Privacy Policy

1. Purpose of Processing Personal Data

Personal data is processed for managing, administering, and developing customer relationships, providing and delivering services, improving services, and billing. Personal data is also processed to investigate potential complaints and other claims.

Additionally, personal data is used for customer communication, such as information dissemination, newsletters, and marketing, including direct and electronic direct marketing.

The customer has the right to refuse direct marketing targeted at them.

The data controller processes the information personally and may also use subcontractors who process personal data on behalf of the data controller.

2. Legal Basis for Processing

The legal bases for processing personal data under the EU General Data Protection Regulation (GDPR) are as follows:

  • The data subject has given consent for their personal data to be processed for one or more specific purposes (GDPR Article 6(1)(a)).
  • Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject before entering into a contract (GDPR Article 6(1)(b)).
  • Processing is necessary for the purposes of the legitimate interests pursued by the data controller or a third party (GDPR Article 6(1)(f)).

The legitimate interest mentioned above is based on a relevant and appropriate relationship between the data subject and the data controller, which arises from the data subject being a customer of the data controller and when the processing is carried out for purposes that the data subject can reasonably expect at the time of data collection.

3. Registry Data Content (Categories of Processed Personal Data)

The registry typically contains the following personal data for all data subjects:

  • Basic personal and contact information: first name, last name, address, phone number, email address.
  • Information related to the individual’s business activities or other organization, including the person’s position or role within that company or organization.
  • Permissions and restrictions related to direct marketing.

4. Regular Data Sources

Personal data is collected directly from the data subject.

Data may also be collected and updated from public sources within the limits of applicable legislation, related to the implementation of the customer relationship between the data controller and the data subject. These sources enable the data controller to fulfill obligations related to maintaining the customer relationship.

5. Retention Period of Personal Data

The data collected in the registry is retained only for as long and to the extent necessary for the original or compatible purposes for which the data was collected.

The need to retain personal data is assessed every five years, and in any case, data concerning the data subject is deleted from the registry after the customer relationship between the data subject and the data controller has ended, and the obligations and measures related to the customer relationship have been completed. For example, accounting records are kept for six years from the end of the financial year.

The data controller regularly assesses the necessity of data retention according to its internal policies. Additionally, the data controller will take all reasonable steps to ensure that inaccurate, incorrect, or outdated personal data is erased or corrected without delay, considering the purpose of the processing.

6. Recipients (Groups of Recipients) and Regular Data Disclosures

Personal data is not disclosed to external parties.

7. Data Transfers Outside the EU or EEA

Personal data stored in the registry is not transferred outside the European Union (EU) or the European Economic Area (EEA).

8. Principles of Data Protection

Materials containing personal data are stored in locked premises, accessible only to designated individuals whose duties require access.

Databases containing personal data are stored on a server kept in a locked room, accessible only to designated individuals whose duties require access. The server is protected by an appropriate firewall and technical safeguards.

Access to databases and systems is granted only through uniquely assigned personal usernames and passwords. The data controller has restricted access to and permissions within its information systems and other storage platforms, allowing only authorized individuals to view and process data as necessary for legitimate processing. Additionally, system access events are logged in the data controller’s IT system logs.

Employees and other individuals related to the data controller are committed to confidentiality and are required to keep information received during personal data processing confidential.

9. Rights of the Data Subject

The data subject has the following rights under the EU General Data Protection Regulation:

  • The right to obtain confirmation from the data controller as to whether personal data concerning them is being processed, and if so, the right to access the personal data and the following information: (i) the purposes of the processing; (ii) the categories of personal data concerned; (iii) the recipients or categories of recipients to whom the personal data has been or will be disclosed; (iv) where possible, the envisaged period for which the personal data will be stored, or if not possible, the criteria used to determine that period; (v) the right to request rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; (vi) the right to lodge a complaint with a supervisory authority; (vii) where the personal data is not collected from the data subject, any available information regarding their source (GDPR Article 15).

  • The right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (GDPR Article 7).

  • The right to have inaccurate personal data concerning them rectified without undue delay, and the right to have incomplete personal data completed, including by means of providing a supplementary statement, taking into account the purposes of the processing (GDPR Article 16).

  • The right to request the erasure of personal data concerning them without undue delay if (i) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; (ii) the data subject withdraws consent on which the processing is based, and there is no other legal ground for the processing; (iii) the data subject objects to the processing, and there are no overriding legitimate grounds for the processing, or the data subject objects to processing for direct marketing purposes; (iv) the personal data has been unlawfully processed; or (v) the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the data controller is subject (GDPR Article 17).

  • The right to obtain a restriction of processing if (i) the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data; (ii) the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead; (iii) the data controller no longer needs the personal data for the purposes of processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims; or (iv) the data subject has objected to processing pending the verification of whether the legitimate grounds of the data controller override those of the data subject (GDPR Article 18).

  • The right to receive personal data concerning them, which they have provided to the data controller, in a structured, commonly used, and machine-readable format, and the right to transmit those data to another data controller without hindrance from the data controller to which the personal data has been provided, where the processing is based on consent and is carried out by automated means (GDPR Article 20).

  • The right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to them infringes the GDPR (GDPR Article 77).

Featured collection

View all
Quick buy
Blue Reflective - Carbon Fiber Phone Case
€34,90
Quick buy
Purple Reflective - Carbon Fiber Phone Case
€34,90
Quick buy
Red Reflective -Carbon Fiber Phone Case
€34,90
Quick buy
Green Reflective - Carbon Fiber Phone Case
€34,90

Blog posts

Formula F1 car with carbon fiber chassis

Carbon Fiber in Motorsports: How This Super Material Dominates Racing

Carbon Fiber in Motorsports: How This Super Material Dominates Racing When it comes to high-performance racing, every millisecond counts. That’s why carbon fiber has become the ultimate material in motorsports....
Bringing Supercar Vibes to Everyday Life

Bringing Supercar Vibes to Everyday Life

The Ultimate Car Enthusiast’s Accessories: Bringing Sportscar Vibes to Everyday Life For car enthusiasts, the passion doesn’t stop at the garage or the track. It’s a lifestyle. From the sleek...
Exploring Carbon Fiber: The Strongest and Lightest Material You Need to Know

Exploring Carbon Fiber: The Strongest and Lightest Material You Need to Know

The Power of Carbon Fiber: A Revolutionary Material Carbon fiber is a material that has taken the world by storm. From aerospace to automotive, and now into everyday products like...

Our official partners

presenting...