CarGurus.co.uk data protection policy
The CarGurus.co.uk website and mobile and other applications, products and services are owned and operated by CarGurus, Inc. ("CarGurus"). CarGurus has provided this "Data Protection Policy" because we value your right to privacy.
Please read this Data Protection Policy carefully before providing us with any personal data. By visiting CarGurus.co.uk you are accepting and consenting to the practices described in this Data Protection Policy.
This Data Protection Policy was last updated on May 11, 2016 and governs the collection, use and disclosure of personal information through the site on or after this date.
Changes to the Data Protection Policy
We reserve the right to change this Data Protection Policy at any time without prior individual notice. Any changes to our Data Protection Policy will be posted at this URL, so be sure to check back often and consult the last updated date.
Your continued use of the site following reasonable notice of such modifications will be conclusively deemed consent to and acceptance of any changes to this Data Protection Policy.
You agree that notice of changes to this Data Protection Policy posted on the Site constitutes reasonable and sufficient notice.
At all times, you are bound by the then-current version of the Data Protection Policy and all applicable laws. We highly recommend that you review this Data Protection Policy from time to time to ensure that you are familiar with the most recent version.
Any change to this Data Protection Policy that materially affects your rights to your personal data will not take effect until 30 days after notice of such change is posted on the site, during which time you may notify us that you do not accept such change. Your continued use of the site after such 30 day period will mean that you accept such changes. If we make material changes that will affect personal data we have already collected from you, we will make reasonable efforts to notify you of the changes and to give you the opportunity to amend or cancel your registration.
If you have questions about this Data Protection Policy, e-mail us at privacy@CarGurus.com.
As used in this Data Protection Policy, the following terms are defined as follows:
- CarGurus.co.uk and the mobile and other applications and products and services owned and operated by CarGurus, Inc.
- "advertising networks"
- companies that deliver targeted advertisements to consumers and generate statistics and metrics related to the delivery of internet-based advertisements.
- "Data Technologies"
- technologies, such as cookies, local shared objects and web beacons, used to automatically collect information about your actions and your visit to our site, and includes all current and similar future technologies, including anonymous advertising identifications used on mobile devices and otherwise in a manner similar to cookies.
- "internet-based advertising"
- also called "online behavioral" or "interest-based" advertising and is advertising that is customized based on predictions generated over time from your visits across different websites, devices and mobile applications.
- "Personal data"
- personally identifiable data about an individual, such as an individual's name, address, telephone number, and/or email address.
- "Registration data"
- personal data collected from you at registration, such as your name, email address, mailing address, telephone number, user name and password. The registration data we collect may vary, but we only collect the data that you manually enter into our forms.
- "Third party service providers"
- Entities that have contracted with CarGurus to provide services to or on behalf of CarGurus.
Information we collect
1. Automatic Collection of Information
CarGurus gathers information from your computer or handheld or mobile device when you visit our site, whether you register for an account with us or not. We encourage you to register with us to take advantage of CarGurus' many personalization features. However, you may choose not to register and take advantage of features of our site where registration is not required. You may still use the site, but some of the features and functionality may be limited or not available. If you do not register, then the information we collect from you is limited to the information described below.
Anytime you visit our site, we collect your IP address to help diagnose problems with our server, administer our site and track site usage statistics. Your IP address may vary each time you visit, or it may be the same, depending on whether you access our site through an "always-on" type of Internet connection (e.g., cable modem or DSL), or through a dial-up connection (e.g., AOL or Earthlink). Either way, it would be extremely difficult for us to identify you through your IP address by itself, and we make no attempt to do so. We also collect information on whether you reached our site by clicking on a link or advertisement on another site, which helps us to maximize our Internet exposure, and to understand the interests of our users. We also collect information on your ISP or mobile carrier and the type of handheld or mobile device you used. All of this information is collected and used only in the aggregate; that is, it is entered into our database, where we can use it to generate overall reports on our visitors, but not reports about individual visitors.
