The responsible authority according to the data protection act:
CARFAX Europe GmbH
2. COLLECTION OF PERSONAL DATA
“Personal Data“ is any information that can be used to identify an individual, and may include things such as your name, physical address, email address, phone number, login information, marketing preferences, company affiliation, geographic location, or payment card information. CARFAX may collect Personal Data that is necessary for legitimate business purposes as disclosed to you from time-to-time. CARFAX will use this information for the purposes for which it was collected. CARFAX may also collect Personal Data from trusted third-party sources and engage third parties to collect Personal Data to assist us.
One of the most common methods of collecting Personal Data is during the online form submission or registration process, including where a website user is requesting a free trial or a courtesy newsletter, registering for an event, or responding to similar offers such as sample reports, or further product information.
In some instances, CARFAX and the third parties we engage may automatically collect and aggregate data using cookies, weblogs, web beacons, and other similar applications. This information is used to better understand and improve the usability, performance, and effectiveness of our Platform and to help us tailor content or offers for you. Please read the “Cookies” section below for more information.
If you subscribe to our newsletter we will use the Personal Data or other information you provide for the purpose of delivering the newsletter. We may also use the information (including any email contact information) to provide you with relevant information, such as information about the service or registration (for example changes to the newsletter offer or technical conditions).
We require a valid email address for effective registration. To check that an application has actually been made by the owner of an email address, we use the “double-opt-in“ procedure. Once a subscription for the newsletter is received, we will send a confirmation email requesting a response before we start sending the newsletter.
You may unsubscribe from receiving the newsletter at any time through the corresponding link in each newsletter.
The information you provide when contacting us by email or the contact form will be stored for the purpose of processing your inquiry and for possible follow-up questions.
3. PURPOSE AND USE OF PERSONAL DATA
CARFAX may use your Personal Data for operational, legal, administrative, and other legitimate purposes permitted by applicable law. Some of the ways we may use Personal Data include:
- Providing you with requested products or services.
- Providing you with information regarding similar products or events.
- Analyzing and monitoring extent of use.
- Improving the user experience.
- Providing customized product and service information.
- Allowing users to participate voluntarily in mailings or other events.
- Providing products and services updates, information, and alerts.
- Sending communications, including for marketing or other customer satisfaction purposes.
- Order processing, and to provide transaction documents.
- To contact users for information verification purposes.
4. RIGHT TO ACCESS AND CORRECT PERSONAL DATA
We strive to make sure that our information is reliable, accurate, and up-to-date. While Personal Data is maintained by CARFAX, you may access your Personal Data to the extent required by law to review, update, and correct inaccuracies. Upon request made to the contact listed below, we will provide you with reasonable access to the Personal Data we collect about you. Because Personal Data—for example, your email address—is required to use the Platform, we retain Personal Data as long as your account is active. You will have the opportunity to correct, transfer, update, modify, or delete this information by logging into your account and updating your information online. You may also limit the use and disclosure of your information by either unsubscribing from marketing communications or contacting us at email@example.com or write to us:
CARFAX Europe GmbH
Please note that some information may remain in our records even after you request deletion of your information, to the extent permitted by applicable laws. Additionally, there may be limits to the amount of information we can practically provide. For example, we may limit access to Personal Data where the burden or expense of providing access would be disproportionate to the risks to an individual's privacy or where doing so would violate others' rights.
5. SHARING PERSONAL DATA
CARFAX may disclose Personal Data to its parent, subsidiary, affiliates, and other related companies (“IHS Markit“). CARFAX may disclose Personal Data to service providers for the purposes of operating our business, delivering, improving, and customizing our products or services, sending marketing and communications related to our business, payment processing, and for other legitimate purposes permitted by applicable law or otherwise with your consent. CARFAX is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequent transfers to a third party acting as an agent on its behalf. CARFAX complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, Switzerland, and the United Kingdom including the onward transfer liability provisions.
There may also be instances when CARFAX may disclose Personal Data about you without providing you with a choice in order to honor a request that you have made through the products or services; comply with the law or in response to a court order, government request, or other legal process; protect the interests, rights, safety, or property of CARFAX or others; protect against fraud or for risk management purposes; or respond to adverse third parties (i.e., adverse parties and their counsel and other agents) in the context of litigation. In addition, if CARFAX sells all or part of its business or makes a sale or transfer of assets or is otherwise involved in a merger or business transfer, you agree that CARFAX may transfer Personal Data to a third party as part of that transaction.
