PRIVACY POLICY
Last Updated March 27, 2026
FOR INFORMATION REGARDING THE TERMS GOVERNING THE USE OF THE RESOURCES, PLEASE SEE OUR TERMS OF SERVICE AT https://www.ferraribeverlyhills.com/legal/terms-and-conditions.
BACKGROUND
In connection with use of its website located at www.FerrariBeverlyHills.com (the “Website”), its mobile applications (the “Mobile Apps”), and any other publicly accessible user resources (collectively, the “Resources”), Rosso MAG, Inc., on behalf of itself and its affiliated companies, including Passione Rossa, LLC, a California limited liability company doing business as Ferrari Beverly Hills, Chi Pega, LLC, a California limited liability company doing business as Ferrari Westlake and Ferrari Westlake Village, GGM Automotive, LLC, a California limited liability company doing business as Ferrari Los Angeles, Pasadena Rosso LLC, a California limited liability company doing business as Ferrari Pasadena, and Servizio Rosso, LLC, a California limited liability company doing business as Ferrari Beverly Hills Service Center (collectively, the “Company,” “us,” “we,” and other similar terms) gathers certain information regarding users who use the Resources. The gathering of information is always reasonable in relation to our business or the purpose for which the Resources exist, and includes, without limitation, various information provided by you or your internet service provider (whether mobile data or otherwise, an “ISP”) to us. We in turn, gather information from, and share information with necessary parties with whom or which we have an ongoing business relationship or may need to come into possession of user information in order to enable, facilitate, or otherwise enhance your experience with the Resources. We take each user’s data privacy seriously, and at all times endeavor to collect, compile, handle, store, and disseminate user data (whether or not Personal Information as defined below, “User Data”) in compliance with applicable law, including, as may be applicable to certain users, under either the 2018 California Consumer Privacy Act (as modified by the California Privacy Rights Act, collectively referred to herein as the “CPRA”), or the European Union General Data Protection Regulation (the “GDPR”).
Please note, we have no control over the systems, websites, mobile applications, or other resources of third parties (“External Systems”). External Systems and the companies which operate them are responsible for complying with the CPRA and GDPR independently, and we do not assume any duty to ensure that an External System linked from, or which links to, the Resources, complies with the CPRA or GDPR.
“PERSONAL INFORMATION” DEFINED
“Personal Information” has varying definitions depending on the laws applicable to you. The Resources are controlled and provided from within the Unites States, however, Company complies with laws and regulations applicable to its users.
As used in this Privacy Policy, Personal Information has the meaning of in the CPRA.
Personal Information includes, without limitation, information such as (i) contact data, including, your first and last name, driver’s license number, biometric information, user name or alias, physical street address, city, state, zip code, phone number and email address, (ii) financial data (such as banking information), (iii) demographic data (such as your zip code and gender), and (iv) other legal data (such as your social security number and other sensitive information) or any number of attributes, which taken together may identify you or enable you to be directly identified (such as physical, physiological, genetic, mental, economic, cultural or social characteristics).
As used in this Privacy Policy, Sensitive Personal Information has the meaning of in the CPRA. Specifically, Sensitive Personal Information includes your (i) social Security number, (ii) driver’s license number, (iii) state ID card number, (iv) passport number, (v) financial account numbers, ACH enrollment data, bank routing information and account information, wire instructions, security or access codes or tokens, (vi) precise geolocation, (vii) racial or ethnic origin, (viii) biometric information, (ix) health information, (x) contents of mail, email, or text messages (unless business-related)
Notwithstanding the fact that we may treat certain User Data as User Data which is not Personal Information, and cannot be used in order to identify a user (“Non-Personally-Identifiable Data”), we will always treat information based upon such applicable law’s characterization of Personal Information.
Because the Company may (i) extend credit directly, (ii) broker or arrange credit, (iii) assign retail installment contracts, or (iv) act as a lessor of record under a lease, in each case relating to automobiles, the Company will at all times handle non-public Personal Information (“NPI”) in conformity with the Gramm-Leach Bliley Act (the “GLBA”) and Regulation P (12 CFR Part 1016).
INFORMATION COLLECTION AND TRACKING
You may use certain aspects of the Resources without giving away any Personal Information except for your IP address and certain other data provided by your ISP or device. We may use analytics tools, such as Google Analytics, and various cookies in order to improve and analyze the use of our Resources. The information collected by these analytics tools is mostly anonymous traffic data including browser information, device information, language. We do not collect additional information, such as your age, gender, interests, clickstream, or anything associated with a so-called user “Internet passport.”