CarGurus uses a reputable third party, Google Analytics, to collect information through Data Technologies. This data is collected on an anonymized basis and in the aggregate, but may include or be associated with other non-personally identifiable information or with personally identifiable information that users have voluntarily submitted. Our primary goal in collecting user information is to enhance your experience on our site. Google Analytics is a web analytics tool provided by Google, Inc. ("Google") that helps website owners understand how visitors engage with their website. We can view a variety of reports about how visitors interact with our website so we can improve it. Google Analytics collects information anonymously. Google uses first party cookies and IP addresses, and it reports website trends without identifying individual visitors. We do NOT authorize Google Analytics to use the data it collects from this site. For more information related to Google Analytics, click here. For information about and to install Google Analytics Opt-out Browser Add-on, click here.
We may partner with advertising networks, which may use information collected through a variety of Data Technologies to provide customization, auditing, research and reporting for us and other advertisers. We may also act as an advertising network and use information collected through a variety of Data Technologies while you are on our site and elsewhere where we may be acting as a third party. This data collection takes place both on the site and on third-party's websites and mobile applications. This process allows CarGurus and third parties to deliver targeted advertising, enhance marketing programs and help track the effectiveness of such efforts. Advertising networks also may use this information for determining or predicting the characteristics and preferences of their respective advertising audiences and measuring the effectiveness of their advertising in accordance with their privacy policies.
We do not provide information that is directly associated with a specific person (such as name and address) to any advertising network when you interact with or view a customized advertisement. However, when you view or interact with an advertisement, the advertiser may make an assumption that you are interested in the subject matter of the advertisement.
Some companies disclose when they are using interest-based advertising programs on the site to deliver third-party ads or collecting information about your visit for these purposes and give you the ability to opt-out of this use of your information. You may see an icon in or around third-party advertisements on the site that use interest-based advertising programs and on pages where data is collected and used for online interest-based advertising. Clicking on this icon will provide additional information about the companies and data practices that were used to deliver the ad. You can opt out of delivery of targeted advertising to you by CarGurus and by multiple other companies by visiting: www.aboutads.info/choices, www.networkadvertising.org/managing/opt_out.asp and www.evidon.com. Please note that even if you opt out, you will continue to receive advertisements, but they will not be tailored to your specific interests.
We or advertisers on our site also use Data Technologies, as follows.
Session cookies allow us to track your actions during a single browser session, for example to remember the items returned from a search. They do not remain on your device beyond your session.
Persistent cookies remain on your device between sessions and allow us to authenticate you and to remember your preferences. We also use them to balance the load on our servers and thus to enhance your experience on our website.
Session and persistent cookies can be either first or third-party cookies - a first-party cookie is set by the website being visited. A third-party cookie is issued by a different website to that being visited.
Our website uses a mixture of first-party, session and persistent cookies to deliver its services efficiently and to enhance your experience.
Local Shared Objects or "Flash Cookies"
"Local shared objects," sometimes known as "Flash cookies", may be used by entities who advertise on our site to store your preferences or display content based upon what you have viewed on various websites or mobile applications to personalize your visit. To control your use of Flash cookies, visit Adobe's website at https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html for tools to control and disable Flash cookies. If you use Firefox, you can also obtain an add-on to detect and delete Flash cookies by visiting https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/ and clicking "Add to Firefox".
These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
A "web beacon," also known as an "Internet tag", "pixel tag" or "clear GIF", links web pages to web servers and their cookies. We only use web beacons in emails we send to you to notify us that the email was opened. We do not use web beacons to track your behavior through the site or other Internet sites for online behavioral advertising.
Applications and Widgets for Social Media
On our site, we may display applications or widgets from social media providers that allow interaction or content sharing by their users. These widgets, such as the Facebook® "Share" or "Like" button, are visible to you on the CarGurus web page you visit.
In addition to social media networks, our site also contains references and links to third party web sites that may offer information of interest. This Data Protection Policy does not apply to those web sites, and we recommend reviewing those web sites' privacy policies individually. As discussed in CarGurus' Terms and Conditions of Use, CarGurus is not responsible for the content of such third parties.
