Royal Enfield Royal Enfield Royal Enfield Royal Enfield Royal Enfield

Note

We use our own cookies for the use of the site, personalize content and ads and to perform analyses of our traffic. We also share information about your use of our site with analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. If you want to learn more about cookies and opt-out, click the button Privacy and Cookie Policy. If you choose not to agree to the use of cookies all features of the site may not operate as intended.

 

 

 

A. Cookie Banner

 

Current version on website

 

 

This needs to be replaced with the following:

 

“We use our own cookies for the use of the site, personalize content and ads and to perform analyses of our traffic. We also share information about your use of our site with analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. If you want to learn more about cookies and opt-out, click the Privacy and Cookie policy. If you choose not to agree to the use of cookies all features of the site may not operate as intended. “

 

This pop-up should appear for each browsing session.

 

What does GDPR say about cookies?

 

·       GDPR Recital 26, which states that any data that can be used to identify an individual either directly or indirectly (whether on its own or in conjunction with other information) is personal data. So the cookies under consideration here are the ones which can be used as user identifiers.

·       The users must have a choice. The fact that they use a website does not mean they agree to all cookies. The type of phrase used at the moment is barely informative enough and it certainly doesn’t give a choice. A website owner will not be able to constrict users to accept cookies in exchange for information.

·       Like all other consent under the GDPR, consenting to cookies needs to be a clear affirmative action. An example is clicking through an opt-in box or choosing settings from the menu. 

 

 

What if the user does not accept the use of cookies?

  •  

·       In case a user does not accept to the use of cookies, Royal Enfield should ensure that it does not use the cookies or perform any analytics on the cookies.

·       The following methodology should be used :

·       Set another cookie that stores the cookie acceptance value (0 – No response and 1 –If clicked option “Accept”)

·       Check the value of this cookie at the web campaign code. The by-default value of this cookie should be 0

·       If the value is 1, then the data can be captured, else the data should not be captured.

 

B.   Privacy Notice and Consent

 

Current careers page does not have any checkbox for acceptance of privacy policy or terms if one applies to a job :

 

Current test ride booking page has a check box for agreeing to the terms and conditions but not privacy policy which is stated through the disclaimer :

 

 

This needs to be changed at all point where personal data is collected to the following :

"I agree to the Terms and Conditions and Privacy Policy."

 

The disclaimer can stay as it is, however the checkbox can be re-aligned to be somewhere near the disclaimer so the user reads it in concurrence.

 

C. Child's Consent

 

We also suggest that age be captured as part of the fields in Test Ride form

 

The significance of this would be to track if Royal Enfield is capturing data of auser below the age of 16.In case RE captures data of users below the age of 16 parental consent would be required.

 

Alternately, we can have a declaration from the user to ensure that they are above 16 years of age.

 

"I declare that I am above 16 years of age"