The following chart summarizes the type and character of User Data we collect, and gives certain examples of User Data which we do not collect.
| Type of User Data | Some Examples of This Type of User Data | Do We Collect This Type |
| Identifiers | A real name, Internet Protocol address, email address, or other similar identifiers. | We collect certain User Data provided by your ISP when you use the Resources. We further collect this type of User Data pursuant to Section 3.3 below. |
| Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | We will only collect this type of User Data to the extent you specifically provide it to us. |
| Commercial information and purchase history data | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | We may collect this type of User Data pursuant to Section 3.3 below, but only in connection with your use of the Resources. |
| Biometric data | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | We do not presently collect any biometric data. |
| Internet or other similar network activity data | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | We may collect this type of User Data pursuant to Section 3.3 below. |
| Geolocation data. | Physical location or movements. | We may collect this type of User Data pursuant to Section 3.3 below. |
| Device sensory data | Audio, electronic, visual, thermal, olfactory, or similar information. | We may collect this type of User Data pursuant to Section 3.3 below. |
| Professional or employment-history and other information | Current or past job history or performance evaluations. | We will only collect this type of User Data to the extent you specifically provide it to us. |
| Collated User Data and inferred or interpolated User Data | User preference and habit profile data | We may collect this type of User Data pursuant to Section 3.3 below. |
Credit Underwriting Data
Credit scores and credit reports
Debt-to-income ratios
Income documentation
Bank statements
Employment verification
OFAC checks
Fraud risk scoring
Identity verification (KYC)
Vehicle-Specific Data
VIN
Telematics data (if vehicles include connected services)
GPS location during test drives (if tracked)
Insurance binder information
DMV registration data
Payment & Servicing Data
ACH authorization
Auto-debit enrollment
Payment history
Repossession activity (if applicable)
We may collect User Data from the sources set forth below. This is not an exhaustive list, however we endeavor to make it clear when we collect Personal Information.
Registration information which you provide when registering for our services or products, offered through the Resources or a third party’s services or products. For example, you will be required to submit Personal Information such as your name, address, email, and date of birth to verify your identity prior to establishing your account.
Billing information which is required to process the payment for the products or services you order from us.
Credit information which is required to apply for certain products or services provided by us.
Other information we collect, such as the city of your birth and your mother’s maiden name, which is used to verify your identity in the event you forget your login information required for our online products or services.
Information you provide to us in response to our communications. For example, we may request that you provide your e-mail address so that we may send you notifications, alerts, special offers and newsletters.
Information that you provide to us through customer service communications and correspondence and general feedback.
Geolocation information.
Information about your device, including your hardware model, operating system and version, device name, unique device identifier, mobile network information, and information about the device’s interaction with the Resources.
Information about how you use the Resources, including your access time, “log-in” and “log-out” information, browser type and language, country and language setting on your device, Internet Protocol (“IP”) address, the domain name of your Internet service provider, other attributes about your browser, mobile device and operating system, any specific page you visit on our platform, content you view, features you use, the date and time of your visit to or use of the Resources, your search terms, the Resources you visited before you visited or used the Resources, data about how you interact with the Resources, and other clickstream data.
Information from sources other than the Resources, as may be legally permissible.
As authorized by you, in connection with your order of certain products or services through the Resources which require such User Data. For example, we may collect the following with your authorization: information from credit bureaus, financial institutions, background check reports from public records of criminal convictions, arrest records, and educational records.
We may obtain information about you from third parties in connection with any credit investigation, credit eligibility, identity or account verification process, fraud detection process, or collection procedure, or as may otherwise be required by applicable law. This includes, without limitation, the receipt and exchange of account or credit-related information with any credit reporting agency or credit bureau, where lawful, and any person or corporation with whom you have had, currently have, or may have a financial relationship, including without limitation past, present, and future places of employment, financial institutions, and personal reporting agencies.
