Contact

Privacy & Cookies

PRIVACY POLICY

I. Data Controller

The controller of personal data within the meaning of Article 4(7) of Regulation (EU) 2016/679 (GDPR) is:

Karts Design Limited
Company Number: 12240619
590 Kingston Road, London, SW20 8DN, United Kingdom
Email: contact@kartsdesign.com

The data controller complies with the principles of personal data protection and applies appropriate technical and organizational measures to prevent accidental or unlawful destruction, loss, modification, unauthorized disclosure, or access to personal data processed in connection with its business activities.

Providing personal data is voluntary but necessary for cooperation and/or entering into a contract with the controller. The controller processes personal data only to the extent necessary to perform the contract or respond to the actions of the data subject.

II. Purpose and Legal Basis for Data Processing

The data controller processes personal data for the following purposes:

  • Preparing commercial offers in response to customer inquiries (Article 6(1)(f) GDPR)

  • Providing services electronically via the Website (Article 6(1)(b) GDPR)

  • Handling complaints, based on legal obligations (Article 6(1)(c) GDPR)

  • Accounting and issuing documents, in accordance with tax regulations (Article 6(1)(c) GDPR)

  • Archiving for claims, legal defense, or proof purposes (Article 6(1)(f) GDPR)

  • Contacting users by phone or email in response to inquiries (Article 6(1)(f) GDPR)

  • Sending technical information related to the website or services (Article 6(1)(f) GDPR)

  • Marketing of own products, based on legitimate interest (Article 6(1)(f) GDPR) or consent (Article 6(1)(a) GDPR)

  • AI-powered chat assistant: to collect, store, and analyze user conversations and contact details voluntarily submitted during interactions with the Karts AI Assistant. This includes:

    • AI-generated interactions do not constitute legally binding advice or offers.

    • Contact data submitted in the chat may be used for follow-up communication by the Company.

    • Conversation transcripts may be used for service improvements, analytics, offer optimization, and customer support purposes (Article 6(1)(f) GDPR).

III. Data Recipients and Transfers to Third Countries

Data recipients may include third-party contractors cooperating with the controller to fulfill the contract, such as accounting offices, legal firms, and IT or hosting service providers.

In some cases, data may be transferred to organizations outside the European Economic Area (EEA), including:

  • Google LLC (Google Analytics, Google Ads)

  • Meta Platforms Inc. (Facebook Pixel)

Data transfers are based on Standard Contractual Clauses approved by the European Commission.

IV. Data Retention Period

Data will be stored:

  • For the duration of the contract and for a period required by law or until limitation of claims

  • For marketing purposes: up to 10 years, or until consent is withdrawn or an objection is filed

V. Data Subject Rights

You have the right to:

  • Access your data and obtain information about processing (Article 15 GDPR)

  • Receive a copy of your data (Article 15(3) GDPR)

  • Rectify inaccurate or incomplete data (Article 16 GDPR)

  • Delete data when there is no legal basis for further processing (Article 17 GDPR)

  • Restrict processing under specific conditions (Article 18 GDPR)

  • Data portability (Article 20 GDPR)

  • Object to data processing based on legitimate interests, including profiling (Article 21 GDPR)

To exercise these rights, contact the controller via the details provided above.

You also have the right to lodge a complaint with a supervisory authority in the UK (ICO) or your country of residence.

VI. Profiling and Automated Processing

Personal data may be subject to automated processing, including profiling, for the purpose of evaluating personal preferences and interests to deliver personalized content or offers.

Such profiling does not produce legal effects for the data subject. You can object to profiling at any time.

VII. Google Analytics

We use Google Analytics, a service provided by Google LLC, to analyze website traffic and user behavior. Google Analytics uses cookies stored on users’ devices.

In exceptional cases, data may be transmitted to Google servers in the USA. Google complies with the EU-U.S. Privacy Shield framework.

Legal basis: Article 6(1)(f) GDPR – legitimate interest in analyzing and improving services.

VIII. Cookies

The Website uses cookies to:

  • Adapt content to user preferences

  • Generate anonymous statistics to improve functionality

  • Maintain user sessions

Types of cookies used:

  • Session and persistent cookies

  • Necessary cookies for authentication and security

  • Performance cookies for tracking usage

  • Functional cookies to store preferences (e.g., language)

  • Advertising cookies to deliver personalized ads

Users can manage cookie preferences through their browser settings. Disabling cookies may affect website functionality.

Last updated: 31 March 2025

COOKIES POLICY

The website does not automatically collect any information, except for the information contained in cookies.

Cookies are IT data, particularly text files, which are stored on the User’s end device and are intended for using the Portal’s websites. Cookies usually contain:

  • the name of the website from which they originate,

  • the time of storage on the end device,

  • and a unique identifier.

The entity placing cookies on the User’s end device and accessing them is the Portal Administrator.

Purposes of Using Cookies

Cookies are used to:

a) Adjust the content of the Portal’s websites to the User’s preferences and optimize the use of websites; in particular, these files allow the Portal to recognize the User’s device and properly display the website, tailored to their individual needs.
b) Create statistics that help understand how Users interact with the websites, allowing us to improve their structure and content.
c) Maintain the User’s session, enabling continuity of navigation and access to services.

Types of Cookies Used on the Portal

a) “Session” and “Persistent” Cookies

  • Session cookies are temporary files stored on the User’s end device until logout, leaving the website, or turning off the browser.

  • Persistent cookies remain on the User’s device for a period defined in the cookie parameters or until manually deleted.

b) “Necessary” Cookies
Enable the use of services available on the Portal, such as authentication cookies required for logging into secure areas.

c) Security Cookies
Used to detect misuse in the authentication process and to ensure secure user experiences.

d) “Performance” Cookies
Allow the collection of analytical data regarding the use of the Portal’s websites, helping to improve functionality and user experience.

e) “Functional” Cookies
Enable the Portal to remember User settings and preferences, such as:

  • selected language,

  • region of access,

  • font size,

  • and visual customization options.

f) “Advertising” Cookies
Allow for the delivery of targeted advertising content that is more relevant to the User’s interests.

Managing Cookie Preferences

By default, web browsers typically allow cookies to be stored on the User’s end device. However, Users can manage their cookie preferences at any time.

These settings may include:

  • blocking cookies automatically,

  • notifying the User each time a cookie is placed,

  • or deleting previously stored cookies.

Detailed instructions on how to manage cookies are available in your web browser’s settings.

Czat AI