When shopping with us, you do not need to worry about the safety of your debit/credit card or other personal information. Our high-strength encryption and advanced TLS configuration exceed industry standards and protects all data you transmit to us from the moment you visit our website. We are also Payment Card Industry (PCI) Compliant, which means the way we handle debit/credit card data (including through our web servers and networks) meets a high bar for following the best security practices and running the most "hardened" software versions and configurations. Additionally, our website's identity is insured through our security certificate provider. This insurance basically guarantees that we are who we say we are. In other words, you can be assured that you are dealing with the real PRO Car Studio. If our provider were to mis-issue a certificate with our name on it to a fraudulent site, you could be reimbursed if you lost money as a result of this. So, in short, when you give us your information, you can be sure that it is going to our secure servers.
Effective Date: 8/8/2019, Last Update: 2/8/2024 (clarifications to the Google Analytics and Google Ads section)
Your privacy is very important to us, and that is why we have invested much time and thought into our privacy and security practices.
California Residents: Your CCPA / CPRA Rights
If you are a California Resident, you have certain rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Here's a summary of your rights under the CCPA / CPRA. As a California Resident, you have the right to:
- Know how our website collects, sells, and shares your Personal Information, and what categories of 3rd parties we sell or share it with and for what purposes. Please note we currently do not sell customer Personal Information and have never done so in the past.
- See what Personal Information our website has collected about you (may be limited to the past 12 months).
- Have your Personal Information deleted that our website has already collected (with some exceptions as provided by law).
- Opt out of having your Personal Information shared or sold to 3rd parties (with the exception of sharing for Business Purposes).
- Correct inaccurate Personal Information that we might have about you.
- Limit the use and disclosure of Sensitive Personal Information collected about you. Please note we already do this to the maximum extent possible; in fact, we do not directly collect or store full debit/credit card information through our website, which is the only Sensitive Personal Information you can provide to our website. Instead, we use a technology where that information goes directly to our merchant processor, and it is only used to pay for orders you have with us. We are fully PCI Compliant as well.
- Equal services, meaning we are not allowed to discriminate based on your choice of exercising these rights, and we cannot make you waive these rights either.
If you are a California Resident, you can submit request(s) to us to exercise any of your rights described above. Simply email us at email@example.com or mail us a letter (see our Contact Us
page) and state the specific right you are exercising and we will verify the request, ask for any additional details we might need, and then process your request.
Information We Collect That You Provide
The types of Personal Information we collect are: your name, phone number, email, shipping and billing addresses, vehicle type, what parts you're interested in (wish list), payment information, phone audio recordings (with associated phone numbers and Caller IDs) of customer support interactions, email marketing preferences, and any other information you choose to provide us (written or verbally).
The above information types you provide us fall under the following CCPA / CPRA Personal Information categories: Identifiers, Customer Records, Commercial Information, Sensitive Personal Information (only if you provide us debit/credit card details), Biometric Information (audio recordings if you talk to us over the phone). Please note that for PCI Compliance reasons, we do not store your full debit/credit card details on our servers (which never actually see all those details).
Information We Collect Automatically
- Device Specs: We automatically collect data about the computer or device you use to access our website. This data includes information such as operating system version and model, internet connection, web browser type and version, screen resolution, unique device identifiers, and IP address.
- Browsing Behavior: We automatically collect data on links you clicked to get to our website and how you use our website, including which pages you visit, how long you spend on them. We also automatically collect data when you perform certain actions, such as adding a product to the shopping cart, getting a shipping quote, or completing an order. Based on your browsing behavior and actions, we can tell what vehicle(s) you likely have and what part(s) you are likely to be interested in.
- Transaction Information: During the checkout process, we automatically collect information about your transaction, such as purchase totals, product details, order date/time, fraud likelihood, and bank name (based on the card type you provide).
Some of the cookies we use are essential to the functioning of our website. For example, cookies are required to use our shopping cart. The non-essential cookies used on our site are set by Google. Read below for more details:
The above information types we automatically collect fall under the following CCPA / CPRA Personal Information categories: Identifiers, Internet / Network Activity, Commercial Information.
How We Use Your Information
We may use both the Personal Information you provide us and the Personal Information we collect automatically for the following purposes:
How We Share Your Information
- Basic website functionality such as remembering what parts you are interested in (wish list) and saving parts to your shopping cart.
- Allow you to purchase products from us and fulfill your order.
- Provide you with order updates and other important messages.
- Maintain and improve our website (including site structure, server settings, and content we present).
- Monitor network traffic and defend against website attacks.
- Send you email promotions and product news if you choose to subscribe to our Loyalty Program Newsletter (this can be opted out of).
- To answer any order or part questions you may have, and request optional feedback, reviews, and product photographs from you.
- Gather insight into how customers in general use our website.
- Review and improve the performance of Google Ads we place on Google and other sites.
- Detect and investigate customer payment fraud against us.
- Monitor and improve our support (we may internally use select customer interactions as training for employees).
