L. Luca Enterprises Ltd Privacy Policy.

LUCA ENTERPRISES LTD (“LUCAENT”, “LLE”, “we”, “us”, “our”), a company registered in Cyprus with company number 12066161P, is committed to protecting and processing Personal Data in accordance with Data Protection Law.

This Privacy Policy (“Policy”) explains how we use any personal data we collect about you as a customer of L. LUCA ENTERPRISES LTD. Capitalized words and phrases in this Policy which aren’t defined elsewhere have the meaning set out in the Glossary, which can be found at the end of this Policy.

Please contact us if you have any questions about this Policy or wish to exercise your legal rights under Data Protection Law.

By email to: info@lucaent.com.cy

Or by post

Privacy team
LUCA ENTERPRISES LTD
Unite A2, Pireos 6, Latsia, 2233, Nicosia, Cyprus
P.O Box 27702, 2432, Nicosia, Cyprus

 

Contents:

What Personal Data do we collect about you?

How will we use the Personal Data about you?

Who on our team has access?

Marketing and your Personal Data

How we share and disclose your Personal Data

Your legal rights

Cookies

Changes to our Policy

Glossary

What Personal Data do we collect about you?

We collect Personal Data about you when you register with us, contact us for any reason (including when you or your organization provides us with goods or services), or place an order for products or services. We also collect Personal Data when you voluntarily complete customer surveys, provide feedback and participate in competitions.

We may receive Personal Data about you from various third parties and public sources including directors, shareholders and employees at any business or organization you are associated with public registers, credit reference agencies and public bodies or authorities.

Media

If you upload images to the website such as the case of the “Share your problem” form, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Contact form – Send us a message
Information we collect:
  • First name
  • Last name
  • Phone number (optional)
  • Email address
  • Message
Contact form – Share your problem
Information we collect:
  • First name
  • Last name
  • Phone number (optional)
  • Email address
  • Upload a photo that shows the problem
  • Message
Newsletter form
Information we collect:
  • Email address

Communications

Using our newsletter subscription form we will use your email to send you marketing or promotional material and other information that may be of interest to you. You may opt-out of receiving our newsletter using the unsubscribe link in the email you received upon newsletter registration or in one of the newsletters we send you.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Our ecommerce/products platform collects the following information: Information about the products you viewed recently, checks if you dismissed our store/product catalogue notice if we append one.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our plugin. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy at https://www.google.com/policies/privacy/.

Google Recaptcha

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).

reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.

The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.

Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.

For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Viewing our product catalogue and products

Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed.

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 7 days.

Information we collect from working with us and for us

An employee of L. LUCA ENTERPRISES LTD (or, in each case, a member of our Group), someone working with us under a contract for services, or someone who applies for employment or work with us, we will provide you with specific privacy information and also ask for your consent to use Special Categories of Personal Data which we’re likely to obtain as a result of our working relationship. Although you should refer to any more specific privacy information, we give you, we will also collect the following information on you:

How will we use Personal Data about you?

We collect Personal Data about you to obtain supplies of goods and services from you or your organization, process your order and/or provide you or your organization with goods and services, manage your account, assist with contractual support and, if we are legally permitted to do so, to email you about other products and services we think may be of interest to you.

Who on our team has access?

Members of our team have access to the information you provide us. Such as information that you may disclose using our contact forms and security logs.

Marketing and your personal data

We would like to send you information from time to time about new or existing products or updates, events or promotions and the activities of our Company. We will not share your Personal Data for marketing purposes with companies outside of our Company without your consent.

How we share and disclose your Personal Data

We may share your Personal Data with the parties set out below for the purposes set out in the table above.

Security

When the website is running a Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site’s URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

Members of our Company;

External Third Parties as set out in the Glossary; Specific third parties listed in the table above;

Your Legal Rights

Data Protection Law gives you certain rights in relation to your Personal Data held by us. The summaries of your rights set out below are merely that, and are not intended to give you other or additional rights. You have the right to:

Request access

You have the right to request a copy of any Personal Data that we hold about you. If you would like a copy of some or all of your Personal Data, please write to us or send an email to the following address.

