Who we are
If you have any questions, remarks or complaints in relation to the processing of your data, you can contact us at email@example.com
The types of personal data we process
We may collect and process the following categories of personal data when you visit our website and/or our subdomains:
- Name, title, gender
- Your contact details and personal account or registration details as well as your company name and business location including address, telephone number, VAT number and your email address.
- Information about your requests and purchases (for example in the web shop or in the MyToyota portal)
- Our communication with you. When you send us an email or chat with us on our website or in the MyToyota portal, we register your communication with us. When you call us, our customer support can register your questions or complaints in our database.
- Information we collect when you use our websites.
-When you visit our websites, we may register your IP address, browser type, operating system, referring website, web-browsing behavior.
-We may receive an automatic notification when you open a newsletter or click on a link in such newsletter.
-With your permission we may collect your location data.
- Information you choose to share with us. You may choose to share information with us, for example, fill out a customer survey or submit an entry for an event.
Cookies and similar technologies
Specific services, apps or events
How we collect your data
In the following, we will explain which data we collect, process and use when and for what purpose.
In order to be able to access the MyToyota portal you need to create an account and submit the following information: name, email, phone number, company and level of access and authorization within the portal. You access the MyToyota portal by using an existing Active Directory. The legal basis for this processing is the end user license agreement.
When you visit our website and subdomains, purchase or use our services or use the MyToyota portal we also access the following information to enable the portal to function properly:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (the page)
- Access status / HTTP status code
- The amount of data transferred
- Message of whether the retrieval was successful
- Notification of why a request may have failed
- Website from which the request comes
- Used browser
- Operating system
- Screen resolution
- Language and version of the browser software.
Subject to your prior cookie consent we may also process the following data:
- Statistical data of the usage of the portal
- Usage data used for customer segmentation for marketing purposes.
The legal basis for this processing is your consent.
MyToyota Store and Toyota webshop
If you would like to order products via our MyToyota Store or our web shop, we will process account information submitted with relevant purchase order. You must register and create a customer account in which the data you provide (company name, address, e-mail address, other contact data) are stored on our servers. Also, in the case of registration, the data mentioned under "Account Information" are collected.
What are the data used for?
- To contact you in connection with contractual negotiations and to process your inquiries
Should contracts be concluded, the data will be used to process the contracts. In this regard, your data may be passed on to a commissioned shipping company and, where necessary, a transfer of your payment data to our payment provider. To prevent unauthorized access by third parties to your personal data, especially financial data, the order process is encrypted using SSL technology.
- To provide our online services and mobile apps to you
- Some of our online services use your location, for example to show you the nearest location of your interest.
- To ease your use of our online services, we may analyze the data we collect when you use our digital media and combine it with information collected via cookies and similar technologies (please see above). For example, to understand which digital channel (email, social media) or device (desktop, table or mobile) you prefer, so we can restrict our communication to that channel or device.
- To communicate with you
We use your contact details to communicate with you, answer your questions, handle your complaints or give you support.
- For statistical research
- We use automatic tools to perform statistical research into general trends regarding the use of our services, websites, and social media and the behavior and preferences of our customers and users.
- To perform our research, we may merge and analyze the different types of data as described above. We will only use aggregated data and do not use name, email address or other directly identifying information. We may also combine such aggregated data with information we receive from our authorized dealers or from public sources. Without your consent we will not use sensitive data for this statistical research.
- Statistical research helps us to develop better services and offerings, to provide more responsive customer support and to improve the design and content of our websites.
- For direct marketing purposes
- We may use your personal information to send you newsletters, brochures, promotions, or other marketing communications.
- To understand what is relevant to you, we may use automatic tools to analyze your personal information. For this purpose, we may use and combine the information described above. We may also combine such aggregated data with information we receive from our group companies or from public sources. Without your consent we will not use data for this statistical research.
- We use the results of our analysis to tailor our marketing communications to your specific interests and preferences. For example, if our analysis shows that you may be interested in certain types of machines or a specific service we may customize our newsletter and websites with offers and content that we believe will be relevant to you.
- We may use different channels for our marketing communications, such as e-mail, social media and your personal online account.
