Royal Enfield Royal Enfield Royal Enfield Royal Enfield Royal Enfield

노트

당사는사이트를이용하고콘텐츠및광고를개인맞춤형으로특화하면서당사트래픽분석작업실행을위해당사자체적으로쿠키를사용합니다.또한당사는사용자의당사사이트이용관련정보를분석파트너들과공유하며,파트너들은사용자가이들에게제공하였거나또는사용자가이들의서비스를이용한내역에서수집한기타의정보와당사가수집한위의정보를취합할수있습니다.쿠키및옵트아웃에대한상세한내용을확인하려면(개인정보보호및쿠키정책)버튼을클릭합니다. 사용자가쿠키사용에동의하지않는경우,사이트의모든기능이원래의도한용도로작동하지않을수있습니다.

 

 

 

A. Cookie Banner

 

Current version on website

 

 

This needs to be replaced with the following:

 

“We use our own cookies for the use of the site, personalize content and ads and to perform analyses of our traffic. We also share information about your use of our site with analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. If you want to learn more about cookies and opt-out, click the Privacy and Cookie policy. If you choose not to agree to the use of cookies all features of the site may not operate as intended. “

 

This pop-up should appear for each browsing session.

 

What does GDPR say about cookies?

 

·       GDPR Recital 26, which states that any data that can be used to identify an individual either directly or indirectly (whether on its own or in conjunction with other information) is personal data. So the cookies under consideration here are the ones which can be used as user identifiers.

·       The users must have a choice. The fact that they use a website does not mean they agree to all cookies. The type of phrase used at the moment is barely informative enough and it certainly doesn’t give a choice. A website owner will not be able to constrict users to accept cookies in exchange for information.

·       Like all other consent under the GDPR, consenting to cookies needs to be a clear affirmative action. An example is clicking through an opt-in box or choosing settings from the menu. 

 

 

What if the user does not accept the use of cookies?

  •  

·       In case a user does not accept to the use of cookies, Royal Enfield should ensure that it does not use the cookies or perform any analytics on the cookies.

·       The following methodology should be used :

·       Set another cookie that stores the cookie acceptance value (0 – No response and 1 –If clicked option “Accept”)

·       Check the value of this cookie at the web campaign code. The by-default value of this cookie should be 0

·       If the value is 1, then the data can be captured, else the data should not be captured.

 

B.   Privacy Notice and Consent

 

Current careers page does not have any checkbox for acceptance of privacy policy or terms if one applies to a job :

 

Current test ride booking page has a check box for agreeing to the terms and conditions but not privacy policy which is stated through the disclaimer :

 

 

This needs to be changed at all point where personal data is collected to the following :

"I agree to the Terms and Conditions and Privacy Policy."

 

The disclaimer can stay as it is, however the checkbox can be re-aligned to be somewhere near the disclaimer so the user reads it in concurrence.

 

C. Child's Consent

 

We also suggest that age be captured as part of the fields in Test Ride form

 

The significance of this would be to track if Royal Enfield is capturing data of auser below the age of 16.In case RE captures data of users below the age of 16 parental consent would be required.

 

Alternately, we can have a declaration from the user to ensure that they are above 16 years of age.

 

"I declare that I am above 16 years of age"