By email to: info@lucaent.com.cy

Or by post to:

Privacy Team
LUCA ENTERPRISES LTD
Unit A2, Pireos 6, Latsia, 2233, Nicosia, Cyprus
P.O.Box 27702, 2432 Lefkosia Cyprus

Request correction

You have the right to request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure

You have the right to request erasure of your Personal Data in specific circumstances. This enables you to ask us to delete or remove Personal Data where there is no valid legal basis for us to continue to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we have processed your Personal Data unlawfully or where we are required to erase your Personal Data to comply with Data Protection Law. Note, however, that we may not always be obliged or able to comply with your request for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing

You have the right to object to the processing of your Personal Data where we are relying on our legitimate interests (or those of a third party) as a legal basis for use of your data, and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. Note that even if you are able to articulate valid reasons for an objection, Data Protection Law permits us to continue to use your Personal Data if we determine that we have compelling and legitimate grounds to continue processing your Personal Data which override your rights and freedoms.

Request restriction

You have the right to request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Data Portability

You have the right to request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine‐readable format.

Note that this right only applies:

To Personal Data you provided directly to us;

Where our only legal basis for using the Personal Data is your consent or performing a contract with you personally; and

To the extent that we process the relevant Personal Data by automated means (so, not Personal Data we hold on paper or another durable medium).

Withdraw consent

You have the right to withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent, and we reserve the right to continue to use your Personal Data if we have another valid legal basis for doing so under Data Protection Law. If you withdraw your consent, we may not be able to provide certain products or services to or administer our relationship with you or your organization. We will advise you if this is the case at the time you withdraw your consent.

You have the right to make a complaint about our use of your Personal Data at any time to the Office of the Commissioner for Personal Data Protection (“OCPDP”). The OCPDP is the CYPRUS supervisory authority for data protection issues (commissioner@dataprotection.gov.cy).

If you do have a problem, question or concern about our use of your Personal Data, we would really appreciate the chance to try to help you before you approach the OCPDP, so please feel free to contact us in the first instance using our contact details above.

Cookies

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

Cookie categories

Technical

We technical or session cookies that are used when you login that do not store any personal information but are used to check if you have cookies enabled on your browser, control the session such as check if you are logged in and check/recognise the session after login. These cookies are required for you to use our website and cannot be blocked because the website will not be functional. We also use the Google Recaptcha service to prevent spam submission throughout our forms such as login, registration, contact forms and comment forms.

Ecommerce/Catalogue

Our shopping/catalogue platform uses a total of 4 cookies. For cart and order processing 2 cookies will be stored. These cookies are strictly necessary and cannot be turned off. We use those cookies to have persistent cart for your convenience when you add stuff to your cart and close your browser. You can come back and see the items in your cart so you won’t forget or lose your favourite products. We also use the third cookie to identify and find the cart from our database. We use cookies also to track your recently viewed products when you visit a product so that you can call back and visit a product you might have missed.

Spam reduction and other third-party cookies

Cookies embedded and used by third party services such as Google Fonts, YouTube videos embedded and other third-party services. Cookies placed by the Google Recaptcha anti-spam engine – Third party cookies – These cookies cannot be turned off.

Cookie control

Site third party cookies
Any cookies that can be turned off are by default blocked – you can accept the use of those cookies – such as cookies placed by third party embedded content by pressing “Accept” on the privacy banner popup at the bottom left of the website.

You can revoke the consent you gave from the banner by pressing “Revoke cookies consent” located at the footer of our website.

Learn more about to block and or manage cookies you allow from your browser from here (this will redirect you to another website)

List of cookies

A full list of all the cookies placed and used on Lucaent and Third-Party services are displayed below:

COOKIE NAME DURATION PURPOSE CATEGORY
woocommerce_cart_hash session Helps our ecommerce/catalogue platform determine when cart contents/data changes. Ecommerce/Catalogue
woocommerce_items_in_cart session Helps our ecommerce/catalogue platform determine when cart contents/data changes. Ecommerce/Catalogue
wp_woocommerce_session_ 2 days Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. Ecommerce/Catalogue
woocommerce_recently_viewed session Used to show recently viewed products Ecommerce/Catalogue
store_notice[notice id] session Allows you to dismiss any appended store notices Ecommerce/Catalogue
woocommerce_snooze_suggestions__[suggestion] 2 days Allows dashboard users to dismiss Marketplace suggestions, if enabled. Ecommerce/Catalogue
woocommerce_dismissed_suggestions__[context] 1 month Count of suggestion dismissals, if enabled. Ecommerce/Catalogue
tk_ai session Stores a randomly-generated anonymous ID. This is only used within the dashboard (/wp-admin) area and is used for usage tracking, if enabled. Ecommerce/Catalogue
wordpress_test_cookie,
wordpress_logged_in_,
wordpress_sec
session Used by our systems – Content Management System to: Check if a user is logged in, check if cookies of the browser are enabled and for recognising the session after logging in. Technical
euCookie 7 days Checks whether or not you gave your consent regarding allowing third party cookies Technical
CONSENT 10 years or more Used by YouTube (Google) for storing user preferences and other unspecified purposes – https://www.google.com/policies/privacy/ Third-party / Spam reduction
1P_JAR 1 month These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation. Third-party / Spam reduction
OTZ session These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by storing in a cookie the region in which you are currently located. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

Most likely this cookie is related to YouTube videos in this case. Lucaent provides advertising videos for its products on some product pages. Google places this cookie so that the video watched matches the preferences, a user has on his/her YouTube account. It may also track the user for advertising purposes but exact purpose is not clearly disclosed by the provider.

