Cookies
Cookies help us offer the best shopping experience on our website. By using our website, you agree to our use of cookies. The learn more about what cookies we use and why, please read our cookie policy

Our Privacy Policy & GDPR


About Us
Contact Us
Cookies
Genuine Parts
Number Plates
Opening Times
Privacy Policy
Recycling
Terms & Conditions
VRM Fair Usage Policy

At Carspares.co.uk, Car Spares Cheshunt Ltd and Car Spares Freezywater the security of our customers personal details is taken extremely seriously. We will never sell your details on to third parties, any personal data collected is used purely to fulfil our contractual obligations to our customers. This Data will remain on file until such time that the customer requests for this information to be 'forgotten'. We use a secure encrypted connection to protect your order information and personal data, please click on the 'Comodo' image on the bottom of our web site for confirmation of this protection.

Under GDPR regulations, individuals have the following rights

  1. The right to be informed
    • Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR.
    • We must provide individuals with information including: our purposes for processing your personal data, our retention periods for that personal data, and who it will be shared with. We call this 'privacy information'.
    • We must provide privacy information to individuals at the time we collect their personal data from them.
    • If we obtain personal data from other sources, we must provide individuals with privacy information within a reasonable period of obtaining the data and no later than one month.
    • There are a few circumstances when we do not need to provide people with privacy information, such as if an individual already has the information or if it would involve a disproportionate effort to provide it to them.
    • The information we provide to people must be concise, transparent, intelligible, easily accessible, and it must use clear and plain language.
    • It is often most effective to provide privacy information to people using a combination of different techniques including layering, dashboards, and just-in-time notices.
    • We must regularly review, and where necessary, update our privacy information. We must bring any new uses of an individual's personal data to their attention before we start the processing.
  2. The right of access
    • Individuals have the right to access their personal data and supplementary information.
    • The right of access allows individuals to be aware of and verify the lawfulness of the processing.
  3. The right to rectification
    • The GDPR gives individuals the right to have personal data rectified.
    • Personal data can be rectified if it is inaccurate or incomplete.
  4. The right to erasure
    • The right to erasure is also known as 'the right to be forgotten'.
    • The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
  5. The right to restrict processing
    • Individuals have a right to 'block' or suppress processing of personal data.
    • When processing is restricted, we are permitted to store the personal data, but not further process it.
    • We can retain just enough information about the individual to ensure that the restriction is respected in future.
  6. The right to data portability
    • The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
    • It allows the individual to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
  7. The right to object
  8. Individuals have the right to object to:
    • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    • direct marketing (including profiling); and
    • processing for purposes of scientific/historical research and statistics.
  9. Rights in relation to automated decision making and profiling.
    • The GDPR has provisions on:
      1. automated individual decision-making (making a decision solely by automated means without any human involvement); and
      2. profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process.
    • The GDPR applies to all automated individual decision-making and profiling.

We may provide a telephone number to our courier for the purposes of contacting you in the unlikely event that they have difficulty in finding you or if there is any other delivery problem. We never cold call and only use the telephone numbers and vehicle registration numbers provided to resolve problems with orders or respond to queries.

If you have any questions regarding our privacy policy or need to contact us regarding your data and GDPR, please do not hesitate to contact us at: sales@carspares.co.uk or write to The GDPR Controller. Car Spares Cheshunt Ltd, 57 Delamare Road, Cheshunt, Herts,EN8 9AP