JAGUAR APP PRIVACY POLICY
Effective as of 06 January 2025
WHAT YOU CAN EXPECT TO SEE FROM READING THIS PRIVACY POLICY
Jaguar Land Rover is one of the world’s leading producers of premium cars. Innovation and design give our customers experiences they love for life – anticipating and exceeding their needs and expectations. Quality and excellence are our hallmarks. Taking care of our customers is paramount.
We respect the privacy of every individual whose information we process. This Privacy Policy explains how we use personal data when you engage with Jaguar App.
DATA PROTECTION – WHAT YOU SHOULD KNOW
1. WHO WE ARE
Who We Are: When we refer to ‘Jaguar Land Rover’, ‘JLR’ ‘we’ ‘our’ or ‘us’ in this Privacy Policy, we refer to: Jaguar Land Rover Limited, whose registered office is at: Abbey Road, Whitley, Coventry CV3 4LF, and whose registered number is: 1672070.
If you want to find out more about the JLR group, please have a look at the “Tell me more” section below.
What this Privacy Policy covers: This Privacy Policy covers the “Jaguar App” which is the smartphone application (“App”) that you have downloaded from the Online Store onto your smartphone or handheld device (collectively referred to as “Device”) which enables you to navigate and explore the Jaguar brand through curated content.
How we’re regulated: For UK data protection legislation purposes, Jaguar Land Rover Limited is registered with the Information Commissioner’s Office under registration number ZA020510.
TELL ME MORE
About the JLR Group...
Jaguar Land Rover is part of a group of companies whose parent company is Jaguar Land Rover Automotive plc. You can find out more corporate information about Jaguar Land Rover on our website at: https://www.jaguarlandrover.com/.
Jaguar Land Rover is part of the Tata group. More information about the Tata group and the Tata companies can be found here:
http://www.tata.com/aboutus/sub_index/Leadership-with-trust and http://www.tata.com/company/index/Tata-companies
2. INFORMATION ABOUT THE PERSONAL DATA WE RECEIVE OR COLLECT
We may collect and process the following data about you:
Device Information: We may collect information about the device you use to access the App which could include internet protocol (IP) address including approximate location, device ID and chosen language. This information is required where you have chosen to enable analytics and/or push notifications. We will gather your consent for both push notifications and analytics which is outlined below.
Additional Information: if you contact us, we may keep a record of that correspondence, and the unique identifier associated to your use of the App.
Note: During the App experience you may choose to stay informed about Jaguar news, product launches and events. When doing so you will be redirected to our local market website, and we advise you to review their local privacy policy.
3. HOW WE USE YOUR PERSONAL DATA
The main uses of your personal data and the legal grounds we rely on for these are:
ACTIVITY: | APPLICABLE LEGAL GROUNDS: |
---|---|
General App Usage & Support · Maintenance of App features and updates · Resolution of issues, queries and complaints · Records Maintenance | Contract |
Network and information security · To maintain our network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access and to maintain appropriate server locations (for example, we may work with third parties to support appropriate use of cloud services). | Legitimate Interests |
Data Analytics · We will request your consent to proceed with analytics. These analytics will help us improve the App by identifying app issues for resolution and conduct research on marketing content engagement. · You do not need to proceed with analytics, and we have offered you the option to “proceed without analytics” as part of app setup. · You can withdraw your consent for analytics at any point via app settings or reaching out to us via the contact details outlined in section 7 below. Push Notifications · We will request your consent to opt-in to push notifications on your device which will allow us to notify you of any updates/changes to our App including content updates. · You do not need to enable push notifications, and we have offered you the option to opt-out as part of App setup. | Consent |
4. WHO WE SHARE PERSONAL DATA WITH
We may share your personal data with:
- We use a number of third parties and service providers (further detail below) who may have access to our systems and data in order to provide service to us and to you on our behalf. These services may include hosting or could service providers, analytics, content updates and general App support services.
- Jaguar Land Rover group companies in line with the data uses set out in this Privacy Policy.
- If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or requests, or in order to enforce these terms or to investigate actual or suspected breaches.
- We have safeguards in place with our service providers to ensure that your data is kept securely and used in accordance with the purposes set out in this Privacy Policy.
TELL ME MORE ...
… about JLRs network of Independent Third Parties …
We work with a number of independent third parties to provide services, such as our retail network. Personal data may be shared with them where appropriate to support with customer queries or other service requirements.
… about Suppliers ...
We use a number of service suppliers to support our business and these service providers may have access to our systems and data in order to provide services to us and on your behalf, for example information technology such as hosting service providers, customer services and relationship handling, service and system specialists, website analytics support, delivery and support for events and experiences.
