Privacy Policy

How Kia handles personal data

Kia takes the privacy of your information serious. Our Privacy Policy below explains how we will collect and use the information you give us. We may vary this policy from time to time and the current version will be that published on this site. The word 'we', 'us' or 'our' refers to Kia, unless otherwise indicated.

1. Data Controller and contacting us 

The responsible data controller for any personal data collected and processed in connection with the use of this website is:

Hyundai Motor Europe Technical Center GmbH (Hyundai-Platz, 65428 Rüsselsheim am Main, Germany)

Please submit any questions, concerns or comments you have about this Policy or any requests concerning your personal data by email to (support.eu@hyundai-autoever.com). Our further contact details are disclosed in the imprint.

The information you provide when contacting us will be processed to handle your request and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements, if applicable.

2. Informational use of the website 

When you visit our website for informational reasons, i.e. without registering for any of our provided services and without providing us with personal data in any other form, we automatically collect your access data and server log files (IP address, date and time of your access, which pages on our website you visited, including the notification if access was successful, the volume of transferred data, the referrer URL of your previously visited website and your used browser type and version). These personal data are necessary in order to provide you with our website and to ensure system stability and efficiency and to implement proper safeguards as to the security of our website and services.

The personal data automatically collected is necessary to provide the website Article 6 sec. 1 sent. 1 lit. f GDPR (legitimate interest) with regards to our use of technical information to enhance our systems, make your usage of the websites more convenient or ensure the security of our websites. This is based on our legitimate interest as the data used for these purposes are stored for a limited period and do not allow us to personally identify a user.

Personal data that is collected is deleted automatically after the above mentioned purposes are fulfilled. 

3. Categories of Recipients and cross border data transfers

Any access to your personal data is restricted to those individuals that have a need to know in order to fulfill their job responsibilities.

We may transfer your personal data for the respective purposes to the recipients and categories of recipients listed below.

Private third parties – Affiliated or unaffiliated private bodies other than us.

Data processors – Certain third parties, whether affiliated or unaffiliated, may receive your personal data to process such data on behalf of us under appropriate instructions as necessary for the respective processing purposes. The data processors will be subject to contractual obligations to implement appropriate technical and organisational security measures to safeguard the personal data, and to process the personal data only as instructed.

Governmental authorities, courts, external advisors, and similar third parties that are public bodies as required or permitted by applicable law.

Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the EEA) which may have different data protection standards than your country of residence. Our servers are located in Germany. 

Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to keep up an adequate level of data protection also when processing your personal data with such countries.

4. Your Rights

Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:

require (i) information whether your personal data is retained and (ii) access to your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;

request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the processing was based has been withdrawn;

refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;

object, out of grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for an ongoing processing; and/or

take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators.

require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller;

complaint to supervisory authority, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the requirements of the GDPR.

You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us under the contact details set out in section 1.

5. Changes to the Privacy Policy

This Policy may require an update from time to time – e.g. due to the implementation of new technologies or the introduction of new services. We reserve the right to change or supplement this Policy at any time. We will publish the changes on our website and/or inform you accordingly.

6. Links to other websites

Our Websites may contain links to other sites outside the group. Neither Kia, nor its group companies, are responsible for the privacy and security of these sites. This privacy policy applies only to this website.