Please read:
Google Privacy Policy at – https://www.google.com/policies/privacy/

Third-party / Spam reduction
PREF 2 – 10 years from set/ update This cookie stores your preferences and other information, in particular preferred language, how many search results you wish to be shown on your page, and whether or not you wish to have Google’s SafeSearch filter turned on.

Placed by YouTube when a YouTube video is embedded. Lucaent provides advertising videos for its products on some product pages.

Please read:
Google Privacy Policy at – https://www.google.com/policies/privacy/

Third-party / Spam reduction
GPS session Registers a unique ID on mobile devices to enable tracking based on geographical GPS location.
Placed by YouTube when a YouTube video is embedded. Lucaent provides advertising videos for its products on some product pages.Please read:
Google Privacy Policy at – https://www.google.com/policies/privacy/
Third-party / Spam reduction
YSC Session This cookie is set by the YouTube video service on pages with embedded YouTube video.
Placed by YouTube when a YouTube video is embedded. Lucaent provides advertising videos for its products on some product pages.Please read:
Google Privacy Policy at – https://www.google.com/policies/privacy/
Third-party / Spam reduction
VISITOR_INFO1_LIVE 8 months from set/update Used by YouTube (Google) for storing user preferences and other unspecified purposes –
Placed by YouTube when a YouTube video is embedded. Lucaent provides advertising videos for its products on some product pages.Please read:
Google Privacy Policy at – https://www.google.com/policies/privacy/
Third-party / Spam reduction
HSID, SSID, APISID, SAPISID N/A We use security cookies to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorized parties.

For example, we use cookies called ‘SID’ and ‘HSID’ which contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. The combination of these two cookies allows us to block many types of attack, such as attempts to steal the content of forms that you complete on web pages.

“SIDCC” is a security cookie to protect a user’s data from unauthorized access.

Third-party / Spam reduction
PHPSESSID session Cookie generated by applications based on the PHP language. This is a general-purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages. Technical
__Secure-APISID, __Secure-3PAPISID, __Secure-3PSID 2 years

 

Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalised Google advertising Third-party / Spam reduction

Changes to our Policy

We keep our Policy under regular review and we will place any updates on this web page. This Policy was last updated on 20 March 2020.

Glossary

Data Protection Law

For all persons within the EU on whom we or our Company process Personal Data, this means all statutes, laws, secondary legislation and regulations pertaining to privacy, confidentiality and/or data protection of Personal Data or corporate data, including (until 20 March 2020) the Data Protection Act 1998, (from 20 March 2020) the GDPR, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI2003/2426), the Regulation of Investigatory Powers Act 2000 and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (SI 2000/2699) and any relevant national laws implementing Directives 95/46/EC and 2002/58/EC.

GDPR
The General Data Protection Regulation (Regulation (EU) 2016/679)

Lawful Basis
There are a number of different lawful bases for processing your Personal Data which we may use:

Legitimate Interest means an interest in conducting and managing our business to enable us to provide commerce of automotive servicing equipment and diagnostic services. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required

or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of a Contract means processing your data where it is necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your Personal Data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Personal Data
Means any information about an individual, held by a data controller, from which the controller can identify a specific, living person. It does not include data about a living person that the controller can’t identify.

Some Personal Data falls into “Special Categories” under GDPR and are given greater protection. These include any Personal Data revealing your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and information about your health, as well as genetic and biometric data. Information about criminal convictions and offences is also treated differently from ordinary Personal Data under the GDPR.

Third Parties
External Third Parties

Service providers acting as processors based inside and outside the EEA who provide technical, financial, logistical, information technology or other support for our work or that of our Group.

Professional advisers acting as processors or joint controllers including lawyers, finance companies, auditors, insurers and accountants based in the EEA and outside of it who provide consultancy, legal, insurance and accounting services to our Group.

HM Revenue Customs, regulators and other authorities based in CYPRUS.

Governments and public authorities in other countries where we or any member of our Company carry out our activities.