the processing of your personal data:
| Purpose / Description | Lawful basis |
|---|---|
| SEAT & CUPRA ID registration | |
| To create a SEAT & CUPRA ID account, we process your identification data (name, surname), your contact data (email or telephone), and your country of residence. To verify your registration for the SEAT & CUPRA ID we use the so-called 'Double-Opt-In' procedure. In doing so, we will send you an e-mail to the indicated e-mail address with a confirmation request. | We process your identification and contact data based on the fulfilment of a contract (Art. 6.1.b GDPR). We process the additional data you can add (alias, postal address, image…), based on our legitimate interest (Article 6.1.f. GDPR). |
| SEAT & CUPRA ID use | |
| You can use your SEAT & CUPRA ID to log in to various services, apps and websites whose providers may be SEAT, S.A.U. or third parties. To log in with your SEAT & CUPRA ID, you must use the e-mail address and password you specified during registration. For some services, you also have the option of logging in with your SEAT & CUPRA ID via your terminal device by scanning a code that is displayed in the registration process. Please, note that you may be required to provide additional information to contract certain services. Additionally, we process your data to guarantee the correct operation of the Service and the functionalities offered through SEAT ID & CUPRA ID, such as CONNECT services. | We process your data based on the fulfilment of a contract (Art. 6.1.b. GDPR). |
| Marketing and advertising | |
| In the event that you would like to keep informed about SEAT & CUPRA activities, we will ask for your consent to send you our commercial communications, surveys and offers form our product and services. Additionally, if you wish to receive personalised advertising and enhance your experience with SEAT & CUPRA, we will need an additional consent from you. For that, we need to create a personal profile of you, and we will segment and combine the following data: data from the SEAT & CUPRA ID account, contract’s data, vehicle’s data, Apps usage etc. In order to personalise advertising, we can also process data about your usage behaviour in the course of sending advertising (e.g., opening emails and links in the email). We use all this information to determine which topics are of most interest to you. On this basis, you will receive advertising that is better tailored to your needs in the future. Finally, if you are also interested in receiving personalized advertising of offers, news and events in your country related to our brands, we will need to communicate your personal data to national sales company representative (Importer). Please, note that once your data have been communicated, the Importer becomes an independent Data Controller. | We process your data based on your previous consent for each individual purpose (Article 6.1.a GDPR). |
| Purchase of services | |
| Certain services linked to your SEAT & CUPRA ID might require your payment details to purchase or renew them. For that, we process your payment and address data to correctly process your request. | We process your data based on the fulfilment of a contract (Art. 6.1.b. GDPR). |
| Compliance with legal obligations. | |
| SEAT S.A.U. is subject to various statutory and official requirements that must comply. These may arise, for example, from foreign trade and export control provisions, laws and regulations, in particular regarding the import, export or use of digital services and related products, software and technology. In the case of direct sales as well as the provision of some digital services (e.g., CONNECT), we process your personal data (name, surname, address, country) for the purposes of preventing fraud and money laundering, combating and clarifying the financing of terrorism and crimes that endanger property, as well as for comparison with European and international anti-terrorist lists. Please, consult the corresponding applicable privacy policies of the related services where this data processing may be applicable. | We process your data base on the need to comply with a legal obligation (Article 6.1 c) of the GDPR) to which SEAT S.A. is subject as a result of national and international foreign trade and export control provisions, laws and regulations, as well as, on our legitimate interest (Article 6.1.f GDPR), for extra-EU sanctions lists., in preserving secure trade. |
7. How long do we keep your personal data for?
We will keep your personal data as long as necessary to provide the functionalities related to SEAT & CUPRA ID and, in any event, until you ask for its deletion, provided that legal retention obligations do not prevent deletion.
We keep data strictly related to SEAT & CUPRA ID while the contractual relationship with you is in force and, after completion, as long as contractual claims may arise according to local legal provisions. In case of 3 years of account inactivity we are deleting it.
We also inform you that these general retention periods may be extended for specific activities such as marketing activities, claims management and regulatory requirements of export control. In which case, we may store your data for longer than 3 years.
8. Data recipients and data access
The disclosure of your personal and vehicle data to third parties will only occur in the following cases:
- Sales company responsible for your country (the Entity’s importer in your country): In case you want to be informed about news and offers from the sales company responsible for your country, we will transfer your data for marketing purposes. The basis of lawfulness is your consent (art. 6.1.a GDPR).
- Official Dealers & Service Network: We may also communicate your data to the Dealer and authorized service selected by you through the use of the services related to your account. The basis of lawfulness is the legitimate interest when you select the preferred service partner in the App (art. 6.1.f GDPR).
- Service providers. In order to be able to offer our services properly, we require the support of the Volkswagen Group (VW) companies and data hosting service providers such as SalesForce, Microsoft, Amazon Web Services etc. Therefore, these third parties may have access to your personal data, acting as data processors and subprocessors following our and VW Group’s instructions.
9. Are your personal data be sent outside the EU?
All the processing of your data will be carried out within the European Economic Area and will receive the same level of protection as in the European Economic Area. However, depending on where you are located and, therefore, where your importer is located, data might be outside the European Economic Area ensuring the processing of your data through the corresponding safeguards techniques.
Additionally, our Services Providers encrypt and processes data exclusively on data servers located in the European Union. These entities are based in the United States of America, a country declared with an adequate level of protection according to the European Commission and are member of the Data Privacy Framework. For more information, please visit this link: .
10. What are your rights as data subject?
You can exercise the following rights to SEAT, S.A. at any time and free of charge (except in the case of manifestly unfounded or excessive requests). In the event of reasonable doubt as to your identity, you may be asked for additional information to confirm your identity:
Right | Content |
|---|---|
Access | You can obtain confirmation as to whether SEAT S.A. processes your personal data, as well as consult your personal data included in our files. |
Rectification | You can modify your personal data if they are inaccurate, as well as complete if they are incomplete. |
Erasure | You can request the elimination or erasure of your personal data when, among other reasons, the data is no longer necessary for the purposes for which it was collected. |
Object to processing | You can request that your personal data not be processed. SEAT S.A. will stop processing the data, except for compelling legitimate reasons, or the exercise or defence of possible claims. |
Restrict of processing | You can request the limitation of the processing of your data in the following cases:
|
Portability | You can receive, in electronic format, the personal data that you have provided to us and those that have been obtained from your contractual relationship with SEAT S.A., as well as transmit them to another entity. |
Withdraw consent | In case you have given us your consent to process your data for any purpose, you also have the right to withdraw such consent at any time. |
Should you consider that we have not processed your personal data in accordance with applicable law, you can lodge a complaint with the relevant supervisory authority, being in Spain the Spanish Data Protection Authority, www.aepd.es.
11. How can you exercise your rights?
You can manage your privacy and personal data at any time in the User ID Portal: & .
If you prefer, you can also contact customercare@seat.com or customercare@cupraoffical.com directly, according to the mark to which it corresponds, and indicating the right you want to exercise.
If you wish to perform your data protection rights before the Entity’s Importer or their Dealer and Service Partner networks, please contact them directly.
12. Data Protection Officer.
If you have any doubts about data protection or wish to get in touch with our data protection officer (“DPO”), you can also contact him by sending an email to dataprotection@seat.es.
13. Privacy Policy changes.
We may update our Privacy Policy from time to time. We encourage you to review the Privacy Policy periodically for any changes. Changes become effective when they are posted on the website.
August 2024