This Privacy Policy applies to personal data Ferrari collects through the “MyFerrari” mobile application (the “App”).

The data controller is Ferrari S.p.A., with registered office at Via Emilia Est, N. 1163, Modena, Italy. You can contact the Ferrari’s Data Protection Officer through our interactive webform.

We collect personal data, which is information that identifies you or relates to you as an identifiable individual.

(A) Information You Provide To Us

If you choose to engage in certain services offered on our App, we will collect personal data from you. We collect personal data from you when you:

• Download the App. When you download the App, you will need to activate your account. To do so, we will collect your personal identifiers (name and email address). Once your account is activated, we will store your password and other personal data within your App profile (such as gender, citizenship, language, married/not, etc.). We use this personal data to activate your account and confirm your registration as a Ferrari owner. You can add other information to your account, such as a profile picture. Please note that we do not use your profile picture in any way and you are free to insert / delete / replace it at you discretion. In the event of any malfunctions and upon your express request, your user profile can be accessed and used by us exclusively to support you in resolving any technical criticality detected. The legal basis for this is performance of our contract with you (Article 6, par. 1, let. b of the GDPR).

• Request a service. When you request a service on the App, we collect your identifiers (name and contact details). We use this personal data to provide you with the requested service. The legal basis for this is performance of our contract with you (Art. 6, par. 1, let. b of the GDPR). When you activate the Dealer Locator to find the nearest dealership/workshop and/or when you request road assistance, the App will ask for your consent through your device to allow the sharing of your location information (e.g. IP address). Such data is processed in aggregated form and does not allow Ferrari to know your location.

• Profiling activities. If you opt-in, we may use your personal data to analyze your behaviors, habits and propensity to consume to enhance products and services provided by Ferrari, to satisfy your expectations as well as to send you marketing communications we feel may be of interest to you to you if you also have opted-in for receiving direct and indirect marketing communications. In doing so, Ferrari will analyze your preferences and interests using automated analysis techniques that provide Ferrari with inferences concerning you, including profiling. The legal basis for this is your consent (Article 6, par. 1, let. a of the GDPR). You may revoke your consent at any time by clicking the unsubscribe link provided within each email. This link will redirect you to our consent management page where you can opt-out of our newsletters and marketing communications.

• Subscribe to direct and indirect marketing communications. If you opt-in, we may also use your personal data (such as e-mail and phone number) to send you marketing communications as well as sending advertising on Ferrari products, services, events, new collections or performing market researches (direct marketing) as well as on Ferrari’s commercial partners’ products belonging to different product categories (e.g. companies operating in the oil, automotive, IT sectors, etc.) (indirect marketing). This data may be processed in hardcopy, by automated or electronic means including via mail or e-mail, phone (e.g. calls, SMS), fax and any other mean (e.g. web sites, mobile apps). In doing so, Ferrari will analyze your preferences and interests using automated analysis techniques that provide Ferrari with inferences concerning you, including profiling if you have opted-in for this purpose. The legal basis for this is your consent (Article 6, par. 1, let. a of the GDPR). You may revoke your consent at any time by clicking the unsubscribe link provided within each email. This link will redirect you to our consent and newsletters management page where you can opt-out of our marketing communications.

• Perform customer satisfaction surveys. If you agree to participate (this is optional), Ferrari collects your personal identifiers (such as name, email address, and telephone number) to perform customer satisfaction surveys related to the quality of Ferrari’s services. The legal basis for this processing is Ferrari’s legitimate interest in the improvement and quality of our services (Article 6, par. 1, let. f of the GDPR).

Ferrari may also use the personal data we collect as described in this section to improve our products and services, to comply with the law, to efficiently maintain our business, and for other limited circumstances as described in RECIPIENTS OF YOUR PERSONAL DATA. This is part of our legitimate interest in the performance of our contractual obligations, protection of legal rights, and compliance with legal obligations. Ferrari may also deidentify or aggregate the personal data for benchmarking purposes.

Your personal data will be transmitted from your device to our backend servers in order to fulfil the above purposes.

(B) Information Collected Automatically

In addition to the personal data you provide directly, we may also collect information from you automatically as you use our App. This information includes the following:

• Usage information. This includes information regarding your interaction with our App, such as the frequency of access, how much time you spend on the App, diagnostic and performance information.

• Device information. This includes certain information about your device that you use to access our App, such as operating system, App version, and your preferences. We will also assign a unique identifier to your mobile device.

(C) Information Collected through other sources.

Social log-in. If you choose to register and log-in on the App through your social network account (e.g. Facebook), we will receive some personal data from the social network of your choice (e.g. email, password, name, surname, date of birth, gender, job role, country, citizenship, address, telephone). The legal basis for this processing is the execution of our contract with you (Article 6, par. 1, let. b of the GDPR).

Please note that this section (C) only refers to Ferrari’s data processing. We are not liable in case of any unauthorized disclosure of your information by third-party social media channels, in breach of the options you have selected thereto and/or any consents you have provided. You may refer to such third-party social media channels websites and social networks to know more about their privacy policies relating to the data and consents you may have provided to them.