- Comply with laws and regulations or legal processes, prevent or investigate illegal activities, enforce our Terms and Conditions, and protect our rights or the rights of our customers.
- For anything else you provide explicit consent on.
We do not and have never sold customer Personal Information, but in order to complete your order and provide you with the best service and support, we do need share some of your Personal Information with other companies. We may share your Personal Information with:
- Payment service providers that will securely process your payment.
- Fraud prevention/detection service providers and data brokers we use to combat customer payment fraud against us.
- Partner vendors and manufacturers to ship your order, depending on the availability of the particular part(s) you ordered.
- Shipping carriers such as UPS, USPS, and FedEx and shipping API providers to interact with those carriers.
- Email marketing providers - if you subscribe to our Loyalty Program Newsletter.
- Review service providers, which might request you complete an optional review of our site, customer service, or products we sell.
- Our website hosting provider and website server backup solution provider (both retain copies of our server logs, emails, and databases).
- Website data analytics and internet ads services, which currently are just Google Analytics and Google Ads (described in more detail in the "Information We Collect Automatically" section). Since our website sharing your Personal Information with Google Analytics and Google Ads is not a Business Purpose, you can opt out of it by clicking this link: Do Not Sell or Share My Personal Information (CCPA / CPRA Opt-Out).
The above 3rd party business types fall under the following CCPA / CPRA 3rd party business categories: Business Communication and Collaboration Tools, Data Analytics Providers, Hosting Services Providers, Data Storage Service Providers, Payment Processors, Ad Networks, Order Fulfillment Providers, Data Brokers.
How to Edit or Delete Your Information
Simply login to your account using the "person" menu icon and edit your addresses, email, password, email marketing preferences, or anything else you choose. If you'd like us to delete your account, simply send us an email from the email associated with your account and request account deletion. We will remove your data as much as reasonably possible (some data must be retained for legal compliance, auditing, and other similar purposes). If you are a California Resident, you can submit requests to us to exercise any of your CCPA / CPRA rights to view, correct, or delete your Personal Information we may have collected. Simply email us at firstname.lastname@example.org or mail us a letter (see our Contact Us
page) and state the specific right you are exercising. We will verify the request, ask for any additional details we might need, and then process your request.
How We Handle "Do Not Track" (DNT) Requests
DNT has largely been replaced by Global Privacy (GPC) requests / preferences, as explained below. In fact, the W3C ended its DNT working group in 2019, citing there was not enough support or adoption to continue. Historically, Google Analytics and Google Ads cookies have ignored DNT requests. Moreover, private browsing modes, now supported by all major web browsers, do a better job at protecting user privacy and preventing tracking than DNT does. Besides the Google Analytics and Google Ads cookies, we do set our own 1st party cookies, but they are only used for necessary and basic website functionality. Thus, a browser's DNT setting would not even apply to our own cookies because they do not track you for advertising purposes. Therefore, given the above information, our website simply ignores browser DNT requests.
How We Handle GPC (Global Privacy Control) Requests / Preferences
The Global Privacy Control, or GPC, is a newer and widely supported web standard for giving users control over their default privacy preferences when visiting a website. Our website respects GPC requests / preferences and, if you configure your GPC to do so, will automatically opt you out of sharing your Personal Information for purposes that are not Business Purposes. On our website, this would simply mean opting out of sharing your Personal Information with Google Analytics and Google Ads.
Your Data Choices
The items below are things you can do that will give you more control over the collection, use, storage, and sharing of your Personal Information by us and 3rd parties connected to our operations.
Changes To This Policy
- California Residents: You can submit requests to us to exercise any of your CCPA / CPRA rights to view, correct, or delete your Personal Information we may have collected. Simply email us at email@example.com or mail us a letter (see our Contact Us page) and state the specific right you are exercising. We will verify the request, ask for any additional details we might need, and then process your request. In addition, you can opt out of having our website share your Personal Information with Google Analytics and Google Ads by clicking this link: Do Not Sell or Share My Personal Information (CCPA / CPRA Opt-Out). You can also automatically do this using Global Privacy Control (GPC) preferences, explained above.
- Google Analytics Tracking Opt-Out: Use this browser extension to prevent Google Analytics from tracking you on any website. See Google Analytics Opt-out Browser Add-on for more information and to download.
- Google My Activity: If you have a Google account, visit the Google My Activity page to access, pause, and/or delete your activity across Google products and services.
- Google Ads Settings: Although we do not display Google advertisements on our site, you can also use Google Ads Settings to limit or turn off personalized ads on Google and other websites that display Google advertisements.
- Our Loyalty Program Newsletter (Email Marketing List): We may occasionally send you some PRO Car Studio promotional information via email. We will respect your request to remove you from this mailing list and will do it promptly. You have the option of declining this mailing list during the initial account creation process and you can always change your preferences in your account settings, or via an unsubscribe link on any marketing email.
- Other / General Tracking Blockers: There are variety of privacy "extensions" or "add-ons" you can install that are available for most popular web browsers. These will greatly limit or totally prevent website tracking code from collecting information about you.