2. Information Collected Upon Registration and Requests to be Contacted
Information Collected When Requesting to be Contacted by a Car Seller, Dealer or Manufacturer
If you want to be contacted by a particular car seller, dealer or manufacturer through our site, both that seller, dealer or manufacturer, as applicable, and CarGurus may collect personal data provided by you on the contact form for the seller, dealer or manufacturer, which may include your name, email address, and telephone number so that the seller can contact you, or so that we can email you to request that you submit a dealer review.
Information Collected When Registering with CarGurus; Subscribing
If you choose to register with us, you'll be able to add content to our site (subject to CarGurus' site Terms and Conditions of Use). For example, you may post your own car reviews and participate in our discussion forums. In addition, you will benefit from the ability to personalize your CarGurus site experience. The benefits of registering will increase over time as we get to know you better and introduce new features. We encourage you to register so that you can experience everything that CarGurus has to offer!
If you register with us, in addition to the information collected that is described above, we will also collect registration information. We may store all or some of that information in a cookie file on your hard drive, so that our system will recognize you each time you visit our site. In that way, we can save your preferences from visit to visit and present you with a customized site, without requiring you to log into our site every time you visit.
Once you register, we may also use registration information to periodically contact you with news or important information about your account; to provide you with information on special offers, products or services that we think may be of interest to you; to communicate about, and administer your participation in, special events, programs, surveys, contests, sweepstakes and other offers or promotions; or to request your feedback on our site. When you subscribe to receive specific information or services on our site, we may use subscription information to provide you with information on special offers, products or services that we think may be of interest to you; or to communicate about, and administer your participation in, special events, programs, surveys, contests, sweepstakes and other offers or promotions.
You may opt-out of any or all future marketing communications or notifications from CarGurus or a car seller, dealer or manufacturer by visiting https://www.cargurus.co.uk/Cars/garage/manage/viewSettings.action or clicking on the unsubscribe link we place at the footer of every email we send that is not in response to an action taken by the user.
Uses made of the information
Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Personal Data you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).
How your personal data are shared and accessed
Except as set out below, we may aggregate personal data from all of our users and provide that information in the aggregate to car sellers, dealers and manufacturers and advertisers, for marketing and promotional purposes. However, if we do so, that information will be anonymized so as not to be personally-identifiable.
a. Car Sellers, Dealers and Manufacturers /Requests.
With your express consent, CarGurus may sell personal data to car sellers, dealers and manufacturers who may use that data for purposes of marketing their products or services to you directly.
When you request services beyond those directly available from us, we may provide your personal data to car sellers, dealers and manufacturers. For example, should you request a price quote for a new car, your personal data will be distributed to car sellers, dealers and manufacturers.
Car sellers, dealers and manufacturers may use your personal data to process your order, respond to your requests for information or provide further information about products and services that they believe will meet your continuing needs. Your personal data will be subject to their privacy policies, and you should contact them directly for more information about their specific privacy and opt-out policies. By submitting a request for such information through us, you consent to our transmission of your personal data to the car sellers, dealers and/or manufacturers that we, in our sole discretion, believe may be able to provide such services.
b. Service Providers.
We may allow third party service providers (such as market research firms, marketing services providers and advertising agencies) access to your personal data to perform services on our behalf. We contractually require our service providers to provide protection for personal data and to limit the use of such information solely for the purpose of providing the specified services on our behalf.
c. Legal Authorities.
CarGurus will cooperate with legal authorities, and may in some circumstances be required to disclose personally identifiable information in response to requests from law enforcement authorities, or in response to a subpoena or other legal process. We can also share information about you if we believe we must in order to (a) prevent a violation of the law; (b) protect or defend our interests and the legal rights or property of CarGurus and our affiliates; (c) protect the rights, interests, safety and security of users of the site or members of the public; (d) protect against fraud or for risk management purposes; or (e) comply with prudent legal practice as we may determine, and applicable law or legal process. We may also share information about you in the course of legal proceedings if we are legally required to do so, if we reasonably believe that doing so may mitigate our liability, or if doing so will assist us in enforcing our legal rights. We also may share your information in connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, and in the unlikely event of bankruptcy.
Storage of personal data.