Cookies and Other Tracking Technologies. A cookie is a piece of data stored on the hard drive of your computing device that contains information about you and that is used for record keeping purposes. Cookies enable us to track and target your interests to enhance your experience on the Resources. We may also use pixels, software development kits (“SDKs”), log files, chatbots (including automated or AI-assisted tools), and similar technologies (collectively, “Tracking Technologies”) in connection with the Resources. We may set and access cookies and other Tracking Technologies on your computing device to provide you with customized content and to assist in providing the products and services that you have requested. We also work with companies who provide services to maintain the Resources and enable those service providers the right to use cookies and other Tracking Technologies in our Resources. Most cookies automatically delete themselves from your hard drive after each session. Like many other operators of websites and mobile applications, we may automatically track information based upon your behavior on the Resources, including combining information that we obtain through the use of cookies or other Tracking Technologies with Personal Information, or other aggregate or anonymous data, including a unique identification we may assign you. Depending on how such information is used, certain Tracking Technologies may involve the “sharing” of Personal Information for purposes such as analytics or advertising, including what may be considered “cross-context behavioral advertising” under laws applicable to you. The information may include browser type, internet service provider, referring/exit pages, platform type, date/time stamp, IP address, device or online identifiers, number of clicks, information submitted through or generated by interactions with chatbots or automated tools, all used to analyze trends, administer the Resources, track your movement on an individual or aggregated basis, and gather broad demographic information for aggregate use. Most web browsers and mobile device browsers are initially set up to accept cookies; however, you can reset your browser to reject all cookies or otherwise limit Tracking Technologies. If you reject the cookie, you may still use the Resources, although your access to and use of some areas of the Resources may be limited. In addition, if you refuse to accept cookies you agree to assume all responsibility for any resulting loss of functionality. Some of the cookies used in the Resources are set by us, and others are set by third parties who deliver services on our behalf. Such third parties may collect information subject to their own privacy policies and applicable law. We may use cookies and other Tracking Technologies to:
Remember that you have visited us or used the Resources before, including through prior interactions with chatbots or automated tools, to help us estimate usage and capacity needs.
Customize elements of the layout and/or content of the Resources, including, without limitation, advertisements and promotions.
Collect data about the way you interact with the Resources (e.g., when you use certain features), including interaction data related to automated or AI-assisted tools.
Collect data to assess and improve our advertising and communications, which, depending on context, may involve sharing information with service providers or partners.
Allow service providers and business partners to use Tracking Technologies to support analytics, attribution, security, or advertising-related functions in accordance with applicable law.
Enable limited collection of interaction data across websites or services where permitted and subject to user rights under applicable privacy laws.
Collect aggregated or de-identified statistical information regarding usage, session duration, and general location to improve the Resources and understand user preferences.
Third-Party Advertising And Analytics. We may use third-party service providers to provide site metrics and other analytics services and, from time to time, advertising, chatbot, artificial intelligence, or similar technology services. These third parties may use cookies, web beacons, pixels, SDKs, or other Tracking Technologies to collect information such as IP address, device or online identifiers, browser type, webpages viewed, time spent on webpages, links clicked, and interactions with automated or chatbot-based tools. This information may be used by us and by such service providers on our behalf to analyze and track usage of the Resources, determine the popularity of certain content, and improve functionality and performance. Certain uses of this information may be considered “sharing” under laws applicable to you, depending on the context and purpose of processing. The third-party service providers that we engage will be subject to confidentiality obligations and other appropriate restrictions as required by applicable law. Notwithstanding the foregoing, this Privacy Policy does not apply to third-party cookies, pixels, or other Tracking Technologies that are governed by the privacy policies of the applicable third parties. For more information, we encourage you to review the privacy policies of these third parties. Additional information regarding interest-based advertising may be available at http://www.aboutads.info/choices
Web Beacons. Aspects and pages within the Resources also may contain “web beacons” (also known as Internet tags, pixel tags, clear GIFs) or similar pixel-based technologies. A web beacon is an electronic image, often a single pixel (1x1), that is ordinarily not visible to Resources visitors and may be associated with cookies on the visitors’ hard drives. Web beacons do not contain Personal Information in isolation, and allow us to count users who have visited certain pages of the Resources, deliver services, and measure the effectiveness of communications or campaigns. Web beacons may allow third parties to collect information such as IP address, time of access, browser type, and cookie data. Depending on usage, such collection may be considered “sharing” under law applicable to you. We use log files to store information collected through these technologies.
Location Information. In order to provide certain services, we may require access to location information, including precise geolocation information collected from your browser or device. Precise geolocation information may be classified as Personal Information, or otherwise personally identifiable information, under laws applicable to you. If you do not consent to the collection of location information, certain services may not function properly. You may stop the collection of location information at any time by changing your browser or device settings or by exercising your rights under applicable privacy laws.
Automated Tools. We may use automated systems, including chatbots or AI-assisted tools, to support customer interactions, provide information, or improve the Resources. These tools may process information you choose to provide and generate responses based on predefined rules or models. We do not use automated decision making technology to make decisions that produce legal or similarly significant effects concerning consumers. Any use of automated tools is intended to support, not replace, human-driven processes.
Global Privacy Control. Where required by law, we honor opt-out preference signals, including Global Privacy Control (“GPC”) signals, through supported browsers or device settings. Additional information regarding the exercise of these rights is provided elsewhere in this Privacy Policy.
STORAGE AND PROCESSING. We may, and we may use third-party service providers to, process and store your information. The third-party service providers that we engage will at all times be bound by confidentiality obligations and other appropriate restrictions with respect to their use and collection of your information.
