Privacy Policy

PERSONAL DATA PROTECTION POLICY

Data controller:

The Data Controller is the Company SHANDONG WUZHENG HELLAS SINGLE SHAREHOLDER LIMITED LIABILITY COMPANY.

The protection of natural persons from the processing of personal data is of utmost importance for SHANDONG WUZHENG HELLAS SINGLE SHAREHOLDER LIMITED LIABILITY COMPANY (hereinafter the “Company”). Therefore, the collection and processing of personal data by the Company is performed exclusively in accordance with the General Data Protection Regulation and applicable law in general, and only when required for the management of employment relations and the commercial activities of the Company. The Company allows access only to authorized persons and implements heightened security measures for the protection of the data from loss, misuse, unauthorized access, alteration or disclosure.

The “Company” provides support to all questions, comments, concerns or complaints related to the protection of personal data or in case you wish to exercise any right related to the protection of your data.

You can contact the Data Protection Officer to the following email: natalia.amolochiti@wuzheng.com.cn or by mail at the address of the company (28 Vasileos Konstantinou St., 11635 Athens).

This Personal Data Protection Policy may be reviewed whenever deemed necessary for legal or practical reasons. In case of significant changes there will be prompt notice through the “Company’s” website.

1. Processing of personal data in the Company’s webpages.

1.1. Categories of personal data

During your visit in the Company’s webpages, the Company may process personal data that may be used for your identification or to contact you:

(a) The data entered by you during your registration in the webpage and the offered services (full name, contact telephone, email, company name, address).

(b) Personal data collected automatically during your browsing (IP address, device type, browser application, redirect pages, pages of the company that you visited, date and time of visit).

1.2. Purposes of processing

Your personal data is processed for the following purposes:

 

(a) In order to receive custom information and responses to your requests, to have access to your personal files as well as to allow the Company to contact you, if you so wish.

(b) To establish any lawful claim or defense of the Company against any fraud attempt, cyberattack or other unlawful activity.

(c) To generate anonymized traffic and accessibility statistics for the main webpage and the following pages, so we can create your transaction profile, based on your preferences and transaction habits, in order to provide targeted and personalized offers of products and services and improve your browsing experience.

(d) To inform you about new products and services provided by the Company, the Network of our collaborating Authorized Dealers, Representatives and Partners and the vehicles manufacturing facilities.

The Company and the Network of our collaborating Authorized Dealers, Representatives and Partners and the vehicles manufacturing facilities implement automated methods.

1.3. Lawful basis for processing.

The processing of your personal data is necessary for the achievement of the aforementioned purposes. Unless otherwise stated during the collection of the personal data, the lawful basis for the processing thereof is one of the following:

(a) Processing is necessary for the performance of a contract to which you are a party (Article 6 (1)(b) of the GDPR);

(b) processing is necessary for the purposes of the legitimate interests pursued by the Company (Article 6 (1)(f) of the GDPR);

(c) you have given express consent to the processing of your personal data (Article 6 (1)(a) of the GDPR).

1.4. Recipients and transmissions

Third party IT companies (data processors) may manage some of our webpages. In these cases, with contractual terms and regular audits, we ensure that, if and when there is access to personal data, the legislation for the protection thereof is adequately complied with.

1.5. Cookies policy

Cookies are small text files stored in your computer or mobile device when you visit a webpage. We use the term “cookies” as a common term to describe techniques such as cookies, Flashcookies and web beacons. Cookies are used mainly to ensure that your

 

visit to our webpages is as easy as possible, as well as for advertising purposes during your future visits to other webpages. The cookies policy provides further details for the types of cookies we use, their use, as well as methods to delete or prevent the storage of certain cookies in your computer or mobile device.

1.6. Personal data of minors.

The Company and its webpages are intended for persons who are at least eighteen (18) years of age. The Company accepts no liability whatsoever for underage users that willingly visit our websites. If during the collection of the data it is detected that the user is underage, the Company will not process the personal data.

2. Processing of personal data related to your contractual relationship with the Company.

2.1. Categories of personal data and sources.

In the context of a future or existing contractual relationship with the Company, the Company may process the following categories of your personal data.

(a) Identity and contact information, such as full name, T.I.N., Tax Office (ΔOY), address, phone number, mobile phone number, email provided by our counterparty or representatives thereof for identification and contact purposes, information related to classification, by the dedicated administrators, in special customer categories (e.g. customer or associate), copies of connection contracts with the relevant administrators, attestation of business activity commencement by the Tax Office (in case of trade, vendor or dealer agreements for professional use), special characteristics that document the issuance of a specific invoice (e.g. contract with a specific third party).

(b) Specifically for the business activities of the Company, information about the establishment of the prospective or current customer, about which a commercial agreement has or will be entered into, bank account numbers disclosed by you, information about transactions and payments performed in the context of a contractual relationship with the Company, information related to contact of the prospective or current customers with the Customer Service Department of the Company (including requests, complaints etc.).

