Privacy Notice

1. Information About Us

Tivoli Auto Services Ltd (“we”, “us”, “our” and “ours”) is a company offering MOT and servicing for all types of vehicles located at 100 Battle Road, St Leonards-On-Sea, TN37 7AG. For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
Tivoli Auto Services Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our clients and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

2. What Does This Notice Cover?

This Privacy Notice explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

3. What is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as account numbers or other online identifiers.
There is an additional category of data defined as Special Categories of Data which is described as “personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data, data concerning health, or data concerning a natural person’s sex life or sexual orientation”.

4. What Personal Data Do We Collect?

We may collect some or all of the following personal data:
Name, Address, Phone Number(s), Email Address, Payment details, Vehicle make, model and registration number, Driving licence
Information is collected directly from you, either in person or via our website.

5. How Do We Use Your Personal Data?

Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you or because you have consented to our use of your personal data. Your personal data may be used for one of the following purposes:
• Supplying our products and/or services to you. Your personal details are required in order for us to enter into a contract with you.
• Communicating with you. This may include responding to emails or calls from you.
• Calling as a reminder to you when a service or MOT is due.
• Sending email communication advising you of our services and any special offers, to which you can opt out at any time
• Selling or sourcing a car for/to you
• Providing a courtesy car
• Providing benefits for referrals

6. How and Where Do We Store or Transfer Your Personal Data?

Your personal data is stored in locked cupboards and all Personal Computers have password access controls.

7. How Long Will We Keep Your Personal Data?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept while you are an active client and for 4 years after your last transaction with us. Estimate details will be kept for 6 months, if you have not requested us to do the work by then. Payment transactions will be kept for 7 years after the transaction.

8. Do We Share Your Personal Data?

We will share your personal data with DVSA as part of a legal obligation for recording MOT details, and to our auto parts suppliers, as necessary, who are engaged under contract with us, including a duty of confidentiality and implementation of appropriate technical and organisational measures to ensure the security of the data. We will share the email addresses, where you have opted in, with our marketing agency who distributes the mails on our behalf as part of a processing agreement with us, but do not pass the details to any other third parties.

9. What Are Your Rights?

Under the GDPR, you have the following rights, which we will always work to uphold:
a) The right to request a copy of the personal data held by us. This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal address shown below. We may request further information to verify your identity.
b) The right to request that we correct any personal data if it is found to be inaccurate or out of date.
c) The right to request that personal data is erased where it is no longer necessary for us to retain such information.
d) The right to opt out of any marketing communications, or to withdraw consent where you have already provided it.
e) The right to lodge a complaint with the Information Commissioner’s Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

10. Contact Us

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Email address:
Telephone number: 01424 442277
Postal Address: Data Protection Queries
100 Battle Road,
St Leonards-On-Sea,
TN37 7AG

11. Changes to this Privacy Notice

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
Any changes will be made available on our website