USE OF INFORMATION
We may use information about you for a number of purposes, including:
Making available for use, improving, and developing the Resources
Determining whether the Resources, our products, and/or our services, as applicable, are available in your region or country.
Processing or recording transactions.
Offering products or services to you.
Displaying your historical transaction information or Resource use.
Communicating with you regarding the Resources, including, delivering the information and support you request, including technical notices, security alerts, and support and administrative messages including to resolve disputes, collect fees, and provide assistance for problems with the Resources or your user account.
Measuring, tracking, and analyzing trends and usage in connection with your use or the performance of the Resources.
Sending you information we think you may find useful or which you have requested from us about our products and services.
Investigating, detecting, preventing, or reporting fraud, misrepresentations, security breaches or incidents, other potentially prohibited or illegal activities, or to otherwise help protect your account, including to dispute chargebacks on your behalf.
Enforcing our Terms of Service or other applicable agreements or policies.
Verifying your identity (e.g., through government-issued identification numbers).
Complying with any applicable laws or regulations, or in response to lawful requests for information from the government or through legal process; or
Communicating with DMV, lenders, auction houses, warranty administrators, GAP providers, service contract providers, insurance carriers, payment processors, or fulfilling any other purpose disclosed to you.
We do not sell Personal Information. However, we may share certain identifiers and internet activity information with third-party advertising partners for purposes of cross-context behavioral advertising, as defined under California law. You have the right to opt out of such sharing by clicking the “Do Not Sell or Share My Personal Information” link in our website footer or by enabling Global Privacy Control signals in your browser. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
We sometimes disclose the User Data we collect to our affiliated companies for marketing purposes and to enhance our products or services to better suit your needs. When identifying methods of improving our products or services, or if we think a product or service may be of interest to you, we may extend select special offers of goods or services to you. If you would like to opt-out of receiving these offers, please refer to Offering You Choices section below. This does not include SMS consent data, which will not be shared with affiliates for marketing or promotional purposes
We sometimes disclose the User Data we collect to companies that operate various services or third-party interfaces integrated into or made available through the Resources.
When you provide Personal Information to one of the Resources’ e-commerce providers, vendors or advertisers, this transaction will occur in connection with the site of the e-commerce provider, vendor or advertiser, not on the Resources, and, as such, the Personal Information you provide is collected pursuant to and controlled by the privacy policy of such e-commerce provider, vendor or advertiser. Company is not responsible for such parties’ privacy policies and we encourage you to familiarize yourself with the applicable privacy policy of the e-commerce site with which you transact business or to contact the operator of such site for more information.
We may disclose your Personal Information in special cases when we have reason to believe that disclosing this information is necessary: (a) to identify, contact or bring legal action against someone who may be causing injury to or interfering (either intentionally or unintentionally) with: (i) our legal rights or property, (ii) another visitor or anyone else that could be harmed by such activities; or (b) by operation of law or at the request for cooperation from law enforcement or another governmental agency.
In the event we go through a business transition, such as a merger, acquisition by another company, reorganization, a divestiture, a sale of all or a portion of our assets, or in the unlikely event of bankruptcy, your Personal Information and any information you provide to us will likely be among the assets transferred, and you hereby consent to such transfer.
We will use Personal Information relating to payment information for the purposes for which you have authorized, such as automatic ACH withdrawals or automatic credit card charges.
We collect and use Sensitive Personal Information only as reasonably necessary to:
Verify identity.
Evaluate credit applications.
Process lease and finance transactions.
Prevent fraud.
Comply with legal obligations.
Carry out other necessary or proper acts in connection wit processing of transactions with you.
We do not use Sensitive Personal Information for purposes beyond those reasonably necessary to provide requested products or services, unless permitted by law.
Please note that when you disclose Personal Information through a forum, message board, blog, or other publicly visible features on the Resources, the information may become public and accessible to all or a part of the Resources’ userbase, so it is important for you to exercise discretion and appropriate caution when deciding to reveal Personal Information in these areas. In addition, when you choose to make a posting on such services, even if you do not directly disclose Personal Information, certain Personal Information associated with your user account, such as your alias (to the extent that it is Personal Information under applicable law), may be available for other users to view. We urge you to exercise discretion and caution when deciding to disclose your Personal Information , or any other information, on the Resources. WE ARE NOT RESPONSIBLE FOR THE USE OF ANY PERSONAL INFORMATION YOU VOLUNTARILY DISCLOSE THROUGH THE RESOURCES VIA THESE FORUMS AND OTHER INTERACTIVE FEATURES.