(c) Data that was processed in the context of a project, a purchase of products or services, or rendered by the business partner, such as personal data related to orders, payments made, requests and reports in the context of the implementation of a project or collaboration in general.

2.2. Purposes of processing:

 

The aforementioned personal data is processed for the following purposes:

(a) Management of the contractual relationship, such as receipts, delivery of products, provision of services, performance of works, collections, payments, accounting audits, operational and IT support, performance, support and monitoring of the contract, fulfillment of contractual obligations, etc.;

(b) Ensuring compliance of the Company with statutory requirements (fiscal, insurance, customs, accounting, etc.), the conduction of compliance audits of the business partners, the prevention of financial crimes as well as ensuring the overriding legitimate interests of the Company, such as the transmission of data to law firms or competent authorities;

(c) The provision of digital services in vehicles;

(d) Cases requiring the recall of products.

2.3. Lawful basis for processing

Unless otherwise stated during the collection of the personal data, the lawful basis for the processing thereof is one of the following:

(a) Processing is necessary for the performance of a contract to which you are a party (Article 6 (1)(b) of the GDPR);

(b) you have given express consent to the processing of your personal data (Article 6 (1)(a) of the GDPR).

(c) processing is necessary for compliance with a legal obligation to which the Company is subject, or for the purposes of the legitimate interests pursued by the Company (Article 6 (1) (c) or (f) of the GDPR respectively).

2.4. Recipients and transmissions.

The Company may transmit personal data to other subsidiaries or third parties, but only if and to the degree that said transmission is strictly necessary for the aforementioned purposes.

The Company may transmit personal data to court, administrative, tax, customs, arbitration authorities or other public authorities, regulatory bodies and lawyers, if required for compliance with the law and/or the establishment, exercise or defense of legal claims.

Furthermore, the Company may assign the aforementioned processing, in whole or in part, to third parties (data processors) including the managers and employees thereof:

– parties that have entered into a contract with the Company for the promotion of the Company’s services, for the provision of postal services, IT support services, record keeping services, research services, energy analysis and market stratification research services, IT services, advertisement services, banking and financial institutions, chartered accountants;

 

– parties that that have entered into a contract with the Company for the assessment of the customer’s creditworthiness to fulfill the obligations arising from the contract;

– debtor notification companies, for the purposes of notifying the customer pursuant to Law 3758/2009 as amended and in force (the managers and employees of said companies), lawyers and law firms.

In these cases, with contractual terms and regular audits, we ensure that the legislation for the protection of personal data is adequately complied with.

The recipients of the personal data may be established outside the European Economic Area. In these cases, the Company takes measures in order to implement sufficient and appropriate guarantees for the protection of personal data with other means, mainly using the EU approved standard contractual clauses.

3. Personal Data Retention Period

The Company shall retain your personal data for as long as it is required for the achievement of the purposes described in this policy, unless applicable legislation imposes or allows a longer period. The criteria that govern the determination of the personal data retention period include the following: (a) the term of the contract between us, (b) the period required in order for the Company to comply with a legal requirement to which it is subject, (c) the period required in view of a legal situation in which the Company is found (e.g. defense of rights before courts, regulatory authorities’ audits, etc.).

4. Technical and Organizational Measures

The Company, both when determining the processing methods and during processing, implements effective, appropriate technical and organizational measures, such as pseudonymization, designed to implement data protection principles, such as the minimization of data and the incorporation of the required guarantees in the processing, in order to fulfil the requirements of applicable legislation and protect the rights of natural persons.

5. Right to withdraw consent.

If you gave your consent for the processing of specific personal data by the Company, you are entitled to withdraw said consent at any time, with proactive effect. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. In case of withdrawal of consent, the Company may further process the personal data only in cases of other legal purposes for the processing.

6. Rights of the data subject

 

According to currently applicable data protection legislation, and provided that all relevant legal requirements are met, you have the following rights:

6.1. Right of access

You have the right to be notified if the Company processes your data, to access the data and receive additional information on the processing thereof.

6.2. Right to rectification

You have the right to request to update, rectify or supplement your personal data.

6.3. Right to erasure

You have the right to submit a request for the erasure of your personal data, which will be granted provided that there is no other lawful basis for processing (including but not limited to an obligation to process data imposed by law).

6.5. Right to restrict processing

You have the right to request a restriction of the processing of your personal data in the following cases: (a) when you contest the accuracy of the personal data, and until the verification thereof; (b) when you oppose the erasure of the personal data and request the restriction of their use instead; (c) when the personal data is not required for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims and (d) when you object to processing pending the verification whether our legitimate grounds override the grounds on which you oppose the processing.

6.5. Right to object the processing

You have the right to object at any time to processing of your personal data based on point the lawful basis of Article 6(1) (e) or (f) of the GDPR, which shall be granted unless the Company demonstrates compelling and legitimate grounds for the processing.

6.6. Right to data portability

You have the right to receive the personal data in a structured, commonly used and machine-readable format or to request, if technically feasible, to transmit said data directly to another controller.

6.7. Right to object to automated individual decision-making

You have the right to request your exclusion from decision making based solely on automated processing, including profiling.

