Privacy Policy

DANU LIMITED S.R.L, a company registered in Romania, having its registered office address at SAT Șimon Nr. 124, Com. Bran, Județ Brașov and VAT number 15297390, (hereinafter also referred to as “Company”, “ENZO Motorsports”, “we”, “our” or “us”) operates www.enzo-motorsports.com (“Website”). Our Privacy Policy (“Policy”) is in compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) and governs your visit to our Website and explains how we collect, safeguard and disclose information that results from your use of our Service.

We take your privacy very seriously. In this Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this Policy that you do not agree with, please discontinue the use of our Services immediately.

We use your data to provide and improve Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Policy, the terms used in this Policy have the same meanings as in our Terms and Conditions. Our Terms and Conditions govern all use of our Service and together with the Policy constitute your agreement with us.

If this Policy is modified in any way, it will be updated here. Regularly checking and reviewing this page ensures that you are updated on the information which may be collected, used (and under what circumstances), and if it may be shared with other parties (if at all). If we believe that the modifications are material, we will notify you of the changes by posting a notice on the Website, or emailing you at the email address provided to us by you, and as we may deem appropriate. What constitutes a material change will be determined by us, at our sole and absolute discretion. In this Policy “you”, “your” or “Users” refers to the users of the Website.

DEFINITIONS

A. SERVICE means the Website operated by ENZO Motorsports, as well as any other related products and services.

B. PERSONAL DATA means data about a living individual who can be identified from that data (or from those and other information either in our possession or likely to come into our possession).

C. PROCESSING means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

D. RESTRICTION OF PROCESSING means the marking of stored personal data with the aim of limiting their processing in the future.

E. USAGE DATA is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

F. COOKIES are small files stored on your device (computer or mobile device).

G. DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

H. DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

I. DATA SUBJECT is any living individual who is the subject of Personal Data.

J. THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data. This includes anyone who is browsing our Website.

WHAT INFORMATION DO WE COLLECT?

The personal information you disclose to us

In Short: We collect information that you provide to us. We may collect personal information that you voluntarily provide to us, express an interest in obtaining information about us or our products and Services or otherwise when you contact us.

The personal information that we may collect depends on the context of your interactions with us and the Website, the choices you make and the services and features you use. The personal information we collect may include the following:

Personal Information Provided by You. We collect First name; Last name; email address; phone number; Address; State; Municipality / District; ZIP/Postal code; City; order details and other similar information. We may also collect additional information about our clients in order to provide relevant and effective services.

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Website.

When you access our websites, we, our service providers and our partners may automatically collect information about you, your computer or mobile device, and your activity on our websites. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected via various mechanisms, such as via web beacons, embedded scripts, and similar technologies. This type of information may also be collected when you read our HTML-enabled emails.

The information we collect includes:

● Log and Usage Data. Log and usage data is service-related, diagnostic usage and performance information our servers automatically collect when you access or use our Website and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity on the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called ‘crash dumps’) and hardware settings).

● Device Data. We collect device data such as information about your computer, phone, tablet or other devices you use to access the Website. Depending on the device used, this device data may include information such as your IP address (or proxy server), device application identification numbers, location, browser type, hardware model Internet service provider and/or mobile carrier, and operating system configuration information.

USE OF COOKIES, WEB BEACONS AND OTHER TRACKERS

We use temporary and permanent cookies, tags, scripts, and other similar technologies to identify users of our services and enhance user experience and identify visitors, track website navigation, gather demographic information about visitors and users, understand email campaign effectiveness and for targeted visitor and user engagement by tracking your activities on our websites. We use third-party tracking services like google analytics and google tag manager to understand the behaviour of our website visitors and serve them better. Further, the pages on the website may also include web beacons or pixels, which are electronic files to count users who have visited that page, to track activity over time and across different websites, to determine users’ interactions with emails we send, to identify certain cookies on the computer or other electronic device accessing that page, or to collect other related information, and this information may be associated with your unique browser, device identifier, or Internet Protocol address. You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our site or services from working properly. You can also set your browser to delete cookies every time you finish browsing.

HOW DO WE USE YOUR INFORMATION?

In Short: We process your information for purposes based on legitimate business interests, the fulfilment of our contract with you, compliance with our legal obligations, and/or your consent. We use personal information collected via our Website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below. We use the information we collect or receive:

● To provide our services to you. We offer products for placing orders, sales, shipping and fulfilment of your order, and keep you up to date on new products, services, and offers.

● To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.

● To protect our Services. We may use your information as part of our efforts to keep our Website safe and secure (for example, for fraud monitoring and prevention).

● To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.

● To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

● To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.

● To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes if this is in accordance with your marketing preferences.

WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short:

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. We may process or share the data that we hold based on the following legal basis:

● Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.

● Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.

● Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfil the terms of our contract.

● Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal processes, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

● Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved. More specifically, we may need to process your data or share your personal information in the following situations:

● Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

● Third-Party Advertisers: We may use third-party advertising companies to serve ads when you visit or use the Website. These companies may use information about your visits to our Website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you.

● Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honour this Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

● Business Partners: We may share your information with our business partners to offer you certain products, services or promotions.

WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

In Short: We are not responsible for the safety of any information that you share with third-party providers who advertise, but are not affiliated with, our Website.

The Website may contain third parties links and which may link to other websites. We cannot guarantee the safety and privacy of the data you provide to any third parties. Any data collected by third parties is not covered by this Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Website. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. WE HEREBY DISCLAIM LIABILITY FOR, ANY INFORMATION, MATERIALS, PRODUCTS, OR SERVICES POSTED OR OFFERED AT ANY OF THE THIRD-PARTY SITES LINKED TO THIS WEBSITE. BY CREATING A LINK TO A THIRD-PARTY WEBSITE, WE DO NOT ENDORSE OR RECOMMEND ANY PRODUCTS OR SERVICES OFFERED OR INFORMATION CONTAINED ON THAT WEBSITE, NOR ARE WE LIABLE FOR ANY FAILURE OF PRODUCTS OR SERVICES OFFERED OR ADVERTISED AT THOSE SITES. SUCH A THIRD PARTY MAY HAVE A PRIVACY POLICY DIFFERENT FROM THAT OF OURS AND THE THIRD-PARTY WEBSITE MAY PROVIDE LESS SECURITY THAN THIS SITE.

HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this Policy will require us keeping your personal information for longer than the period of time in which users have an account with us. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our Website is at your own risk. You should only access the Website within a secure environment.

YOUR DATA PROTECTION RIGHTS UNDER GENERAL DATA PROTECTION REGULATION (GDPR).

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed of what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. Under certain circumstances, individuals in Europe have rights under data protection laws in relation to their personal data. If you are located in Europe, you may ask us to take the following actions regarding personal data that we hold:

1. Access. You are entitled to ask us if we are processing your personal data and, if so, for a copy of the personal data we hold about you, as well as obtain certain other information about our processing activities.

2. Correction. If any personal data we hold about you is incomplete or inaccurate, you can require us to correct it, though we may need to verify the accuracy of the new data you provide to us.

3. Erasure. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.

4. Object. Where our reason for processing your personal data is a legitimate interest you may object to the processing as you feel it impacts your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.

5. Restriction. You may ask us to suspend our use of your personal data in the following scenarios: if you want us to establish the data’s accuracy; where our use of your personal data is unlawful but you do not want us to erase it; where you need us to hold your data for a longer period than we usually would, because you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

6. Transfer. Where it is possible, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to personal data provided by you which you initially provided consent for us to use or where we used the information to perform a contract with you.

7. Withdraw consent. Where our reason for processing is based on your consent, you may withdraw that consent at any time. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

8. Automated decision making. You have the right not to be subject to automated decision-making (e.g., profiling) that significantly affects you. The exercise of this right is not available to you in the following cases:

a. The automated decision is required to enter into, or perform, a contract with you.

b. We have your explicit consent to make such a decision.

c. The automated decision is authorised by the local law of an EU member state.

However, in the first two cases set out above, you still have the right to obtain human intervention in respect of the decision, to express your point of view and to contest the decision. There may be legal or other reasons why we cannot, or are not obliged to, fulfil a request to exercise your rights. We will use available lawful exemptions to your individual rights to the extent appropriate. If we decline your request, we will tell you why, subject to legal restrictions. You will not have to pay a fee to exercise any of your rights relating to your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not be able to provide Service without some necessary data. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

YOUR DATA PROTECTION RIGHTS UNDER CALIFORNIA CONSUMER PRIVACY ACT (CCPA)/CALIFORNIA PRIVACY RIGHTS ACT (CPRA).

“Shine the Light” and “Eraser” Laws: Residents of the State of California may request a list of all third parties to which we have disclosed certain information during the preceding year for those third parties’ direct marketing purposes.

California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA): The CCPA, as amended by the CPRA, provides California residents and/or their authorized agents with specific rights regarding the collection and storage of their personal information.

Your Right to Know: California residents have the right to request that we disclose the following information to you about our collection and use of your personal information over the past twelve (12) months. We may ask you to provide certain information to identify yourself so that we may compare it with our records in order to verify your request. Upon verification, we will disclose to you:

● The categories of personal information we have collected about you.

● The categories of sources for the personal information we have collected about you.