SMS TEXTING
By opting into SMS communications through a web form or any other medium, you expressly consent to receive text messages from us at the phone number you provide, including conversational, transactional, and service-related messages relevant to your interaction with us; providing consent is not a condition of any purchase. We do not share the status of your consent to SMS communications with any third parties, and we do not share the content of any SMS communications with any third parties other than vendors strictly necessary to carry out SMS communications. We collect and use your phone number and SMS consent information solely for the purpose of sending these communications and as otherwise described in this Privacy Policy.
Message frequency may vary, and message and data rates may apply depending on your mobile carrier. You may opt out at any time by replying “STOP” to any message, and you may reply “HELP” for assistance or contact us through our support channels. See “Your Rights and Choices” below.
California residents have the right to request access to, correction of, or deletion of their personal information, as well as to limit the use and disclosure of sensitive personal information, subject to applicable legal exceptions; to exercise these rights, please contact us using the methods provided in this Privacy Policy.
YOUR RIGHTS AND CHOICES
We give you many choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt-out from:
Receiving marketing-related emails from us and our affiliates: If you do not want to receive marketing-related emails from us and our affiliates on a going-forward basis, you may opt-out from receiving such emails either by using the unsubscribe mechanism provided in the email or by contacting us at:info@FerrariBeverlyHills.com
We do not share, sell, or disclose SMS consent, or text messaging opt-in data with third parties or affiliates for their marketing or promotional purposes. This does not apply to service providers that support our SMS communications, such as messaging platforms, aggregators, and carriers, solely as necessary to deliver text messages on our behalf. You may opt-out from receiving such messages by texting back “STOP” or by contacting us at:info@FerrariBeverlyHills.com
Our sharing of your Personal Information with unaffiliated third parties for their marketing purposes: If you prefer that we not share your Personal Information on a going-forward basis with unaffiliated third parties for their marketing purposes, you may opt-out from such sharing by contacting us at:info@FerrariBeverlyHills.com
In each case, please make clear in your email what you are opting-out from. We will try to comply with your request(s) as soon as reasonably practicable.
Please note that, if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with which we have already shared your Personal Information as of the date that we implement your opt-out request. Please note that you may still receive information from third parties to whom we have disclosed your information prior to the time you opted-out. You should contact each party in the event that you no longer want to receive information from such party. Please also note that, if you do opt-out from receiving marketing-related messages from us, we may still send administrative messages to you; you cannot opt-out from receiving administrative messages.
You have the right to request access to the information we have on you. You can do this by contacting us at info@FerrariBeverlyHills.com. We will make sure to provide you with a copy of the data we process about you. In order to comply with your request, we may ask you to verify your identity. We will fulfil your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee.
If you believe that the information we have about you is incorrect, you are welcome to contact us so we can update it and keep your data accurate. .
If you wish to deactivate or cancel your account, you can do so by making a request to us by email or phone, using the contact details provided below.
If you would like to review, correct, update, suppress, delete or otherwise limit our use of your Personal Information or Sensitive Personal Information that you have previously provided to us or content you have previously posted on the Resources, you may contact us by emailing us at info@FerrariBeverlyHills.com. In your request, please make clear what Personal Information or Sensitive Personal Information you would like to have changed or removed and what limitations (if any) you would like to place on our use of your Personal Information or Sensitive Personal Information. We will try to comply with your request as soon as reasonably practicable. Please note that such request does not ensure the complete or comprehensive removal of Personal Information or Sensitive Personal Information. For example, we may need to retain certain information or content for recordkeeping purposes, and there may also be residual information or content that will remain within our databases and other records that will not be removed. We are also not responsible for changing, removing or suppressing information or content from the databases of third parties with which we have already shared your Personal Information or Sensitive Personal Information.
If we solicit an application from you for credit, and reject such application, we will provide an adverse action notice as required by law, including, the Equal Credit Opportunity Act and Fair Credit Reporting Act.
LINKS
We are deeply committed to your right to privacy. However, please note that this Privacy Policy only applies to the Resources and not to any External Systems that you may access from the Resources, each of which may have privacy policies that are materially different from this Privacy Policy. We encourage you to be aware when you leave the Resources and to read the privacy policies of each and every other website, mobile application, or other resource, as we are not responsible or liable for the commitments and obligations made to you in any privacy policy or the Terms of Service of any such Resources.
SECURITY
We know it is very important to protect the information you share with us. We take appropriate security measures to help safeguard this information from unauthorized access and disclosure. For example, we restrict access to nonpublic Personal Information about you to our employees who need to have access to such information in order to provide products or services to you, as well as to authorized third parties (as stated above). We maintain physical, electronic, and procedural safeguards designed to protect your Personal Information. We protect your Personal Information over the internet by using a secure web server, which allows web applications and programs to interact with our web server via an encrypted session. If you access the Resources via a traditional web browser, you will know you are in secured area by “https” or a lock appearing in the lower right hand corner of your browser window. When you use the Resources, you may move in and out of secured areas.
