Last update:
24. 04. 2026
Privacy Policy
1. Introduction
[OIO Group] ("we", "us", or "our") is committed to safeguarding the privacy of individuals and protecting personal data in accordance with applicable laws and regulations. This Privacy Policy outlines how we collect, use, disclose, store, and process your personal data when you access or use our corporate website www.oio.io. It reflects our compliance with the Personal Data (Privacy) Ordinance and, where applicable, the General Data Protection Regulation (EU) 2016/679 (GDPR). By using our website, you agree to the practices described in this Privacy Policy.
2. Collection of Personal Data
We collect personal data through a variety of methods to ensure we can provide and improve our services. This includes data you provide directly when you complete online forms or contact us, data collected automatically via cookies and server logs when you browse our site, and data obtained from third-party services such as analytics providers and payment processors. The personal data we may collect includes identity data (such as your name and, where relevant, date of birth), contact data (such as email address, phone number, and mailing address), transaction data (including payment details and purchase history), technical data (such as IP address, browser type, and device identifiers), profile data (such as account preferences and communication settings), and marketing data (such as your preferences for receiving promotional content).
3. Use of Personal Data
We use the personal data we collect for legitimate business purposes. These include providing and managing our services, processing payments and fulfilling orders, responding to your inquiries or requests, and sending you marketing and promotional materials where you have provided your consent. We also use personal data to operate, maintain, and improve our website and digital infrastructure, as well as to analyze usage trends and patterns. Additionally, we may process your data as required to comply with legal and regulatory obligations applicable in our operating jurisdictions.
4. Legal Basis for Processing (for EU/EEA Residents):
Where the GDPR applies, we process your personal data based on one or more of the following legal bases: your explicit consent, where you have given it; the necessity of processing for the performance of a contract to which you are a party; compliance with a legal obligation to which we are subject; or our legitimate business interests, provided that such interests are not overridden by your data protection rights and freedoms.
The entity responsible for data processing within the meaning of the EU data protection laws is:
OIO Group
The Grand Pavilion Commercial Centre
802 West Bay Road
Grand Cayman, Cayman Islands
5. Disclosure of Personal Data
We may disclose your personal data to trusted third parties under conditions of strict confidentiality. These parties may include service providers who support our operations, business partners, and affiliates or subsidiaries within our corporate group. Where required, we may also disclose data to regulatory authorities or law enforcement agencies to comply with legal obligations. We do not sell or trade your personal data to any third parties under any circumstances.
6. International Data Transfers
In some cases, your personal data may be transferred to, or accessed from, locations outside of Hong Kong or the European Economic Area (EEA). Where such transfers occur, we ensure that appropriate safeguards are in place. These may include the use of the European Commission’s Standard Contractual Clauses or transfers to jurisdictions that the European Commission has recognized as providing adequate data protection. We are committed to ensuring that your personal data remains protected, regardless of where it is processed.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, regulatory, accounting, or reporting obligations. Once your personal data is no longer needed, we will securely delete or anonymize it, ensuring that it can no longer be associated with you.
8. Your Rights (Including EU/EEA Residents)
If you are a resident of the EU or EEA, you have specific rights under the GDPR regarding your personal data. These include the right to access your personal data, the right to rectify inaccurate or incomplete data, the right to request erasure (also known as the "right to be forgotten"), the right to restrict how your data is processed, the right to data portability, the right to object to processing carried out on the basis of legitimate interests or for direct marketing purposes, and the right to withdraw consent at any time where processing is based on your consent. You also have the right to lodge a complaint with a data protection authority in your jurisdiction. To exercise any of these rights, please contact us using the contact details provided below.
9. Third Party Websites and Links
Our website(s) may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and
security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.
10. Children’s Privacy
Our Site is not directed to individuals under the age of 16. We do not knowingly collect data from children.
11. Data Security
We implement a range of appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, misuse, or alteration. These measures are regularly reviewed and updated to ensure continued effectiveness and compliance with applicable security standards. Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
12. Retention
We will remove your IP address and your Internet service provider's name, which we retain for security reasons, when they are no longer required. Additionally, we will delete your personal data as soon as its purpose for collection and processing is no longer applicable.
However, we may continue to store the data if necessary to comply with laws, regulations, or other legal provisions in the EU or other countries with adequate data protection measures. In cases where deletion is not feasible, relevant personal data will be appropriately marked to restrict future processing.
13. Cookies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze usage patterns, and personalize content and advertising where applicable. You may control or disable cookies through your browser settings at any time; however, this may impact the functionality of certain parts of our website.
13. Third-Party Sites
Our website may contain links to third-party websites or services that are not operated or controlled by us. This Privacy Policy does not extend to those external sites. We encourage you to review the privacy policies of any third-party sites you visit to understand how your data may be collected and used by them.
14. Changes to This Policy
We reserve the right to update or amend this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or service offerings. Any updates will be posted on this page, accompanied by a revised effective date. We encourage you to review this policy periodically to stay informed about how we protect your personal data.