● The specific pieces of personal information we have collected about you.

● Our business or commercial purpose for collecting or selling your personal information.

● The categories of third parties to whom we have sold or shared your personal information if any, and the categories of personal information that we have shared with each third-party recipient.

Your Right to Opt-Out of Sale or Sharing of Personal Information: California residents have the right to opt-out of the sale of their personal information by submitting a request as directed on the homepage of our website or by contacting us using the information in the “Contact Us” section below. Please note that we do not knowingly sell the personal information of any individuals under the age of 18. Where we are sharing your personal information with third parties for the purposes of cross-context behavioural advertising or profiling, you may opt-out of such sharing at any time by submitting a request as directed on the homepage of our website or by contacting us using the information in the “Contact Us” section below.

Your Right to Limit Use of Sensitive Personal Information: California residents have the right to request that we limit our use of any sensitive personal information to those uses which are necessary to perform the Services or for other specifically-enumerated business purposes under the CCPA, as amended by the CPRA.

Your Right to Delete: California residents have the right to request that we delete any of the personal information collected from you and retained by us, subject to certain exceptions. We may ask you to provide certain information to identify yourself so that we may compare it with our records in order to verify your request. Once your request is verified and we have determined that we are required to delete the requested personal information in accordance with the CCPA, we will delete, and direct our third-party service providers to delete, your personal information from their records. Your request to delete personal information that we have collected may be denied if we conclude it is necessary for us to retain such personal information under one or more of the exceptions listed in the CCPA.

Your Right to Correct: Under the CCPA, as amended by the CPRA, California residents have the right to request that we correct any inaccurate personal information we maintain about you, taking into account the nature of the personal information and the purposes for which we are processing such personal information. We will use commercially reasonable efforts to correct such inaccurate personal information about you.

Non-Discrimination: You will not receive any discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.

Verifying Your Request: Only you, or a person that you authorize to act on your behalf, may make a request related to your personal information. In the case of access and deletion, your request must be verifiable before we can fulfil such a request. Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information or a person authorized to act on your behalf. We will only use the personal information that you have provided in a verifiable request in order to verify your request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority. Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive or manifestly unfounded. To exercise these rights, please contact us at the contact information mentioned in the “Contact Us” clause.

CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference and not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

HOW DO WE PROTECT CHILDREN’S PRIVACY?

Our Services are not for the use of children below the age of 18 (“Child” or “Children”). We do not knowingly collect personally identifiable information from children under 13 without the consent of the legal guardian. If you become aware that a Child has provided us with Personal Data without the parent’s consent, please contact us. If we become aware that we have collected Personal Data from Children, we take steps to remove that information from our servers.

WHAT THIRD-PARTY PAYMENT PROCESSORS DO YOU USE?

At our Service, we offer paid products and/or services, but we do not store or collect your payment details. Instead, we may use third-party services for payment processing, such as Visa, Mastercard, PayPal, and American Express.

● Visa: https://usa.visa.com/legal/global-privacy-notice.html

● Mastercard: https://www.mastercard.co.in//en-in/vision/corp-responsibility/commitment-to-privacy/pr ivacy.html

● PayPal: https://www.paypal.com/us/webapps/mpp/ua/privacy-full

● American Express: https://www.americanexpress.com/en-in/company/legal/privacy-center/online-privacy-sta tement/?inav=in_sitefooter_bottom_privacy_centre

When you make a payment through one of these third-party services, your payment information is provided directly to the payment processor, and their use of your personal information is governed by their own Privacy Policy. These payment processors adhere to the standards set by PCI-DSS (Payment Card Industry Data Security Standard) as managed by the PCI Security Standards Council. PCI-DSS requirements help ensure the secure handling of payment information. We take the security of our users’ payment information very seriously and are committed to protecting it. By using trusted third-party payment processors that adhere to the PCI-DSS requirements, we can provide a secure and reliable payment experience for our users.

HOW CAN YOU SUBMIT A COMPLAINT?

If you have a complaint about our handling of your personal data, you may contact our data protection officer using the contact information below. We request that a complaint be made in writing. Please provide details about your concern or complaint so that our data protection officer can investigate it. We will take appropriate action in response to your complaint, which may include conducting internal discussions with relevant business representatives. We may contact you for additional details or clarification about your concern or complaint. We will contact you to inform you of our response to your complaint.

DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws. We may update this privacy notice from time to time. The updated version will be indicated by an updated “Last updated” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

CONTACT US

After reviewing this policy, if you have any additional questions, concerning this Privacy Policy, please contact us by sending an email to info@enzo-motorsports.com by adding the word “Privacy” in the subject line. Last Updated: June 4, 2023.