Privacy Policy

Home / Privacy Policy

Privacy / Cookies / Data Rights

How we handle your personal data, explained clearly.

This Privacy Policy describes how AUTOOL (“we,” “us,” or “our”) collects, uses, shares, and protects personal information when you visit or make a purchase through shop.autooltech.com. We are committed to safeguarding your privacy and processing your data lawfully, fairly, and transparently in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Your RightsAccess / Delete / Correct
Cookie RuleConsent When Required
GDPR ResponseWithin 1 Month
Privacy Contactshop@autooltech.com

1. Who We Are (Data Controller)

AUTOOL is the data controller responsible for your personal information collected through our website at shop.autooltech.com. As the data controller, we determine the purposes and means of processing your personal data and are accountable for ensuring that processing complies with applicable data protection legislation.

If you have any questions or concerns about how we handle your personal information, or if you wish to exercise any of your data protection rights, you may contact us at any time by emailing shop@autooltech.com.

2. Information We Collect

We collect and process several categories of personal information in order to operate our website and fulfill our obligations to you. The types of information we collect include:

Personal & Contact Information

  • Full name (first and last)
  • Email address
  • Phone number
  • Billing address
  • Shipping address

This information is collected when you create an account, place an order, subscribe to our communications, or contact our support team.

Order & Transaction Data

  • Products ordered and quantities
  • Order numbers and order history
  • Payment status (e.g., completed, pending, refunded)
  • Shipping and tracking details
  • Return and refund records

We do not store full credit card numbers or payment credentials on our servers. Payment processing is handled by third-party payment processors.

Device & Usage Information

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and navigation paths
  • Timestamps of visits and interactions
  • Referring website or search terms
  • Approximate geographic location (derived from IP address)

This data is collected automatically through cookies, server logs, and similar technologies when you browse our website.

Customer Support Data

  • Messages and correspondence sent to our support team
  • Photos and videos submitted as part of product support, warranty claims, or return requests
  • Troubleshooting details and technical descriptions of issues
  • Any other materials you voluntarily provide during support interactions

We retain support communications to resolve your inquiries effectively and to improve the quality of our customer service.

Cookies & Similar Technologies

Our website uses cookies and similar tracking technologies (such as pixels and local storage) to recognize your browser, remember your preferences, enable core site functionality, and gather usage statistics. For detailed information about our cookie practices, see Section 7 below.

3. How We Collect Information

We obtain personal information through the following channels:

  • Directly from you — when you create an account, place an order, fill out a form, subscribe to newsletters, contact our customer support team, leave a product review, or otherwise communicate with us.
  • Automatically — when you visit or interact with our website, we automatically collect device and usage information through cookies, server logs, and similar technologies. This includes your IP address, browser type, pages visited, and timestamps.
  • From third parties — we may receive information from payment processors (such as payment confirmation status), shipping carriers (such as delivery confirmation), fraud detection services, analytics providers, and advertising platforms. We may also receive information if you interact with us through social media or third-party marketplaces.

4. How We Use Your Information

We use the personal information we collect for the following purposes:

  • Order fulfillment — to process your orders, authorize payments, arrange shipping and delivery, handle returns and refunds, and send order-related communications such as confirmations and tracking updates.
  • Customer service — to respond to your inquiries, resolve complaints, provide technical support, process warranty claims, and communicate with you about your account or orders.
  • Website operation and improvement — to operate, maintain, and improve the functionality, performance, and user experience of our website, including troubleshooting issues and testing new features.
  • Security and fraud prevention — to detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal or harmful activities that may affect our website, customers, or business.
  • Analytics — to analyze how visitors use our website, understand shopping behavior and trends, measure the effectiveness of our content and marketing campaigns, and generate aggregate statistical reports.
  • Legal compliance — to comply with applicable laws, regulations, tax requirements, accounting obligations, court orders, and governmental requests, and to establish, exercise, or defend legal claims.
  • Marketing communications (with consent) — where you have given us your consent or where otherwise permitted by law, we may send you promotional emails, newsletters, or product recommendations. You may withdraw your consent or unsubscribe from marketing communications at any time.

5. Legal Basis for Processing (GDPR)

Where the General Data Protection Regulation (GDPR) applies, we process your personal information only when we have a valid legal basis to do so. The legal bases we rely on include:

Contract Performance

Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes processing your orders, arranging payment and shipping, handling returns, and providing after-sales support.