 

7. Right to lodge a complaint with a supervisory authority

The competent authority is the Hellenic Data Protection Authority. You have the right to lodge a complaint with the Data Protection Authority regarding matters related to the processing of your personal data. Before lodging a complaint with the competent Authority you must attempt to exercise your rights with the Company. For detailed information on the competence of the Authority and how to lodge a complaint you can visit its website (www.dpa.gr > citizen rights > Complaint to the Hellenic DPA).

INFORMATION POLICY FOR THE USE OF COOKIES IN WEBSITES

The Company’s website, the email messages, the advertisements and interactive applications use cookies for the optimization of the website’s and the provided services’ performance.

1. What is a cookie?

Cookies are small text files stores by a website to an internet browser during the visitor’s browsing and subsequently identify visitors when they visit the website again. Cookies do not contain personal information that could allow anyone to contact the website’s visitor e.g. via email, etc.

2. Types of cookies

The Company may use cookies of the following types in order to provide to the visitors of its website the best possible service as well as customization of the information and preferences when browsing the website with a specific internet browser.

– Session cookies

These the cookies required for the functioning of a website. For example, a session cookie may contain the users’ preferences in the website’s vehicle configurator, until they complete the configuration.

– Persistent cookies

These are cookies necessary for an improved visitors’ experience when browsing the website. For example, a persistent cookie stores the choices of the visitor so that he does not have to repeat them, such as the choice to accept the cookies policy or the choices made recently in the vehicle configurator.

– Third party cookies

Third-party cookies are necessary for the visitor’s understanding and use of the site. Cookies help to improve the website, in order to match the users’ needs. Furthermore, said cookies enable the display of targeted ads to the visitors, based on the pages visited when browsing the platforms of said third parties. The third party cookies used are:

 

GOOGLE ANALYTICS / ADOBE ANALYTICS, through which information is collected. Said information helps the Company to better understand the use of the website by the visitors and to optimize it based on their preferences;

GOOGLE REMARKETING / FACEBOOK REMARKETING, which display targeted ads based on the pages visited when browsing pages that host Google ads or when browsing Facebook;

Further information regarding Google’s Privacy Policy can be found at this link: https://www.google.com/intl/en/policies/privacy. If the visitor does not wish his data to be collected by Google Analytics he may download and install in his browser the Google Analytics Opt-Out program at this link: https://www.google.com/intl/en/policies/privacy. The relevant link for Adobe’s privacy policy and opt-out is https://www.google.com/intl/en/policies/privacy and for Facebook https://www.google.com/intl/en/policies/privacy.

3. Accepting the installation of cookies

The visitor, when visiting the Company’s website for the first time, is informed, with a relevant notice, that he acknowledges and understands that the use of cookies is necessary for the proper function thereof. Otherwise he must interrupt the browsing of the website or disable the use of cookies in the browser settings. If cookies are not installed there may be severe consequences in the functionality of the website and the capability of receiving information and/or services. In order to modify the cookies settings in the various browsers check the “help” option of the browser or search the manual of each program.

4. How to delete cookies

Usually you can delete cookies from the privacy or history section available in the “settings” or “preferences” menu of the browser.

The steps involved in the deletion of the cookies vary significantly, depending on the internet browser.

5. Links to social media

The Company’s website contains links to social media. In order to protect the personal data of the Company website’s visitors, no social media plug-ins are used. Instead the website incorporates links that enable easy sharing in social media platforms. The incorporation of a link prevents the direct connection to various social media servers when a page is opened from the Company’s website.

6. Important notice

 

Emails and social media posts of visitors should not include special categories of personal data (racial or ethnic origin, religious or philosophical beliefs, health data, etc.). Since social media posts are not 100% private, the visitors must be particularly careful because all users will have access them.

7. No liability clause

SHANDONG WUZHENG HELLAS SINGLE SHAREHOLDER LIMITED LIABILITY COMPANY arranges the preparation of the content of the pages of this website and the updating thereof in regular intervals. However, these webpages are intended to provide only non-binding generic information to help a prospective buyer make a decision and do not replace detailed personal research. The reported and described technical characteristics, configurations and prices of the vehicles are indicative. Said characteristics, configurations and prices may vary specifically for the country where they are offered. Furthermore, they are subject to change at any time. You can find fully updated information regarding the characteristics, configurations and prices of the vehicles at all the Authorized Dealers.

SHANDONG WUZHENG HELLAS SINGLE SHAREHOLDER LIMITED LIABILITY COMPANY does not guarantee that the information in this website is valid, accurate and complete or accessible at all times. In case of links to third party websites, SHANDONG WUZHENG HELLAS SINGLE SHAREHOLDER LIMITED LIABILITY COMPANY does not assume any liability regarding the content and the accuracy of the information provided in the linked pages.

8. Rights

The rights of all texts, photographs and other content published in the Company’s webpages belongs to the Company, unless otherwise stated. It is prohibited to copy, distribute, store, communicate, publish and reproduce or transmit the content without the prior written consent of the Company.