- You may object or revoke your consent for receiving marketing communications at any time by following the instructions in the relevant marketing communication or by contacting us at firstname.lastname@example.org
Disclosing or sharing data with third parties
We disclose or share your personal data with third parties for the following purposes:
- For the support services we involve
- MyToyota Store and Toyota Webshop
If you use the MyToyota we will transfer order data to the relevant Toyota sales company with whom the company you represent has an agreement with.
- Third party websites
TMHE strives to only process personal data within EU/EES but to the extent it is necessary we shall ensure that such transfers are either made to a country with adequate level of data protection or that we have transfer mechanism (standard contractual clauses) to protect the transfer.
TMHE is a global provider of services and transfer outside the EU/EES can be necessary. If your contact with us relates to group companies outside EU/EES we may transfer your data to that company based on standard contractual clauses. Such transfer can be necessary when you make purchase in the MyToyota portal or in our web shop Transfer outside EU/EEA may also occur if you are located outside EU/EEA.
TMHE use service provider acting as data processors. Datacenters are located within the EU/EES but to the extent data is transferred outside EU/EEA we have entered into standard contractual clauses.
Due to US security legislation, there is a risk that US authorities may access to the personal data transferred to the US despite the fact that we have taken technical and organizational security measures. Due to this, we strive not to transfer personal data to third countries that do not have an adequate level of protection (for example the United States) unless it is necessary for us.
You can contact us to get more information about or transfer mechanism and a copy of standard contractual clauses by sending an email to email@example.com.
Due to this, we have taken supplementary measures to avoid transferring personal data to third countries that do not have an adequate level of protection (for example the United States) unless it is necessary for us. These measures include:
- Data pseudonymization - IP addresses are overridden with the value 0.0.0.0 so that a single person cannot be identified
- Removal of identifiable information such as names, email addresses and telephone numbers
Security and retention
TMHE will take appropriate technical and organizational measures to protect your personal data against loss or unlawful use. Our security measures include:
- Controls to prevent unauthorised persons from gaining access to processing systems used for the processing or use of personal data (access controls) are implemented and reviewed.
- Controls to prevent the use of processing systems without authorization (access controls) are implemented and reviewed.
- Controls to ensure that persons with access to processing systems have access only to the personal data to which they are entitled to have access, that personal data cannot be read, copied, modified or deleted without authorization in connection with processing or use and after storage (access controls) are implemented and, where appropriate, reviewed.
- Controls to ensure that personal data cannot be read, copied, modified or deleted without authorization in connection with electronic transfer or transmission (transfer control) are implemented for all external communications.
- Controls to ensure that it is possible to monitor and determine whether and by whom personal data has been entered in processing systems, modified or deleted (input control) are implemented using access controls, secure development and, where possible, vulnerability testing of interfaces.
- Controls to ensure that, where personal data is to be processed in accordance with instructions, the personal data is processed entirely in accordance with the instructions provided by the principal are implemented through careful monitoring of sub-processors.
- Controls to ensure that personal data is protected against accidental destruction or loss (availability control) are implemented through a combination of administrative and IT security controls for services and infrastructure.
- Controls to ensure that data collected for different purposes can be processed separately are implemented through secure development and, where possible, logical and physical separation.
If you do not wish to store your data, we ask you to refrain from registering in our online shop or MyToyota portal.
You can request access to update and amend your personal data and you can exercise any other rights you have under applicable data protection laws, including:
- data portability
- automated decision making, including profiling
All you must do is send your written response, accompanied by a copy of your proof of identity, to firstname.lastname@example.org. Please note that even if your profile has been deleted, we may retain information on individual transactions for accounting purposes and for TMHEs purpose to document transactions to handle and administrate purchasing, transactions and future warranty issues.
If we process your personal data based on your consent, that consent shall be collected before the processing starts. The consent is free to give and you have the right to withdraw your consent at any time by contact us at email@example.com . If you withdraw your consent, we will stop the relevant processing.
You may say no to receive marketing communications at any time by following the instructions in the relevant marketing communication or by sending an email to firstname.lastname@example.org
Complaint with the supervisory authority
Finally, please remember that you, are always entitled to lodge a complaint with the relevant data protection authority in your country, such as Swedish Authority for Privacy Protection in Sweden; email@example.com.