Legal Obligation

Processing is necessary to comply with a legal obligation to which we are subject. This includes maintaining records for tax and accounting purposes, responding to lawful requests from government authorities, and complying with consumer protection and product safety regulations.

Legitimate Interests

Processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include operating and improving our website, ensuring network and information security, preventing fraud, and conducting business analytics. We carefully balance our interests against your privacy rights in every case.

Consent

Where none of the above bases apply, we process your personal information based on your freely given, specific, informed, and unambiguous consent. This applies to activities such as sending marketing emails and placing non-essential cookies. You have the right to withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

6. Cookies & Tracking Technologies

Cookies are small text files placed on your device when you visit our website. We use cookies and similar technologies for the purposes described below.

Necessary Cookies

These cookies are essential for the basic operation of our website. They enable core functionality such as page navigation, shopping cart management, secure checkout, and user authentication. Without these cookies, the website cannot function properly. These cookies do not require your consent.

Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting information about pages visited, time spent on the site, error messages encountered, and other usage statistics. The data collected is aggregated and used solely to improve website performance and user experience.

Marketing Cookies

These cookies may be used to deliver advertisements and promotional content that are relevant to your interests. They may also be used to limit the number of times you see a particular advertisement and to measure the effectiveness of advertising campaigns.

Cookie Consent & Management

Where required by applicable law, we obtain your consent before placing non-essential cookies (such as analytics and marketing cookies) on your device. You may manage your cookie preferences at any time through our cookie consent tool (if available on our website) or through your browser settings.

Most web browsers allow you to control cookies through their settings. You can typically choose to block all cookies, accept all cookies, or be notified when a cookie is set so you can decide whether to accept it. Please note that blocking certain cookies may affect the functionality of our website and your ability to use certain features.

For more information about cookies and how to manage them, you may visit www.allaboutcookies.org.

7. Sharing & Third-Party Disclosure

We do not sell your personal information. We may share your personal data with the following categories of third-party service providers and partners, solely for the purposes described in this Privacy Policy:

  • Payment processors — to securely process your payments, verify transactions, and handle refunds. These providers are PCI-DSS compliant and do not have access to your personal data beyond what is necessary for payment processing.
  • Fraud-screening providers — to assess transaction risk, detect potentially fraudulent orders, and protect both you and our business from unauthorized activity.
  • Shipping carriers and logistics partners — to fulfill and deliver your orders, provide tracking information, and manage customs clearance for international shipments.
  • Hosting and infrastructure providers — to host our website, store data securely, and maintain server infrastructure that keeps our services running reliably.
  • E-commerce platform systems — to operate our online store, manage product catalogs, process orders, and maintain customer accounts.
  • Analytics providers — to help us understand website traffic, user behavior, and the effectiveness of our marketing efforts through aggregated and anonymized data analysis.
  • Customer support platforms — to manage support tickets, facilitate communication with customers, and track the resolution of inquiries and complaints.

We require all third-party service providers to respect the security and confidentiality of your personal data and to process it only in accordance with our instructions and applicable data protection laws. We do not permit our third-party service providers to use your personal data for their own purposes.

We may also disclose your personal information where we believe in good faith that disclosure is necessary to comply with applicable laws or regulations, respond to a valid legal process (such as a court order or subpoena), protect our rights, property, or safety, or protect the rights, property, or safety of our customers or the public.

8. International Data Transfers

As an international e-commerce business, your personal information may be transferred to and processed in countries other than the country in which you reside, including countries outside the European Economic Area (EEA) that may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal data outside the EEA, we take steps to ensure that appropriate safeguards are in place to protect your information in accordance with applicable data protection laws. These safeguards may include:

  • Transferring data to countries that have been recognized by the European Commission as providing an adequate level of data protection.
  • Using Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to countries without an adequacy decision.
  • Relying on other lawful transfer mechanisms recognized under applicable data protection legislation.

If you would like more information about the specific safeguards we use for international data transfers, please contact us at shop@autooltech.com.

9. Data Retention

We retain your personal information only for as long as is reasonably necessary to fulfill the purposes for which it was collected, including to satisfy any legal, regulatory, accounting, or reporting requirements. The specific retention period depends on the nature of the data and the purpose of processing.