You should feel confident using our Resources, however, you should always take great care in handling and disclosing your Personal Information. For example, avoid sending Personal Information through non-secure email.
Please refer to the Federal Trade Commission’s Resources at http://www.ftc.gov/bcp/menus/consumer/data.shtm for information about how to protect yourself against identity theft. We assume no liability or responsibility to you or to any third party arising out of any loss, misuse, destruction, or alteration of your information.
PERSONS UNDER THE AGE OF 13 AND ABILITY TO CONSENT
In order to use the Resources and/or its products and/or services, you must be at least 13 years of age. The Resources is not directed to or intended for use by persons under the age of 13 and we are not knowingly soliciting Personal Information from such persons or sending them requests for non-public Personal Information. If we become aware that we have inadvertently received Personal Information directly from someone under the age of 13, we will delete such information from our records. If you are under the age of 13, you must not use our products or services, including sending us any Personal Information.
Further, if you are under the age of 18, or the age of consent in the applicable jurisdiction, you must have the consent of your parent or guardian in order to consent to this Privacy Policy, our Terms of Service, and use the Resources (and the service delivered thereby).
HOW LONG WE RETAIN YOUR INFORMATION
We generally retain your information as long as reasonably necessary to provide you access to the Resources and services delivered thereby, or to comply with applicable law. We also retain credit application data for at least the period required by applicable lending and consumer protection laws. However, even after you deactivate your account, we may retain copies of information about you and any transactions or services in which you may have participated for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with the Resources, to assist with investigations, to enforce our Terms of Service or other applicable agreements or policies, or to take any other actions consistent with applicable law.
NOTIFICATION OF CHANGES
We reserve the right to modify, add, alter or otherwise update this Privacy Policy from time to time, so you are encouraged to review this Privacy Policy from time to time. However, please note that each time you use the Resources, the current version of this Privacy Policy will apply.
If we decide to change our Privacy Policy, we will date and post those changes on the Resources so that you are always aware of what information we collect, how such information is used and under what circumstances, if any, such information is disclosed. Any and all changes to our Privacy Policy will also be reflected on this page. You can determine whether the Privacy Policy has been revised since your previous visit to the Resources by referring to the “Last Updated” legend at the top of this page. Please read this Privacy Policy carefully. Your use of this Resources constitutes your acceptance to be bound by this Privacy Policy without limitation, qualification or change. If at any time you do not accept all the Terms of Service contained herein, you must immediately discontinue use of this Resources. If at any point we decide to use Personal Information in a manner different from that stated at the time it was collected, we will notify you by way of email and you will then have a choice whether or not we can use such information in this different manner.
WHEN THIS PRIVACY POLICY APPLIES
This Privacy Policy is applicable to the Resources offered by Company directly via our Resources. Our Resources may contain links to External Systems. Once redirected to another Resources, this Policy is no longer applicable.
CONTACT US
If you wish to exercise any right afforded to you herein or under applicable law, or if you have any additional questions about our collection and storage of data, please contact us at: info@FerrariBeverlyHills.com
If you have any questions or concerns regarding our notice, or if you believe our notice or applicable laws relating to the protection of your Personal Information have not been respected, you may file a complaint with our office listed above, and we will respond to let you know who will be handling your matter and when you can expect a further response. We may request additional details from you regarding your concerns and may need to engage or consult with other parties in order to investigate and address your issue. We may keep records of your request and any resolution.
GDPR RIDER
| Reason | Requirements |
| Contractual necessity |
|
| Consent |
|
| Legitimate interests |
|
“Data controller” and “data processor” are important concepts in understanding a company’s responsibilities under the GDPR. Depending on the scenario, a company may be a data controller, data processor or both, and will have specific responsibilities as a result: A company is a data controller when it has the responsibility of deciding why and how (the “purposes” and “means”) the Personal Information is processed.
Under the GDPR, data controllers must adopt compliance measures to cover how data is collected, what it’s used for and how long it’s retained. They will also need to make sure people can access the data about them. Data controllers must ensure data processors meet their contractual commitments to process data safely and legally. This Privacy Policy sets forth and discussed all matters in relation to our activities, if any, as a data controller.
A company is a data processor when it processes Personal Information on behalf of a data controller. Under the GDPR, data processors have obligations to process data safely and legally. This Privacy Policy sets forth and discussed all matters in relation to our activities, if any, as a data processor.
