SEAT ID & CUPRA ID PRIVACY POLICY
By means of this Privacy Policy, we inform you about the collection, processing and use of your personal data by registering and using a single user account SEAT ID & CUPRA ID (hereinafter referred to as "SEAT ID & CUPRA ID").
Who is the data controller?
| Data controller identity | SEAT, S.A.U with TAX Identification number A-28 049 161 |
|---|---|
| Address: | Autovía A-2, Km. 585, Martorell (Barcelona) |
| Email address: | customercare@seat.com or customercare@cupraofficial.com |
What is the SEAT ID & CUPRA ID Service?
The SEAT ID & CUPRA ID application and the https://seatid.vwgroup.io/ and https://cupraid.vwgroup.io/ portal allow you to use the services and applications of SEAT and/or third parties. Each of these platforms or functionalities may have their own privacy policies informing about the specific data processing carried out through them.
The configuration of SEAT ID & CUPRA ID can be accessed through user settings in the services linked to SEAT ID & CUPRA ID or through the links indicated in the previous paragraph. Users must be identified with their SEAT ID & CUPRA ID in order to access the settings menu.
Through the privacy settings section, you can consult, edit or erase the personal data linked to your user account, in the "Personal data" section or in the "Contact" section.
If you do not wish to link a service to your existing user account, you can manage it through the "Connected Applications" section in the privacy settings. If you wish to remove a paid service from your user account, you can only do so by creating a new user account.
If an application or service is no longer linked to the user account, the personal data required to provide the service will be deleted. Similarly, if the user wishes to delete his/her account, his/her data will be deleted in accordance with this privacy policy.
For what purpose do we process your personal data and what is the legitimacy?
At SEAT, S.A.U. (hereinafter, "SEAT") we process the personal data you provide us with, as well as all those collected through the use of SEAT ID & CUPRA ID for the following main purposes:
-
To create a SEAT ID & CUPRA ID account that allows you to access different SEAT applications, connected to SEAT ID & CUPRA ID, without having to provide your personal data again to register.
-
To sign into different services with a unique user identification, as long as these services include SEAT ID & CUPRA ID as a login option.
-
To store data in your SEAT ID & CUPRA ID. Storing this data enables other services, platforms or functionalities to access it, without the need to register it again. The personal data linked to your SEAT ID & CUPRA ID user account will only be associated with those applications of which you are a user.
-
To allow you to manage your personal data processing in the different SEAT applications to which you have access through your user account, allowing you to consult and, if necessary, modify those consents you have given for the processing of your personal data.
-
To ensure the proper functioning of the Service and the functionalities offered through SEAT ID & CUPRA ID.
The personal data processing for these purposes is necessary for the provision of the Service. Therefore, the legal basis for the processing is the contract performance, that is, the Terms and Conditions of SEAT ID & CUPRA ID (https://seatid.vwgroup.io/terms-and-conditions
& https://cupraid.vwgroup.io/terms-and-conditions) according to article 6.1., letter b of GDPR.
- On the other hand, given that SEAT ID & CUPRA ID store personal data that is used in various applications and/or functionalities, this may be processed in order to check if your data matches with the official lists of specific sanctions in order to prevent the transfer of products, services and technology to persons allegedly linked to illicit activities.
SEAT is subject to several statutory and official requirements that it must comply with. These may derive, for example, from foreign trade and export control provisions, laws and regulations, in particular with regards to the import, export, re-export or use of digital services and related products, software and technology. In this context, for direct sales and the provision of digital services, we process your personal data in order to prevent the transfer of products, services and technology to persons suspected of involvement in illegal activities, such as crimes that endanger property or terrorism. If your data matches any of the checked lists of sanctions, your request to purchase our products cannot be duly concluded.