In determining appropriate retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, whether we can achieve those purposes through other means, and applicable legal, regulatory, and contractual requirements.

Retention Criteria

  • Order and transaction data — retained for as long as necessary to fulfill our contractual obligations and to comply with tax, accounting, and legal record-keeping requirements.
  • Account information — retained for the duration of your account and for a reasonable period after account closure to handle any follow-up inquiries or disputes.
  • Customer support records — retained for a reasonable period after the resolution of your inquiry to allow for follow-up and quality assurance.
  • Device and usage data — generally retained for a shorter period and used primarily in aggregated or anonymized form for analytics and security purposes.
  • Marketing consent records — retained for as long as your consent remains active and for a reasonable period afterward to demonstrate compliance.

When personal data is no longer required, we will securely delete or anonymize it so that it can no longer be associated with you.

10. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, destruction, or accidental loss. These measures include, but are not limited to:

  • Using SSL/TLS encryption to protect data transmitted between your browser and our website.
  • Restricting access to personal data to authorized personnel who need it to perform their job functions.
  • Using secure hosting infrastructure and firewalls to protect our servers and databases.
  • Regularly reviewing and updating our security practices to address emerging threats and vulnerabilities.
  • Requiring third-party service providers to maintain appropriate security standards when handling your data on our behalf.

While we strive to protect your personal information, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your data, but we are committed to taking all reasonable steps to minimize risk.

11. Your Privacy Rights

Depending on your location and applicable data protection laws (including the GDPR), you may have the following rights regarding your personal information:

  • Right of access — you have the right to request a copy of the personal information we hold about you, along with information about how we process it.
  • Right to rectification — you have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
  • Right to erasure (right to be forgotten) — you have the right to request that we delete your personal information, subject to certain legal exceptions (such as where we are required to retain it for legal compliance).
  • Right to restrict processing — you have the right to request that we restrict the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data or object to our processing.
  • Right to object — you have the right to object to the processing of your personal information where we rely on legitimate interests as our legal basis, or where we process your data for direct marketing purposes.
  • Right to data portability — you have the right to receive a copy of the personal information you provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
  • Right to withdraw consent — where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
  • Right to lodge a complaint — you have the right to lodge a complaint with a competent data protection supervisory authority if you believe that our processing of your personal information violates applicable data protection laws.

How to Exercise Your Rights

To exercise any of the rights described above, please contact us by emailing shop@autooltech.com. When submitting a request, please provide sufficient information to allow us to verify your identity and locate your personal data. We may need to request additional information from you to confirm your identity before we can act on your request.

There is no fee for exercising your rights in most circumstances. However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable administrative fee or decline to act on the request, as permitted by law.

Response Times

We aim to respond to all legitimate privacy rights requests within one month of receiving the request. In certain cases, particularly where requests are complex or numerous, we may extend this period by up to two additional months as permitted under the GDPR. If an extension is necessary, we will inform you within the first month and explain the reason for the delay.

If we are unable to fulfill your request (for example, because a legal exemption applies), we will notify you and explain the reasons for our decision.

12. Children’s Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect, solicit, or process personal information from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at shop@autooltech.com and we will take reasonable steps to delete such information from our systems promptly.

13. Third-Party Links

Our website may contain links to third-party websites, services, or resources that are not owned or controlled by AUTOOL. This Privacy Policy applies only to information collected through shop.autooltech.com. We are not responsible for the privacy practices, content, or security of any third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit before providing them with your personal information.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, operational procedures, or website features. When we make changes, we will update the policy on this page and revise the date at the top of the document. For material changes that significantly affect how we process your personal information, we may also notify you through a prominent notice on our website or by email where appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our website after any changes to this policy constitutes your acknowledgment of the updated terms.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Privacy Contact Emailshop@autooltech.com
Websiteshop.autooltech.com

We will do our best to address your inquiry promptly and thoroughly. If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.

Legal Notice

We may retain or disclose your personal information where necessary to comply with legal obligations, protect our rights, property, or safety, protect the rights, property, or safety of others, enforce our terms and policies, or respond to lawful requests from public authorities (including law enforcement and national security agencies). Nothing in this Privacy Policy is intended to limit any rights you may have under applicable mandatory data protection laws.