Withdrawing consent or choosing to delete some types of personal data may prevent Cartrack from supplying certain services to a Data Subject, or responding to queries as a prospective employee or supplier. In order to better protect and safeguard personal data, Cartrack takes steps to verify the identity of a Data Subject before granting access or making changes to personal data.
The Data Subject has the right to be provided with clear, transparent and easily understandable information about how we use personal data, and what the Data Subject’s rights are
The Data Subject has a right to access, and to receive a copy of, any personal data we hold about the individual (subject to certain restrictions). A reasonable fee may be charged for providing such access but only where permitted by law
The Data Subject has the right to have personal data rectified if it is incorrect or outdated and/or completed if it is incomplete
The Data Subject has the right to have personal data erased or deleted; subject to legal or legitimate grounds for retaining the personal data
The Data Subject may unsubscribe or opt out of direct marketing communication at any time
The Data Subject may withdraw consent to our processing of personal data when such processing is based on consent. Where consent is withdrawn, the lawfulness of processing prior to withdrawal is not affected
The Data Subject may object to the processing of personal data when such processing is based on the legitimate interests pursued by the data controller, such as the:
Improvement of our products and services
Enhancement of our communication with the Data Subject
Proper administration of our website
Risk management
Protection of legal rights
The Data Subject has the right to contact the relevant data protection authority to lodge a complaint against our data protection and privacy practices
The Data Subject has the right to move, copy or transfer personal data from our database to another. This only applies to personal data that the Data Subject has provided, where processing is based on a contract or explicit consent, and the processing is carried out by automated means
In circumstances limited by the GDPR, the Data Subject may restrict the processing of personal data, so that it can be stored, but not used or processed further, such as:
Inaccurate data contested by the Data Subject must be restricted until verified and corrected
Processing is unlawful but the Data Subject objects to the erasure thereof
Cartrack no longer requires the Data Subject’s data but the Data Subject requires it to be stored for the establishment, exercise or defence of legal claims
The Data Subject objects to processing based on Cartrack’s legitimate interests, until verification of overriding rights