Codeweavers Privacy Policy
Everything you need to know about Codeweavers in one place
(Last updated: July 2023)
Privacy Policy
At Codeweavers, we look after your data. Not just because it’s our responsibility, but because we would want us to if we were you. We are committed to safeguarding and maintaining your personal data, in line with the DPA 2018, GDPR and e-Privacy laws.
On certain occasions when we are collecting or processing personal data about you for a new purpose or in a new way, we may provide additional privacy information so that you are fully aware of how and why we are using your data. From time to time, we may provide you with links to third party websites. Please note that we have no control over these websites, and you should adhere to each party’s own Privacy Policy as applicable.
If we make significant changes to this policy or we feel there is something you need to know, we will make that clear to you via email (“Service Messages”).
What data do we collect?
We process different categories of Personal Data depending on your relationship with us:
Contact Data: Any personal data you provide if you get in touch with us via email, phone or post with any comments or questions.
Application Data: We process basic personal information such as name, date of birth, address history and contact details from your applications to provide you with personalised finance quotes. You can see a list of the lenders that we are working with here.
Analytical Data: Information collected from cookies and other tracking methods about how you browse and use our Services including, for example, the frequency of your visits.
Technical Data: Includes Internet protocol (IP) address, browser type and version, device identifiers, device advertising identifiers, approx. location, operating system and platforms; referring website addresses, data/time of visits, page view data, Internet service provider, click data, and information about your device including make, model and data connection type.
Marketing Data: Includes your instructions as to whether or not you wish to receive email marketing from Codeweavers.
Service Data: The product or service you have chosen; performance of a contract/business relationship, T&Cs, DPAs, contract negotiation and discussions, testing and implementation.
Subscription Data: Payment details (potentially name on card, card number, CVC, expiry date, subscription amount and payment method). Payments are processed by our PCI-compliant third party payment provider, Stripe.
Data from other sources: We combine information that you provide to us (and that we collect from time to time across different parts of our Services) with information that we receive from third parties.
| Purpose/Activity | Type(s) of data used | Basis for Processing |
|
To manage our relationship with you which can include: Sending you service messages, such as notifying you about material changes to our terms of use, cookie and/or privacy policy or provide you with password reminders; and Responding to any of your comments, complaints or queries. |
Contact Data |
Legitimate Interests: To ensure a great user experience of our Services. To comply with a legal obligation - for example, to let you know about material changes to our terms of use, cookie and/or privacy policy. |
|
To administer and protect our Services. (Including troubleshooting, testing, system maintenance, monitoring quality and security of service, support or reporting.) |
Contact Data Technical Data Analytical Data |
Legitimate Interests: To ensure the efficient and successful running of our business, network security, investigation of any suspected breach of the Terms of Use or the breach of other applicable terms and conditions, and to help optimise your use of the Services and provide a good use experience. |
|
To improve our Services, marketing, consumer relationships and experiences. |
Contact Data Technical Data Analytical Data |
Legitimate Interests: To help us monitor, support and improve the performance, and your experience, of our Services (by analysing your use and experience of our Service and identifying any technical issues); to keep our Services updated relevant; develop our business and to inform our marketing strategy. |
|
Sharing of data with data processing companies who act on our behalf, to enable us to deliver our Services, such as those who assist with our registration process, host our data, provide technical services to us, provide payment services to us. |
Contact Data |
Legitimate Interests: To help manage your data, to provide analysis and to deliver specific functionality. |
|
To facilitate personalised finance quotes via software services that we have built for our customers within the automotive industry. |
Application Data |
Performance of a contract between you and the lender. Please note that we are acting as a data processor and store this information on the lender’s behalf.