15. Contact Us
If you have any questions about this Privacy Policy, our data handling practices, or if you wish to exercise your data protection rights, please contact our Data Protection Officer at the details below:
[OIO] Email: info@oio.io
Attn: Data Protection Officer
1. Introduction
[OIO] ("we", "us", or "our") is committed to safeguarding the privacy of individuals and protecting personal data in accordance with applicable laws and regulations. This Privacy Policy outlines how we collect, use, disclose, store, and process your personal data when you access or use our corporate website www.oio.io. It reflects our compliance with the Personal Data (Privacy) Ordinance (Cap. 486) of the Hong Kong Special Administrative Region and, where applicable, the General Data Protection Regulation (EU) 2016/679 (GDPR). By using our website, you agree to the practices described in this Privacy Policy.
2. Collection of Personal Data
We collect personal data through a variety of methods to ensure we can provide and improve our services. This includes data you provide directly when you complete online forms or contact us, data collected automatically via cookies and server logs when you browse our site, and data obtained from third-party services such as analytics providers and payment processors. The personal data we may collect includes identity data (such as your name and, where relevant, date of birth), contact data (such as email address, phone number, and mailing address), transaction data (including payment details and purchase history), technical data (such as IP address, browser type, and device identifiers), profile data (such as account preferences and communication settings), and marketing data (such as your preferences for receiving promotional content).
3. Use of Personal Data
We use the personal data we collect for legitimate business purposes. These include providing and managing our services, processing payments and fulfilling orders, responding to your inquiries or requests, and sending you marketing and promotional materials where you have provided your consent. We also use personal data to operate, maintain, and improve our website and digital infrastructure, as well as to analyze usage trends and patterns. Additionally, we may process your data as required to comply with legal and regulatory obligations applicable in our operating jurisdictions.
4. Legal Basis for Processing (for EU/EEA Residents):
Where the GDPR applies, we process your personal data based on one or more of the following legal bases: your explicit consent, where you have given it; the necessity of processing for the performance of a contract to which you are a party; compliance with a legal obligation to which we are subject; or our legitimate business interests, provided that such interests are not overridden by your data protection rights and freedoms.
The entity responsible for data processing within the meaning of the EU data protection laws is:
De Tomaso Automobili GmbH
Kopernikusstrasse 31,
D-85092 Kösching,
Germany Email: data@detomaso-automobili.com
5. Disclosure of Personal Data
We may disclose your personal data to trusted third parties under conditions of strict confidentiality. These parties may include service providers who support our operations, business partners, and affiliates or subsidiaries within our corporate group. Where required, we may also disclose data to regulatory authorities or law enforcement agencies to comply with legal obligations. We do not sell or trade your personal data to any third parties under any circumstances.
6. International Data Transfers
In some cases, your personal data may be transferred to, or accessed from, locations outside of Hong Kong or the European Economic Area (EEA). Where such transfers occur, we ensure that appropriate safeguards are in place. These may include the use of the European Commission’s Standard Contractual Clauses or transfers to jurisdictions that the European Commission has recognized as providing adequate data protection. We are committed to ensuring that your personal data remains protected, regardless of where it is processed.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, regulatory, accounting, or reporting obligations. Once your personal data is no longer needed, we will securely delete or anonymize it, ensuring that it can no longer be associated with you.
8. Your Rights (Including EU/EEA Residents)
If you are a resident of the EU or EEA, you have specific rights under the GDPR regarding your personal data. These include the right to access your personal data, the right to rectify inaccurate or incomplete data, the right to request erasure (also known as the "right to be forgotten"), the right to restrict how your data is processed, the right to data portability, the right to object to processing carried out on the basis of legitimate interests or for direct marketing purposes, and the right to withdraw consent at any time where processing is based on your consent. You also have the right to lodge a complaint with a data protection authority in your jurisdiction. To exercise any of these rights, please contact us using the contact details provided below.
9. Third Party Websites and Links
Our website(s) may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and
security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.
10. Children’s Privacy
Our Site is not directed to individuals under the age of 16. We do not knowingly collect data from children.
11. Data Security
We implement a range of appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, misuse, or alteration. These measures are regularly reviewed and updated to ensure continued effectiveness and compliance with applicable security standards. Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
12. Retention
We will remove your IP address and your Internet service provider's name, which we retain for security reasons, when they are no longer required. Additionally, we will delete your personal data as soon as its purpose for collection and processing is no longer applicable.
However, we may continue to store the data if necessary to comply with laws, regulations, or other legal provisions in the EU or other countries with adequate data protection measures. In cases where deletion is not feasible, relevant personal data will be appropriately marked to restrict future processing.
13. Cookies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze usage patterns, and personalize content and advertising where applicable. You may control or disable cookies through your browser settings at any time; however, this may impact the functionality of certain parts of our website.
13. Third-Party Sites
Our website may contain links to third-party websites or services that are not operated or controlled by us. This Privacy Policy does not extend to those external sites. We encourage you to review the privacy policies of any third-party sites you visit to understand how your data may be collected and used by them.
14. Changes to This Policy
We reserve the right to update or amend this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or service offerings. Any updates will be posted on this page, accompanied by a revised effective date. We encourage you to review this policy periodically to stay informed about how we protect your personal data.
15. Contact Us
If you have any questions about this Privacy Policy, our data handling practices, or if you wish to exercise your data protection rights, please contact our Data Protection Officer at the details below:
[OIO] Email: data@detomaso-automobili.com
Attn: Data Protection Officer