In all cases CARFAX requires all unaffiliated third parties to treat Personal Data as confidential. CARFAX will not provide Personal Data to third parties for their own marketing purposes without your consent.
If you participate in a discussion forum, chat room, or provide comments related to CARFAX on a social media or other public platform, you should be aware that the information you provide there (i.e., your public profile) will be made broadly available to others, and could be used to contact you, send you unsolicited messages, or for purposes neither CARFAX nor you have control over. Also, please recognize that social media forums and chat rooms not controlled by CARFAX may have additional rules and conditions. CARFAX is not responsible for the Personal Data or any other information you choose to submit on these forums that are not CARFAX controlled.
The Platform may offer you the ability to share Personal Data through a social networking site (e.g., Facebook, Twitter), using such site's integrated tools (e.g., Facebook “Like“ button, or Twitter “Tweet“ button). The use of such integrated tools enables you to share Personal Data about yourself with other individuals or the public, depending on the settings that you have established with such social networking site. For more information about the purpose and scope of data collection and use in connection with such social networking site or a site’s integrated tools, please visit the privacy policies of the entities that provide these social networking sites.
6. SECURITY OF PERSONAL DATA
CARFAX has physical, administrative, and technical safeguards in place to help protect the Personal Data CARFAX collects. While there is no such thing as perfect security on the Internet, we will take reasonable and appropriate steps to safeguard Personal Data.
7. RETENTION OF PERSONAL DATA
CARFAX will retain Personal Data as needed to fulfill the purposes for which it was collected. We will retain and use Personal Data as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.
When visiting any Platform, our servers may query your computer to see if there are cookies previously set by CARFAX. A cookie is a text file that is created when your browser visits a particular website, such as the Platform. Certain cookies are deleted automatically from your computer after you finish your visit of the Platform (so-called session cookies). Other cookies stay on your computer (so-called permanent cookies), so that we can recognize you the next time you visit our website. Every time you visit the Platform, your browser retrieves and sends this file to the CARFAX website's server. Cookies enhance the website user experience by:
- Helping CARFAX authenticate you as a user when you log in to a secure area of the website;
- Storing information about your website user activities so you may easily pick up where you left off on the CARFAX server's pages;
- Storing your user preferences, which allows you to customize how information is presented through site layouts or themes; and
- Personalizing the manner in which CARFAX responds to you via marketing communications.
Some web browsers and devices permit you to broadcast a preference that you not be “tracked” online. At this time, CARFAX does not modify your experience based upon whether such a signal is broadcast.
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google“) as described in “How Google uses data when you use our partners' sites or apps.“ You can prevent collection by Google of the data generated by the cookie and relating to your use of the website (including your IP address), as well as processing of these data by Google, by downloading and installing the browser plug-in provided under the following link: https://tools.google.com/dlpage/gaoptout?hl=en. CARFAX uses IP masking to tell Google Analytics to use only a portion of an IP address, rather than the entire address, for geolocation. CARFAX may also use Google Analytics for Display Advertisers including DoubleClick or Dynamic Remarketing which provide interest-based ads based on your visit to this or other websites. A cookie is stored on your browser to recognize your browser again when you access webpages that belong to the Google ad network. These pages may present ads that refer to content that you accessed previously on websites that use the remarketing function from Google. The data policy of Google about remarketing will apply and further information can be found here: http://www.google.com/privacy/ads/. You can prevent the storage of your data by the cookies to Google and the usage of those data by Google by downloading and installing this browser-plugin: https://www.google.com/settings/ads/plugin?hl=de. You can also deactivate the usage of cookies from third party providers by opening the following deactivating-site of Network Advertising Initiative under http://www.networkadvertising.org/choices/and by following the information there.
Our website uses Google conversion tracking. Google AdWords will place a cookie on your computer if you reach our website via a Google ad. The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies become invalid after 30 days and are not for personal identification. These cookies allow Google and us to determine that you clicked the ad and later visited our website. Conversion cookies are not used by Google for personalized ad targeting and persist for a limited time only. The information collected using the conversion cookies is used to create conversion statistics to determine the total number of users that have clicked on the CARFAX ad and been forwarded to a CARFAX website. However we do not receive any information that allows users to be personally identified.
If you do not want to participate in tracking you may decline the required placement of a cookie - for example by using a browser setting that in general deactivates the placement of cookies or by setting your browser in to block cookies.