Any transfer of Personal Information outside of the EEA (European Economic Area) must meet certain legal requirements. To the extent we are in receipt of Personal Information being transferred from inside the EEA to any region outside the EEA, we will at all times comply with applicable restrictions.
To the extent that we operate as a data controller and/or processor, our workplace will at all times be cognizant of applicable restrictions, and comply therewith.
CPRA RIDER
| Access to Specific Information and Data Portability Rights | You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verified request in compliance with the CPRA, we will provide a report to you which sets forth the following with respect to you: (i) categories of Personal Information collected (ii) sources for such collection, (iii) our business or other commercial purpose for selling any such Personal Information, (iv) categories other third parties with which we have shared your Personal Information, (v) the specific scope of any information shared to those third parties, and (vi) if we have sold or transferred your Personal Information, separate lists which set forth (1) each sale, with the categories transferred to each purchaser, and (2) each business-related transaction, with the categories used in connection therewith. |
| Deletion Request Rights | You have the right to request that we delete any of your Personal Information in our possession and collected from the Resources, subject to certain limitations or exceptions. Once we receive and confirm your verified request in compliance with the CPRA, we will delete your Personal Information from our records, unless a limitation or exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: (i) complete a transaction for which we collected such Personal Information, provide a good or service that you requested and do not wish to terminate or rescind, or otherwise carry out any obligations which are or may become necessary to consummate any obligations to you or requests by you, (ii) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, (iii) maintain, repair, or improve the Resources, including the correction of errors that impair existing intended functionality, (iv) exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law, (v) comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.), (vi) engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent, (vii) facilitate any lawful internal use or review in connection with our internal processes, or (viii) comply with any law, regulation, order of governmental authority, or other legal process. |
Exercising Access, Data Portability, and Deletion Rights
| To exercise the access, data portability, and deletion rights described above, please submit a verified request in compliance with the CPRA. You may make such a request on your own behalf, on your minor child’s behalf, or on behalf of any entity for which you are a duly appointed representative listed on the California Secretary of State’s website. You may only make such a request for access or data portability twice within a 12-month period with respect to any specific user. Please provide us sufficient information to verify user with respect to whom the request relates, and that you have authority on behalf of such user. Always describe your request with sufficient detail to enable our understanding, response, and implementation. |
| Response Timing and Format | We make commercially reasonable efforts to respond to a verified request in compliance with the CPRA within forty-five (45) days of receipt of each request. We will inform you as soon as practicable if we believe we require more to evaluate or undertake your requested actions. We will deliver our written response by mail or electronically, at your option, at the contact information you provide with your request. Any disclosures we provide will only cover the 12-month period preceding our receipt of the verified request in compliance with the CPRA. If we are unable to comply in part or in full, we will provide our reason with the reply to a request. With respect to any data portability request, we will select data formats in our reasonable discretion. We reserve the right to charge a reasonable fee to you for our cost and administrative expense in connection with any request under the CPRA, if your exercise of right is excessive, repetitive, patently unreasonable or without basis, or is otherwise intended to harass, pester, or hinder us or our Resources. We will notify you of any fees with our response to a request under the CPRA. |
| Personal Information Sales Opt-Out and Opt-In Rights | If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”). We do not sell the Personal Information of consumers whom we actually know are younger than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer or parent or guardian of a consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time. To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by email at the address below. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. However, you may change your mind and opt back in to Personal Information sales at any time by visiting our website and sending us a message. We will only use Personal Information provided in an opt-out request to review and comply with the request. |
Non-Discrimination
| In making the Resources available, we will not discriminate against you for exercising any of your rights under the CPRA. Subject to exclusions under the CPRA, we will not as a result of your exercise of rights under the CPRA (i) deny you goods or services generally available through the Resources, (ii) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, (iii) provide you a lesser level or quality of goods or services, or (iv) imply or suggest that you may receive a different price or rate for goods or services, or a different level or quality of goods or services. Notwithstanding the foregoing, we may offer you certain financial incentives permitted by the CPRA which proximally or actually result in different prices, rates, or quality levels. Any such financial incentive will reasonably relate to the value of the Personal Information to which it relates, provide a disclosure of material terms, and provide an opt-in, which may be revoked at any time. |
PRIVACY NOTICE FOR U.S. CUSTOMERS
(GRAMM-LEACH BLILEY ACT)
LAST UPDATED: February 25, 2026