General Sharing

Ferrari may need to make the personal data identified in this Privacy Policy available within Ferrari, with official Ferrari dealers and repairers with service providers, or with other third parties. These instances include:

Within Ferrari. We may share your personal data with Ferrari subsidiaries for legitimate business purposes and general business management. The legal basis for this is our legitimate interest in carrying out our business efficiently.

With official Ferrari Dealers and Repairers. Based on specific contractual agreements, we share your personal data with our network of official Ferrari dealers and repairers who assist us in the provision of our products and services as well as in the organization and management of events.

With Service Providers.  We may share your personal data with our service providers that assist us in providing the App. The legal basis is our legitimate interest in providing the App efficiently. These service providers include communication providers, web-hosting providers, IT support, our customer management platform, call center providers, marketing providers.

With Third Parties. We may need to disclose your personal data to third parties, such as legal advisors, law enforcement agencies, or governmental/regulatory bodies in order to protect our legal interests and other rights, protect against fraud or other illegal activities, prevent harm, for risk management purposes, and to comply with our legal obligations. The legal basis for this is compliance with the law, compliance with legal obligations, and our legitimate interest in the protection of the rights of others.

In the event of a Corporate Reorganization. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we would share personal data with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We would also share personal data with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.

With Your Consent. Apart from the reasons identified above, we may request your permission to share your personal data for a specific purpose. We will notify you and request consent before you provide the personal data or before the personal data you have already provided is shared for such purpose. You may revoke your consent at any time.

Correct or View Your Information. You may access your account to correct or view certain personal data you have provided to us and which is associated with your account. You can change your device settings to manage certain information such as location data.

Marketing Emails and newsletters. You may opt-out of receiving marketing emails and/or newsletters from us by clicking the “unsubscribe” link provided with each email. Please note that we will continue to send you notifications necessary to your account, or requested products or services. 

Uninstall the App. You can stop all further collection of your personal data by the App by uninstalling it from your device.

The provision of your personal data is always optional. However, any refusal to provide your personal data, in whole or in part, necessary for the provision of a service may make it impossible for Ferrari to allow the requested service to be provided.

If you choose not to provide your personal data for further marketing and profiling purposes or if you choose to withdraw your consent at a later stage, this will not compromise the fulfillment of the other purposes indicated above.

If our processing of your personal data is subject to the GDPR, you have the following rights with respect to your personal data:

• Right to Access. You have the right to ask Ferrari for copies of your personal data. This right has some exceptions, which means you may not always receive all personal data we process.
• Right to Rectification. You have the right to ask Ferrari to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• Right to Erasure. You have the right to ask Ferrari to erase your personal data in certain circumstances.
• Right to Restrict Processing. You have the right to ask Ferrari to restrict the processing of your personal data in certain circumstances. See YOUR DATA CHOICES AND THE POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE YOUR DATA for additional ways you can restrict processing of your personal data.
• Right to Object to Processing. You have the right to object at any time, for reasons arising from your particular situation, to processing of your personal data, which is carried out on the basis of our legitimate interests. See YOUR DATA CHOICES AND THE POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE YOUR DATA for additional ways you can object to processing of your personal data.
• Right to Data Portability. You have the right to ask that we transfer the personal data you gave us from one organization to another, or give it to you in a structured, ordinarily used, and readable format.
• Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority.

To exercise your rights, you may submit a request in writing to Ferrari S.p.A., via Abetone Inferiore 4, Maranello (MO), Italy or through our interactive webform.

Within its contractual relations, Ferrari may transfer personal data to countries outside of the European Economic Area (“EEA”). In the event personal data is transferred outside of the EEA, Ferrari will use appropriate contractual measures to guarantee an adequate protection of personal data, including implementation of agreements based on the standard contractual clauses adopted by the EU Commission.  

The personal data processed by Ferrari will be retained for the period deemed strictly necessary to fulfil the purposes for which it was provided. However, Ferrari may continue to store personal data for a longer period, as may be necessary to protect Ferrari’s interests related to potential liability related to our services and the App. Ferrari will keep personal data for the purposes of marketing and profiling for ten (10) years from the provision of your personal data for marketing and profiling purposes unless you withdraw your consent. Once your consent is withdrawn, personal data may no longer be processed for marketing or profiling purposes by may still be retained for the purpose of handling any disputes and/or litigation.

The processing of your personal data takes place using IT and manual tools, with logic strictly related to the purposes of the processing indicated above and, in any case, in order to guarantee the protection, confidentiality and security of the data. To protect your personal data from unauthorized access, destruction, use, modification, or disclosure, we have implemented technical, administrative, and physical security measures. These security measures include encryption, access controls, and anti-virus and anti-malware protection. However, no security measure or modality of data transmission is 100% secure and we are unable to guarantee the absolute security of the personal data we have collected from you.

The App and the services offered thereon are not intended for individuals under the age of eighteen (18) years. If we learn that we have collected or received personal data from individuals under the age of eighteen (18), we will delete the personal data. If you believe we have personal data on individuals under the age of eighteen (18), please contact us at the contact information provided below.

This Privacy Policy is subject to change. Changes to the Privacy Policy will be posted on this App and will indicate the date the changes go into effect. Please check back frequently and review the Privacy Policy for any changes. If we make any changes that materially affect your privacy rights, we will notify you via email or by prominent posting on our App. This Privacy Policy was last updated on July 14, 2021.