On our website, cookies are used to enable the delivery of retargeting campaigns of The Reach Group GmbH (Am Karlsbad 16, 10785 Berlin, Germany). The stored data within the cookie is only an encrypted, pseudonymous user ID. The ad serving technology uses shortened and hashed IP addresses to evaluate the geographic region, the access speed and the Internet provider. In addition, the time of the visit, the IDs of the products being viewed, searched for or purchased, the URLs of the pages viewed, possible search terms and / or the IDs of the categories accessed are stored to deliver more relevant advertising content. A storage of IP or browser data takes place exclusively in Germany and for the anonymous production of visitor statistics and allocation of transactions. Any conclusions about concrete and specific persons, the exact address, the whereabouts or further personal data is at no time possible. There is no explicit transfer of IP data to third parties. All information also has a maximum expiry date of 90 days, with the time from which your browser automatically deletes the stored data. You can prevent the storage of cookies by setting up your browser software accordingly. You may also prevent the collection of the cookie-generated data related to your use of the Website by activating the Opt Out feature at the following link: https://www.reachgroup.com/en/opt-out/
- Google's use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
9. CROSS BORDER TRANSFER OF PERSONAL DATA
As CARFAX is part of a global organization, we may transfer Personal Data to our parent in the United States, or to any subsidiary or affiliate, or to third parties as described above that are located in various countries around the world. By using our websites or products, or providing any Personal Data to us, where applicable law permits, you consent to the transfer, processing, and storage or such information outside of your country of residence where data protection standards may be different.
CARFAX safeguards and enables the global transfer of personal information in a number of ways:
- EU, UK-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
In accordance with Section 3 (Purpose and Use of Personal Information) and Section 5 (Sharing Personal Information) above, CARFAX is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. CARFAX complies with the Privacy Shield Principles for all onward transfers of personal data from the EU Switzerland, and the United Kingdom, including the onward transfer liability provisions. In certain situations, CARFAX may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, CARFAX is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact JAMS, our U.S.-based third party dispute resolution provider (free of charge) by clicking here. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted. Additional information about binding arbitration is available here. If you are an employee, past employee, or prospective employee, please see Section 11 for information concerning who to contact if you have an unresolved privacy or data use concern.
10. PROSPECTIVE EMPLOYEE AND EMPLOYEE INFORMATION
In accordance with applicable law, CARFAX may use Employee Information to evaluate applications for employment, manage work-related aspects of the employee-employer relationship (i.e., training, payroll, benefits, travel, reimbursement expenses, performance appraisals, succession planning, team member health and safety), investigate and respond to any claims related to your employment, and comply with applicable laws and regulations. Your Employee Information will not be used for direct marketing purposes by us or any third party service provider, unless you specifically consent to such use.
CARFAX shares your Employee Information with third parties who provide outsourced human resource functions to us. Those third parties are required to protect your Employee Information. CARFAX may disclose your Employee Information if required or permitted to do so by law (such as when part of a governmental agency action or litigation), governmental or quasi-governmental requests, or a regulatory organization, or to relevant third parties such as site technicians, brokers, auditors, lawyers, or professional advisors. In the event that CARFAX considers it necessary or where required by law to disclose Employee Information in certain situations where the health, safety, or wellbeing of a team member is at imminent risk, we may share your Employee Information with our outside lawyers, law enforcement or others who are legally authorized. As CARFAX continues to develop our business, we may buy or sell assets. If CARFAX or substantially all of our assets are acquired, Employee Information may be one of the transferred assets.
Employee Information may be stored in hard copy or electronic format within your branch office or in the cloud in the European Union, United States or other countries where CARFAX or its parent IHS Markit, its affiliates, agents, or contractors conduct business. Your Employee Information may be transferred into our human resources systems and used to manage your employment, may become part of your personnel file, and may be used for other work-related purposes. Your Employee Information will be kept for as long as is legally required, and in some instances longer depending upon the needs of the organization and industry practices.
11. EU GENERAL DATA PROTECTION REGULATION
The CARFAX Policy for the Processing of Data Governed by the GDPR addresses our commitment to the processing of Personal Data under the EU General Data Protection Regulation 2016/679.]
12. OTHER CONTRACTUAL RELATIONSHIPS
13. OTHER WEBSITES
This website may contain links to other websites. For further information regarding use of your Personal Data on these websites please consider the respective privacy policies (if applicable) on the websites concerned.
CARFAX Europe GmbH
If CARFAX needs, or is required, to contact you concerning any event that involves information about you we may do so by email, telephone, or mail.
Updated 3 July, 2019.