The legal basis for your data processing for this purpose is, on one hand, the need to comply with a legal obligation (Article 6.1 b) of the General Data Protection Regulations) to which SEAT is subject as a consequence of the provisions, laws and regulations on the control of foreign trade and national and international exports. On this basis, SEAT analyses its data with the European Union and United Nations sanctions lists, as well as with certain foreign sanctions lists, such as the United States of America sanctions lists, which is necessary when the product supplied (digital service/software) incorporates content or developments from the United States of America. It is for the latter case that the non-EU sanctions lists are checked by SEAT, which is entitled to do so after concluding the existence of a legitimate interest of its own and of third parties such as companies of the Volkswagen Group and/or business partners (article 6. 1 f) of the General Data Protection Regulation), since, by virtue of their relations with the latter or in compliance with and/or observance of requirements imposed by other competent public and governmental authorities - inside or outside their country of residence - to which SEAT is contractually bound; this verification of non-EU lists must be carried out, since otherwise SEAT and its representatives may be penalized both criminally and civilly, as well as be sued for non-compliance with the agreements reached with its business partners.
What data do we process?
Within the framework of the functions offered by SEAT ID & CUPRA ID, and subject to the previously indicated purposes, at SEAT we will process the identification data that you provide, such as your name and surname, telephone number, email address, profile image, etc. The only information that is essential for the use of SEAT ID & CUPRA ID is email.
Likewise, the SEAT ID & CUPRA ID application may store some of the personal data collected from the applications connected to it.
How long will we keep your data?
SEAT will keep your personal data only for the provision of SEAT ID & CUPRA ID, or for as long as you do not request their deletion, as well as for the time necessary to comply with the legal obligations that apply in each case.
To which recipients will the data be disclosed?
SEAT will disclose your data to third parties in compliance with the legal obligations that apply in each case.
At SEAT we require the support of service providers in order to offer you our services properly. Therefore, these third parties may have access to your personal data without prejudice to the fact that they will always act on behalf of SEAT and following our instructions. Under no circumstances can this be considered as a communication of data as they will not process them for their own purposes.
How do we protect your personal data?
SEAT implements technical and organizational security measures to protect your personal data from manipulation, loss, destruction or unauthorized access by third parties. Our security measures are updated and continuously reviewed to improve them in accordance with new technological developments.
What are your rights as data subject?
You can exercise the following rights:
-
Access: you can obtain from SEAT confirmation as to whether your personal data are being processed and access to your personal data.
-
Rectification: you can obtain the rectification of inaccurate personal data concerning you. You also have the right to have incomplete personal data completed.
-
Erasure: you can request the deletion of your personal data when, among others, the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
-
Object: you can object to the processing of your personal data. SEAT will no longer process your personal data unless it has compelling legitimate grounds for the processing or for the establishment, exercise or defence of legal claims.
-
Restriction: you can request the restriction of the processing of your personal data where one of the following grounds applies:
-
The accuracy of the personal data is contested by you, for a period enabling SEAT to verify the accuracy of such data.
-
The processing is unlawful, and you oppose the erasure of your personal data and request the restriction of their use instead.
-
SEAT no longer needs your personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
-
You have objected to the processing, pending the verification whether SEAT’s legitimate grounds override yours.
-
-
Portability: you can receive the personal data that you provided to SEAT in a structured, commonly used and machine-readable format. You can also have these data transmitted to another controller.
You can exercise these rights by submitting a written request to SEAT, S.A.U. [GX-3 Digital Business and Product Strategy], Autovía A-2 Km. 585, Martorell (Barcelona) or to the following email address customercare@seat.com or customercare@cupraofficial.com depending on your vehicle brand. You must specify the right you wish to exercise. The exercise of these rights is free of charge.
Should you consider that SEAT has not processed your personal data in accordance with applicable law, you can lodge a complaint with the relevant supervisory authority, through www.agpd.es.
Contact with the SEAT data protection representative
If you have any doubts about data protection, or wish to get in touch with the data protection officer (“DPO”), you can also contact our company data protection delegate by sending an email to dataprotection@seat.es .