1) Who We Are
BENC ELEKTRONIK (trading as “BencMotorsport”) (“we”, “us”, “our”) develops and sells the "Wreet" file calculator for repairing car electronics.
- Website: https://benc-motorsport.com
- Product: Wreet (software)
- Data Controller: BENC ELEKTRONIK (trading as BencMotorsport)
- Registered/Operating country: Croatia (EU)
- VAT ID: HR46540246369
- Contact: info@benc-motorsport.com
2) Data We Collect
- Contact & account data — name, email, company, VAT details (if provided), messages sent to support.
- Transaction data — pre-order selections, prices, currency, timestamps. Payment card data is handled by our payment processor (see Payments).
- Technical data (web) — device/browser information, IP address, and basic logs for security and debugging.
- Usage data (web & app) — feature interactions, error events, performance metrics, time spent in the application, and high-level activity logs used to detect and prevent abuse.
- Marketing preferences — opt-in to emails, unsubscribes, and related settings.
- Desktop app identifiers — CPU ID, BIOS serial number, disk serial number, and MAC address, combined and hashed into a unique hardware ID; computer name and OS username; download/navigation events inside the app (limited to our domains).
- Contract-signing data — first name, last name, email (from your account), street address, postal code, city, country, agreement checkbox, drawn signature (PNG/base64), typed full name, and a generated PDF of the signed agreement.
3) How We Use Data
- Provide and improve Wreet; fulfill orders/pre-orders; deliver updates and support.
- Validate licenses, prevent unauthorized use, and enforce fair use.
- Generate and store legally binding digital agreements (subscription contracts).
- Analyze performance and measure time spent and actions in the app to detect, investigate, and prevent abuse, fraud, or misuse.
- Process payments and send purchase confirmations and critical notices.
- Comply with legal obligations (invoicing, accounting, tax/VAT).
- With consent: send product news, promotions, and onboarding tips.
4) Legal Bases (GDPR)
- Contract — to deliver the services/features you request, and to conclude/perform the subscription agreement.
- Legitimate interests — product improvement, security, license validation, basic cookieless website analytics, and anti-abuse monitoring.
- Consent — optional marketing emails and certain non-essential cookies where required.
- Legal obligation — tax, accounting, regulatory compliance, and retention of contract records.
5) Desktop App & Contract Signing
5.1 Desktop App Identifiers
The Wreet Desktop app may collect CPU ID, BIOS serial number, disk serial number, and MAC address, which we combine and hash into a unique hardware ID.
We may also process your computer name and OS username, DPI/zoom context, and download/navigation events within our app (limited to our domains). Requests to our domains may include headers like
X-Hardware-ID and X-App-Client for licensing and security.
5.2 Contract Signing (Digital Agreement)
When you sign the Service Subscription Agreement, we collect your first name, last name, email, address (street, postal code, city, country), your agreement checkbox,
a drawn signature (PNG/base64) from the signature pad, and your typed full name. We generate a PDF of the agreement that includes this information.
PDFs are stored securely in cloud storage (Azure Blob), typically under a filename derived from your email (e.g., [email]_contract.pdf).
5.3 Telemetry & Anti-Abuse
We analyze session duration, feature usage, and relevant activity signals to detect suspected abuse (e.g., unauthorized access, reverse engineering, automation, excessive or prohibited use). Where abuse is suspected, we may restrict access, require re-verification, or take further steps to protect the service and other users.
6) Cookies & Tracking
We use essential cookies for site functionality and may use analytics cookies to understand aggregate usage and improve the product. You can control cookies via your browser settings. If we use non-essential cookies, we will request your consent where required.
6.1 Cloudflare Web Analytics (cookieless)
We use Cloudflare Web Analytics to measure aggregate website usage (e.g., page views, referrers, device/browser types, and performance). This analytics is cookieless and does not set or read non-essential cookies on your device. The data we see is aggregated and not used to identify individual visitors.
- Data processed (aggregate): page URLs and titles, referrer information, timestamp, approximate location (country/region), language, device/browser/OS info, screen size, and general performance metrics.
- Provider: Cloudflare, Inc. (San Francisco, USA) acting as our service provider.
- Purpose: understand traffic patterns, improve site reliability and content, and detect issues.
- Legal basis: legitimate interests (GDPR Art. 6(1)(f)) for basic, privacy-preserving analytics.
- Retention: we keep aggregate reports for as long as needed for the purposes above.
- Opt-out: you can use a content blocker or disable JavaScript to prevent loading of the analytics beacon
(
static.cloudflareinsights.com). Because it’s cookieless, a cookie consent banner is not required for this analytics.
7) Payments
Payments are processed by third-party providers (e.g., PayPal). We do not store full card details on our servers. Your payment data is handled under the processor’s own terms and privacy notices.
8) Sharing & Disclosure
- Service providers — hosting (e.g., Microsoft Azure), Cloudflare (security & analytics), payment processing, email delivery, and customer support tools. Access is limited to what’s necessary.
- Legal — if required to comply with law, enforce terms, investigate abuse, or protect our rights, users, or the public.
- Business transfers — in connection with a merger, acquisition, or sale of assets.
9) Data Retention
- Contract data and signed PDFs — retained for the duration of the contract and for required legal/accounting periods and defense of legal claims.
- Hardware IDs and technical identifiers — retained as long as necessary for licensing and security.
- Usage and telemetry logs — retained for operational and security purposes, generally for shorter periods unless extended for incident investigation or compliance.
When data is no longer needed, we securely delete or anonymize it.
10) Security
- Transport security via TLS/HTTPS; encryption at rest for cloud storage.
- Access controls and least-privilege for staff and systems.
- Hashing of hardware identifiers prior to or during transmission.
- Continuous monitoring and improvement of security measures.
No method of transmission or storage is 100% secure, but we work continuously to improve protections.
11) Your Rights (EEA/UK)
- Access, rectification, erasure, restriction, objection, and data portability.
- Withdraw consent at any time where processing is based on consent.
- Lodge a complaint with your local supervisory authority.
To exercise your rights, contact us at info@benc-motorsport.com.
12) International Transfers
We aim to process and store data in the EEA (e.g., Azure EU regions such as Germany West Central). If data is transferred outside the EEA/UK, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) where required by law.
13) Children’s Privacy
Wreet is intended for professional/business use. We do not knowingly collect personal data from children.
14) Pre-Purchase Digital Agreement
15) Changes to This Policy
We may update this Policy from time to time. We’ll revise the “Effective date” above and, where appropriate, notify you of significant changes.
16) Contact Us
Questions about this Policy or your data?
- Email: info@benc-motorsport.com
- Company: BENC ELEKTRONIK (trading as BencMotorsport), Croatia (EU) — VAT ID: HR46540246369