This page provides an overview of the management methods used for the site as regards processing of the personal information of its users, in line with the Regulation (EU) 2016/679 (the General Data Protection Regulation, “GDPR”) and the national applicable legislation (together, "Data Protection Legislation"), whatever the users’ reasons for visiting the site may be. Refer to the documentation published on the individual pages where personal data is collected.
DATA PROCESSORS
Lamborghini, pursuant to article 29 of the Code, has nominated Data Processors responsible for handling the personal data. The information notices provided during the data collection phases specify the parties to whom this responsibility has been assigned.
LOCATION OF THE DATA PROCESSING – HOSTING SERVICE
The site is hosted on the Google Cloud Platform, Compute Engine platform, inside the europe-west1 (Belgium) and europe-west4 (The Netherlands) zones.
PURPOSES OF THE PROCESSING
Providing the information specified above is necessary to allow you to use our Services, and to allow us to respond to your requests for information or requests for free activation of certain Services. Your refusal would prevent you from using our services and prevent us from responding to your requests. We will process your personal data only where one of the lawful bases outlined in the current legislation is present, more specifically legitimate interest on the part of Lamborghini, with particular reference to the ordinary management and maintenance of the site.
GATHERING OF PERSONAL DATA
The I.T. systems responsible for the correct operation of the Site acquire some of your personal data during the course of their operation; the transmission of this is implicit in the use of the Internet communication protocols. This information is not collected for the purpose of identifying you, however it could be used to this end if, for example, it was combined with information held by third parties. This category of data includes the IP address and domain name of your computer, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to issue the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server, and other parameters concerning your operating system. We use these data only to obtain anonymous statistical information on use of the site and to check it is operating correctly. We delete data collected in this manner immediately after processing. These data could be used to determine responsibility in the event of computer crimes carried out against the Services.
Where expressly indicated, it is possible to transmit personal data via this site (for example, via the contact form) in order to obtain certain specific services. Please read the dedicated information notices published on the corresponding pages so as to be aware of the purposes of such data gathering, whether providing the information is obligatory, and to which parties it may be transmitted or communicated. If you should collect, process and communicate to us information relating to third parties, you must do so pursuant to the provisions of applicable Data Protection Legislation, therefore providing said third parties with prior information on the processing, and where required obtain free and express consent before performing such operations.
SCOPE OF COMMUNICATION
Your personal data will be processed internally only by parties nominated in advance as data supervisors or processors. Specifically, your data may be transmitted to the following categories of external parties: (professional and technical) providers of services and legitimate recipients in accordance with the legislation. The recipients of the data shall act as data controllers, supervisors or processors in accordance with the applicable legislation. Whenever our company, or a part of it, should be involved in a reorganization, acquisition or sale, we will send your data to third parties involved in the procedure. Any third party recipient of your personal data may only use them within the limits laid out in this Privacy Policy.
We may send your personal data out of Italy to established third-party recipients within the European Union. This transfer is not subject to limitations inasmuch as any EU country guarantees an appropriate level of data protection. For the purposes described above we may also, however, send your data to third (non-EU) countries which do not guarantee the same level of data protection. Nevertheless, such transfers to third countries shall always be performed in accordance with the provisions of the Data Protection Legislation, in other words subject to obtaining your consent, where necessary, or through the adoption of any other measure necessary to guarantee the security of the data being transferred. These measures include possible contractual agreements based on the so-called standard contractual clauses, as drafted by the European Commission.
COOKIES
See the specific DOCUMENTATION published in this regard.
EXTERNAL SERVICE
This website uses an external web analytics service provided by a third party, in particular by Google Analytics, which uses javascript technology to analyse how this site is visited. Google Analytics uses information, included IP address, generated through the use of the website by the Users, and stored on the servers of Google Analytics, in order to improve the site. Google Analytics may transfer the above mentioned information to third party when required by law and when third parties act on the behalf of Google Analytics. By using this website, the User express his/her consent to the processing of personal data by Google Analytics for the abovementioned purposes.
DATA PROCESSING AND STORAGE OF PERSONAL DATA
We will process your data both on hardcopy and through the use of electronic tools, but always in compliance with the security requirements specified by applicable legislation. Our security measures include contractual tools from any contractor (e.g. supplier of services) or agent in order to guarantee the security and confidentiality of your personal data pursuant to the provisions of the Data Protection Legislation.
Unless otherwise indicated by the interested party or where legal obligations apply, the data processing shall last no longer than the time necessary for the purposes for which the same information was collected. Data will be permanently deleted or anonymized when the purposes indicated above have been achieved, except in cases where Lamborghini is required to archive them for a further period in order to comply with legal or regulatory requirements. Whenever the owner of the information should consider, for any reason, that the reason for the processing no longer applies, they may communicate this using the contact details provided below.
RIGHTS OF THE DATA SUBJECTS
You may exercise the rights provided to you by the Data Protection Legislation at any time; you may thus, for example, access your data, check their content, origin and accuracy, request updates, additions, modifications or deletions to the data, oppose the processing or request that this be limited, or make portability requests. To exercise these rights, please contact us using the details in the section below.
DATA CONTROLLER AND DATA PROTECTION OFFICERS
The site is managed by Automobili Lamborghini S.p.A., Via Modena 12, Sant’Agata Bolognese, Italy, email: privacy@lamborghini.com, which acts as Data Controller.
If you wish, you can also contact our Data Protection Officer (DPO) by writing to: dpo@lamborghini.com.
MODIFICATIONS TO THIS POLICY
Automobili Lamborghini S.p.A. reserves the right to update this privacy policy. In this case, the date indicated below shall be modified.