By driving a Connected Car, you will collect interesting data about yourself and the vehicle you drive. If you wish to do so, you can easily share your data with third parties via the swipe-on and swipe-off system, in order to take advantage of services.

The data from the Connected Car and the personal data you provide us with, will be securely stored on our platform. That is where we protect it for you. We feel that your privacy is extremely important and therefore we will always handle your data with the utmost care and security. Of course, we make sure that we satisfy the requirements set by the privacy legislation.

This document describes our privacy policy. It explains how we handle your personal data.

 

In advance: good to know!

  • You can easily manage your data. With the easy-to-use swipe-on and swipe-off system, you will be able to conveniently share your data with the parties. Have you changed your mind? You can stop sharing your data with the same ease, at any time you wish.
  • Via apps and the Drivers portal, you can view the personal information you provided us with by yourself. We do offer you the platform and the possibility to share this data, so that you can make optimal use of it. If you nevertheless wish to view, correct or delete your personal data via us, or if you want a copy of your personal data, please feel free to contact us by sending an e-mail to privacy@crossyn.com. For your own safety, we may ask you to identify yourself. Please note that the data deleted by us cannot be restored!
  • If you do not want to use our services any longer, you can always delete your account via the Drivers portal or via the Crossyn app. Your personal data will then be automatically deleted and cannot be restored!

1. Which personal data do we process for you and why?

1.1 Account details and data you provide us with

  1. In order to be able to use our services, we’ll need some information from you. To be able to create an account for you and to safely connect your account to your vehicle and the devices if installed in it, we process the following data:
    • Name*
    • Date of birth
    • Gender
    • Language
    • Country
    • Mail address (username)*
    • Phone number (mobile)*
    • Password*
    • Vehicle Identification Number (VIN)
    • IMEI number of the ‘Redstone’ device (if installed in your vehicle)
    • MAC address of the ‘Observer’ device (if installed in your vehicle)
    • Driver-ID*
    • Vehicle-ID*
    • Device-ID
    • Static vehicle information (such as the make, model, type, year of manufacture, euro classification and fuel type of the vehicle).

The processing of these personal data is necessary to be able to provide you with our services. We always need the data marked with an asterisk (*) in order to provide our services. Data not marked with an asterisk is required in some cases, for example if the party from whom you purchase a service needs it in order to provide that service to you.

  1. If you contact us (for example, by filling in the contact form on our website), we will process the data you provided us with, in order to be able to provide you with the fastest and most reliable service.
  2. The data mentioned above will be held only for the time needed to provide you with our services and to be able to respond quickly to questions that may arise after the service has been provided.

1.2 Data from the connected car

  1. In order for you to be able to share your data with other parties at any time and to take full advantage of the services they have to offer, we also process the data being generated by the Connected Car. For example, depending on the Connected Car, we may collect the following data via the devices:
    • Location data of your vehicle;
    • Data concerning the use of the vehicle (such as the speed in km/h, acceleration and deceleration (calculated by us on the basis of time and speed), the throttle position, g-forces, the status of the brake pedal (applied, released), the status of the parking brake (applied, released), the engine speed (RPMs) and the gear position, provided that your vehicle has the required sensors. To put these data in context, we can combine them with information about the outside temperature, weather conditions, the type of the road surface and the maximum speed, obtained from external data sources. In addition, based on the speed driven, the maximum permitted speed, acceleration and deceleration, we can calculate driving behaviour and CO2 scores);
    • (Technical) vehicle data (such as the battery voltage, state of charge, fuel level, engine coolant temperature, error codes (DTCs), distance driven since the last error codes (DTCs) have been removed and the distance driven with a malfunction lamp on, provided that your vehicle has the required sensors).

The data originating from the Connected Car will be processed by us so that you can easily share it with the provider of a service. The data will be encrypted and linked to a pseudo-id. Hence, your data will be well secured and pseudonymised at all times.