… about JLR Group companies, and how they may provide service support ...
As a member of the Tata Group of companies, we can benefit from the large IT infrastructure and expertise that exists within our wider corporate structure. This means that the personal data you provide to us may be accessed by members of our group of companies only as necessary for service and system maintenance and support, aggregate analytics, business continuity, IT and administrative purposes. For example where necessary to support particular enquiries, or to provide technical support that maintains App functionality.
… about Public bodies, law enforcement and regulators ...
From time to time, the police, other law enforcement agencies and regulators can request personal data, for example for the purposes of preventing or detecting crime, or apprehending or prosecuting offenders.
5. INFORMATION ABOUT INTERNATIONAL DATA TRANSFERS
The App uses servers which are hosted in the UK and EU. However we may share personal data with suppliers or group companies located outside of the UK or EU where this is necessary for the purposes described above. Where this happens, we apply safeguards to add to the data protections that apply to those data transfers. This includes an assessment of the adequacy of the third country in question and use of European Commission approved model contract terms where appropriate.
TELL ME MORE ...
… about the adequacy checks JLR puts in place for international data transfers …
Where JLR chooses to share personal data with a third party located outside the UK or EU, the following factors are assessed to support adequate transfer of this data:
Internal checks to identify the existence or absence of any adequacy decision by the European Commission. We have group companies, and use suppliers located in markets that have been approved by the European Commission as having essentially equivalent data protection laws, which the UK also recognises. This list and information about the protections the European Commission has considered is available via this link.
- Use of measures like European Commission approved measures to support adequate transfers of personal data. We also have group companies, and use suppliers located in countries that are elsewhere in the world. To manage data protection compliance with these transfers, we will use European Commission approved data transfer mechanisms such as use of model contractual clauses approved by the Commission, which the UK also recognises for data transfers from the UK. We will also assess where applicable where a supplier is able to demonstrate to us they have Binding Corporate Rules. (Binding Corporate Rules is a GDPR – recognised Data Protection mechanism to ensure adequate personal data transfers). We may work with suppliers who are able to demonstrate to us they are Privacy Shield certified.
- To understand the protections required in European Commission approved Model Clauses, a template copy of these is accessible from their website.
- To see a full list of approved Binding Corporate Rules, please click this link.
- A full list of Privacy Shield participants, and their Privacy Shield certification information is available from this website link.
6. HOW LONG WE HOLD PERSONAL DATA FOR.
We will keep your personal data for as long as we need it to provide the products and services you have signed up to. We may also keep it to comply with our legal obligations, respond to queries and resolve any disputes, to meet our legitimate interests and to enforce our rights.
The criteria we use to determine storage periods include the following: Information we have told you about storage periods on our app or in app terms and conditions. We will also use criteria such as applicable contractual provisions that are in force, legal statutory limitation periods, applicable regulatory requirements and industry standards.
7. YOUR DATA PROTECTION RIGHTS.
You have rights in connection with your personal data that will include the following: to withdraw consent where you have given it, to be informed and have access to your personal data, to correct or complete inaccurate data, and in certain circumstances to restrict, request erasure, object to processing, or request portability of your personal data to another organisation.
If you do need or want to get in touch with us for any reason regarding your data protection rights, please get in touch using the link below, and add into the subject header that it relates to your data protection rights.
Link: https://www.jaguar.co.uk/copy-nothing/contact-us.html
If you are not happy and have a data protection related complaint, please contact our Data Protection Office direct at this email address: DPOffice@jaguarlandrover.com. If you are not satisfied, you also have the right to complain to the Information Commissioner’s Office.
To learn more about these data protection rights, see “Tell me more” below.
TELL ME MORE ...
… about my data subject rights ...
If you have given us consent to process your personal data, you have the right to withdraw that consent at any time.
You can ask for access to the personal data we hold about you, object to the processing, request that we correct any mistakes, restrict or stop processing or delete it. If you do ask us to delete or stop processing it, we will not always be required to do so. If this is the case, we will explain why.
In certain circumstances you can ask us to provide you with your personal data in a usable electronic format and transmit it to a third party (right to data portability). This right only applies in certain circumstances. Where it does not apply, we will explain why.
… about how I can get in touch with the Information Commissioner’s Office (ICO) …
The Information Commissioner’s Office (the ICO) is the supervisory authority that regulates personal data in the UK. You can get in touch with the ICO in any of the following ways:
By going to their website: www.ico.org.uk, by giving them a call on 0303 123 1113, or by writing to them at their postal address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow SK9 5AF.
8. KEEPING YOUR INFORMATION SECURE
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
We require all our services providers to have appropriate measures in place to maintain the security of your information.