|
|
Where you are an Automotive Retailer/Dealer |
||
|
Process your order form, set up and administer your Services and to ensure you can access Codeweavers functionality. |
Service Data Subscription Data Contact Data Analytical Data Technical Data |
Performance of our contract with you. (Including negotiation/discussion of terms.) Legal Obligation. (Fraud checks.) |
|
Train staff, system development, sharing your information with third parties, such as Motor Finance Providers, where applicable. |
Contact Data Technical Data Data from other sources |
Performance of our contract with you. |
|
Share information with HMRC and other government bodies. |
Service Data |
Legal Obligation. |
|
To keep in touch with established customers and to contact you as a potential customer to establish new corporate relationships. |
Contact Data Data from other Sources |
Legitimate Interests. (B2B Marketing.) For networking and pitching inventory to support the growth of Codeweavers business. |
|
To administer your payment through our third-party payment processor, Stripe. |
Subscription Data Service Data Contact Name |
Performance of our contract with you. Please note that we do not process your payments directly or have access to your payment card information. Instead your payment data is processed by our sub-processor, Stripe, who are PCI-Compliant payment platform provider. |
When Our Company processes your order, it may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.
How do we store your data?
Codeweavers securely stores your data within web based CRM systems and cloud providers (Google), and uses a server based in the UK. Your data is stored and secured within the UK/EEA, except for in circumstances where we use a third party provider who is based outside of the EEA (US and Worldwide). For more information, please see “Data Transfers” below. Data is anonymised when we do not have a legitimate reason to process it.
How do we keep your data secure?
The security of your data is important to us. We have technical and organisational measures in place internally within Codeweavers, and externally with our authorised third party suppliers to protect the data we collect, use and store, against unauthorised access or disclosure; improper use, alteration, unlawful or accidental destruction or loss.
We limit access to your personal data to those employees who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
However, please be aware that the sending of information through the internet can never be completely secure. We do not guarantee the security of your data transmitted to and from our Services over the internet, and you accept the inherent security implications of using the internet.
Sharing your personal information
When we engage data processing companies to act on our behalf from time to time to help manage your data, to provide analysis and to deliver specific functionality. We require those we share it with to respect the security of your personal data and to treat it in accordance with the law and our strict instructions. Please note that some of these companies may be either located and/or have servers which are located outside the European Economic Area (please see below for further detail).
Where we are required or permitted to do so by law, or to protect or enforce our rights or the rights of any third party or our users (which may include steps taken arising from a breach of our Terms of Use).
In the event that we sell or buy any business or assets, in which case we may disclose your data to the prospective seller or buyer.
Marketing
Where you are a customer: We will only send you marketing emails about our Services where you have given us consent to do so. You can unsubscribe at any time from email marketing communications via the unsubscribe link at the footer of any marketing correspondence or contact us at support@codeweavers.net. Please note that if you unsubscribe from receiving email marketing from us, you will receive service emails from us to update you on any material changes to our terms and conditions, privacy or cookie policies.
Where you are a retailer/dealer: For Business to Business marketing (B2B), we process your data for marketing purposes under the lawful basis of Legitimate Interests. Please note that B2B marketing is offered an exemption under GDPR.
Data Transfers
Whenever we transfer your personal data out of the EEA to certain authorised suppliers providing functionality or other services to us, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. (Standard Contractual Clauses)
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Retention Periods
Codeweavers will keep your data for as long as necessary to fulfil our contracts and services with you, and whilst we have lawful bases to do so. We only keep the minimum data required to achieve our purposes. Once this time period has expired, we will anonymise your data completely, rendering you unidentifiable, therefore this data is not subject to GDPR or PECR regulations.
What are your data protection rights?
Codeweavers would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Our Company for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Our Company erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Our Company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
Please note that if you make a request under your Right to Access, we have one month from the date we receive your request, to respond to you.
How to contact us
If you would like to exercise any of these rights, please contact our Data Protection Team via the details below:
Email: ukca.dataprotection@coxautoinc.com
Or write to us: Data Protection Team, Legal, Central House, Leeds Road, Rothwell, Leeds, LS26 0JE.
Please note that Codeweavers Ltd also trades as Motor Credit Check on the website at www.motorcreditcheck.com, but you can contact us via the details on this website and we will help with any enquiry you have.
Under Data Protection Regulation, you have the right to report a concern with a Supervisory Authority which in the United Kingdom is the Information Commissioner's Office. You can report concerns via the ICO website, but please give us the opportunity first to understand your issue and see if we can resolve matters with you.