  1. The data mentioned above will be held only for the time needed to provide you with our services or the services you chose and to be able to respond quickly to questions that may arise after the service has been provided.

1.3 Use of the data for other purposes

  1. The data mentioned under 1.1 and 1.2 may also be used by us to improve and further develop our services. Only a select group of employees will have access to this data, in pseudonymised form, and can analyse it to compare it with other data, to discover certain trends, to gain new insights, and to solve problems and prevent future problems. Access to the data will be logged and we have established an internal access policy that the employees we designate must adhere to. If you do not want us to use your personal data to improve and further develop our services, you can always inform us at privacy@crossyn.com.

We also use the data mentioned above to perform administrative and service-related tasks (for example, to solve problems together with you), and to make backups. This is necessary for the proper performance of our services. We also use the data to comply with legal obligations.

  1. In addition, we can use pseudonymised and aggregated data (like the average travelling time for all drivers with a Connected Car) for analysis purposes.

2. Sharing personal data

  1. We process your data so that you can share it at any time with third parties. We will not share your personal data with others on our own initiative. We only do this if you have chosen to share your details with a provider of a particular service. You can easily make that choice yourself using the swipe-on and swipe-off system on the Drivers portal or app. In case you choose to share your data, only the data needed for that specific service, as indicated on the Drivers portal or app, will be shared with the service Provider chosen by you. Hence, you are always fully in control of your data! And have you changed your mind? You can stop sharing your data with the same ease, at any time you wish. Please note, however, that the data you have shared during a certain period of time can also be accessed later by the service provider in question!
  2. We require the service providers to handle your data with utmost care and security. However, after the data has been sent to a certain service provider we have no power over how the service provider handles your data. Please, take the time to fully and carefully read the service provider’s privacy policy.
  3. In addition to what is described in subparagraph a) above, your data will also be shared if:
    • an affiliate or an external contractor processes the data on our behalf, in which case the protection of the data and the compliance with the privacy legislation and this privacy statement will be ensured through an underlying data processing agreement;
    • we (in an exceptional case) are, in our reasonable opinion, obliged to transfer the data on the grounds of a legal obligation, judicial order or at the demand of a competent authority. In such a case, we will never transfer more data than is strictly necessary. If possible and legally permitted we will inform you of such an obligation;
    • a purchase, merger, reorganisation, dissolution or a similar event takes place, where the data are part of the transmittable data. In such a case, we will timely inform you and grant you the opportunity to adjust your privacy preferences.

3. Security

  1. The data originating from the Connected Car will be collected and processed with processes that are suitable to guarantee the security and confidentiality of the data.
  2. The data originating from the Connected Car, your account details, and the personal data that you provide us with, will be stored on our platform. We take the protection of your data very seriously. Therefore, we have appropriate technical and organisational measures in place to protect our platform and your data against, for example, accidental loss or abuse. We not only adhere to the privacy legislation, but also to the standards of ISO 27001. Your data will be linked to a pseudo-id and encrypted with high-end encryption software. Furthermore, the data originating from your Connected Car will not be transmitted through the internet, but through a secured private network. From time to time, we will assess the adopted measures and adjust them to the state of the technique.

4. Other provisions

  1. This privacy statement does not apply to websites or services from third parties, which are related to our services through links on our websites. We require the service providers to handle your data with utmost care and security, but we cannot guarantee that they do so. Therefore, we recommend to take the time to fully and carefully read the relevant service provider’s privacy statement before you use their websites or services.
  2. We ensure that your data will not be stored in, nor transmitted to countries outside of the European Union.
  3. If you believe that we process your personal data in a way that is in violation of the privacy legislation, you have the right to submit a complaint to a regulatory authority.
  4. We may amend this privacy statement from time to time, for example to keep it up to date or to comply with legal requirements. The latest version of the privacy statement can always be found on our website. If we make any substantial changes to our privacy statement, we will inform you beforehand.

Contact details Crossyn

Crossyn B.V.

E: privacy@crossyn.com

T: +31 85 015 0041