| FACTS | WHAT DOES ROSSO MAG, INC. DO WITH YOUR PERSONAL INFORMATION? |
| Who? | This policy explains how Rosso MAG, Inc. collects, uses, and discloses personal information relating to customers or potential customers in financial products and/or services made available by or through Rosso MAG, Inc.. |
| Why? | Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do. |
| What? | The types of personal information we collect and share depend on the product or service you have with us. This information can include: ■ Email, phone number, address and other personal identifiers ■ Social Security number, place and date of birth, and passport information ■ Tax information, bank account details, source of funds, and details related to your investment activities |
| How? | All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Rosso MAG, Inc. chooses to share; and whether you can limit this sharing. |
| Reasons we can share your personal information | Does Rosso MAG, Inc. share? | Can you limit this sharing? |
| For our everyday business purposes— such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
| For our marketing purposes— to offer our products and services to you | Yes | Yes |
| For joint marketing with other financial companies | Yes | Yes |
| For our affiliates’ everyday business purposes— information about your transactions and experiences | Yes | No |
| For our affiliates’ everyday business purposes— information about your creditworthiness | Yes | Yes |
| For our affiliates to market to you | Yes | Yes |
| For nonaffiliates to market to you | With your consent | Yes |
| To limit our sharing | ■ (Call); Please note: If you are a new customer, we can begin sharing your information 30 days from the date we sent this notice. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to request that we limit our sharing. |
| Questions? |
| Mail-in Form | |||
| Mark any/all you want to limit: □ Do not use my personal information to market to me. □ Do not share my personal information with other financial institutions to jointly market to me. □ Do not allow your affiliates to use my personal information to market to me. □ I revoke my consent to your sharing of my personal information with nonaffiliates to market to me. | |||
| Name | Mail to: | ||
| Address | |||
| City, State, Zip | |||
| [Account #] | |||
| Who we are | |
| Who is providing this notice? | Rosso MAG, Inc., a Delaware limited liability company, and its wholly owned subsidiaries (collectively, “Rosso MAG, Inc.”). |
| What we do | |
| How does Rosso MAG, Inc. protect my personal information? | To protect your personal information from unauthorized access, we use security controls that comply with applicable law. These controls include commercially reasonable technical and organizational safeguards designed to protect customer information. |
| How does Rosso MAG, Inc. collect my personal information? | We collect your personal information when you engage or use our Site or Services, for example, when you: We also collect your personal information from other companies, such as affiliates, data aggregators and other financial institutions. Pursuant to applicable United States federal law, you have the right to limit the sharing of personal information in the following circumstances: when information about your creditworthiness is being shared with affiliates for their everyday business purposes, and when your personal information is being shared with affiliates and non-affiliates for their own marketing purposes. Please note that we do not share information about your creditworthiness with our affiliates for their everyday business purposes. We share your personal information with non-affiliates for their own marketing purposes only with your consent, which you may revoke at any time. Other laws may furnish you additional rights to limit sharing of your personal information. See below for more information on your rights under certain state laws. |
| Why can’t I limit all sharing? | Federal law gives you the right to limit only State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law. |
| What happens when I limit sharing for an account I hold jointly with someone else? | Your choices will apply to everyone on your account, unless you tell us otherwise. |
| Definitions | |
| Affiliates | Companies related by common ownership or control. Our affiliates include companies with the Rosso MAG, Inc. name, and other branding, such as wholly owned subsidiaries. |
| Nonaffiliates | Companies not related by common ownership or control. They can be financial and nonfinancial companies. |
| Joint marketing | A formal agreement between nonaffiliated financial companies that together market financial products or services to you. Our joint marketing partners include financial institutions or other institutions that partner with us to provide the Rosso MAG, Inc. platform to their customers. |
| Services | The online services that are available via our Site or are otherwise provided by Rosso MAG, Inc. without use of our Site to select customers and their authorized users who have registered to receive such services and agreed to certain contractual terms with Rosso MAG, Inc.. |
| Site | Any website, application, or online platform owned, licensed, or operated by Rosso MAG, Inc., including _________________. |
| Other important information | |
Do-Not-Call Policy: Rosso MAG, Inc. seeks to comply with all federal and state regulations on telephone usage, including the maintenance of an internal do-not-call (DNC) list. Consumers who ask to be included on Rosso MAG, Inc.’s internal DNC list will be removed from future telephone marketing campaigns. This opt-out will remain in effect unless and until the consumer opts back in to receive such communications.
Other Information: If, at any time, you provide Rosso MAG, Inc. with contact numbers that are wireless telephone numbers, including, but not limited to, cell or VoIP numbers, you are consenting to Rosso MAG, Inc. using an automated dialing system to call or text you, or sending prerecorded messages to you, in order to service, and collect on, any Rosso MAG, Inc. personal or business accounts for which you are an authorized signer, guarantor or designated contact person, but you are not consenting to Rosso MAG, Inc. marketing to you. By providing your email address, you consent to receive service-related notices and disclosures via electronic mail from Rosso MAG, Inc.. | |