Your personal data is transferred to, and stored on servers in the U.S. Also, some of our service providers may transfer and store information in servers hosted in countries outside the U.S. and European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the provision of support services. As such, your personal information may be subject to the laws of other countries (including the U.S.), where the data protection and other laws may not be as adequate as in your country of residence. By submitting your personal data, you agree to this transfer to the U.S., storing or processing of your personal data.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your personal data may be disclosed in response to inquiries or requests from government authorities in the countries in which we operate or to regulators.
Your profile on CarGurus will be publicly viewable and identifiable via your screen name. CarGurus will not share your email address with any other members nor display it any public manner. If you choose to participate in our member-to-member communications programs, you may be contacted by other CarGurus members, using CarGurus as an intermediary. All CarGurus members will have the option to turn off the member-to-member communication features at any time.
When you submit your e-mail address and/or phone number to a particular seller through the CarGurus site, you agree to being contacted by the seller by various means, including by phone at the number provided, text message, email, automatic telephone dialing system and/or an artificial or prerecorded voice.
Information that you make available to us and others via social media networks, forums, blogs, list serves, chat rooms or similar functionality is public information that we or others may share or use in accordance with the law.
By using the site, you consent to our automatic collection of information that does not personally identify you about your visit to our site, whether you register with CarGurus or not.
By providing your personal data, such as when you register, during the course of your use of your registration, or when you seek to contact a third party through the site, you consent to the collection, use and disclosure of personal data described in this Data Protection Policy, in our sole and absolute discretion.
Security - steps we take to protect your personal data.
CarGurus has implemented commercially reasonable administrative, technical, personnel, and physical security measures to help protect the personal data stored in our systems against loss, theft and unauthorized use, disclosure or modification. For example, we limit access to personal data about you to employees who we believe reasonably need to come into contact with that information. We also employ processes (such as password hashing, login auditing, and idle session termination) to protect against unauthorized access to your personal data. Technical measures also include use of firewall protection and in some instances may include encryption technology. Although we take reasonable precautions to assess the reliability of such technology, we rely on the statements of the vendors of those products and services as part of its security evaluation. Please note that although CarGurus has endeavored to create a secure and reliable Site for users, the confidentiality of any communication or material transmitted to/from the Site, and the security of your personal data, cannot be guaranteed. CarGurus urges you to take every precaution to protect your personal data when you are on the Internet.
Any personal data that CarGurus collects is kept as long as necessary to fulfill the purposes outlined in this Data Protection Policy, unless a longer retention period is required by law. When we no longer need to retain your personal data, it will be destroyed or anonymized in a manner that designed to preserve its private and confidential nature. Complete removal may not be immediate, however, and in some instances, archival copies may be impossible to delete.
This site is a general audience site, and we do not knowingly collect information about children. Should a child whom we know to be under 16 send personal data to us, we will use that data only to respond directly to that child to inform him or her that we must have parental consent before receiving his or her personal information.
Your access and use of our site and any dispute regarding privacy is subject to this Data Protection Policy and our Terms and Conditions of Use, including limitations on damages, resolution of disputes, and application of the law of the Commonwealth of Massachusetts.
Cancelling Your CarGurus Registration
You can cancel your registration with us by e-mailing cancel@CarGurus.com, or by placing your email address in the subject of the e-mail. We will send you an e-mail to confirm your request. After we receive confirmation, we will remove your data from our active database, but some information may remain in our archives for our own corporate recordkeeping and logs under law and in the event of possible future litigation. As a practical matter, given the number of car sellers, dealers or manufacturers, we may not be able to remove your data from car sellers, dealers or manufacturers’ databases, if we have transmitted any information to them.
Access And Update Your Personal Data; Contact
You can review and update the personal data you have provided through the registration process by visiting https://www.cargurus.co.uk/Cars/garage/manage/viewSettings.action. To request an accounting of how your information has been used or disclosed, or to make a complaint or ask a question, you can also contact us at:
CarGurus Ireland Limited
Styne House, 1st Floor, Upper Hatch Street
Dublin 2, Ireland
0808 178 3318