Privacy Policy

By driving a Connected Car, you will collect interesting data about yourself and the vehicle you drive. If you wish to do so, you can easily share your data with third parties via the Drivers Portal, in order to take advantage of the most innovative Services at this very moment. The data from the devices in your Connected Car and the personal data you provide us with, will be securely stored on our platform. That is where we protect it for you. We feel that your privacy is extremely important and therefore we will always handle your data with the utmost care and security. Of course, we make sure that we satisfy the requirements set by the privacy legislation. This document describes our privacy policy. It explains how we handle your personal data.

IN ADVANCE: GOOD TO KNOW!

  • Your data can easily be managed within the Drivers Portal. With the easy-to-use swipe-on and swipe-off system, you will be able to conveniently share your data with the parties that you find interesting. By doing so, you can benefit from discounts and enjoy the most innovative Services, specifically tailored to meet your needs and wishes. Have you changed your mind? You can stop sharing your data with the same ease, at any time you wish.
  • Via the Drivers Portal, you can view the personal information you provided us with by yourself. If you have shared your personal data with a provider of a certain Service, you can view your data in the (mobile) application that the specific provider has developed for that purpose. We do not develop any (mobile) applications ourselves in which the data we collect from your Connected Car will be made visible. We do offer you the platform and the possibility to share this data, so that you can make optimal use of it. If you nevertheless wish to view, correct or delete your personal data via us, or if you want a copy of your personal data, please feel free to contact us by sending an e-mail to privacy@crossyn.com. For your own safety, we may ask you to identify yourself. Please note that the data deleted by us cannot be restored!
  • If you do not want to use our services any longer, you can always delete your account via the Drivers Portal (under ‘My Account’). Your personal data will then be automatically deleted and cannot be restored! Don’t forget to remove the devices from your car!

1. WHICH PERSONAL DATA DO WE PROCESS FOR YOU AND WHY?

1.1 ACCOUNT DETAILS AND DATA YOU PROVIDE US WITH

a. In order to be able to use our services, we’ll need some information from you. To be able to create an account for you and to safely connect your account to your vehicle and the devices installed in it, we process the following data:

  • Name
  • Date of birth
  • Gender
  • Language
  • Country
  • Mail address (username)
  • Phone number (mobile)
  • Password
  • Vehicle Identification Number (VIN)
  • MEI number of the ‘Redstone’ device
  • MAC address of the ‘Observer’ device (if installed in your vehicle)
  • Driver-ID
  • Vehicle-ID
  • Device-ID
  • Static vehicle information (such as the make, model, type and year of manufacture of the vehicle) obtained from an external data source (RDC) based on the VIN. The processing of these personal data is necessary to be able to provide you with our services.

b. If you contact us (for example, by filling in the contact form on our website), we will process the data you provided us with, in order to be able to provide you with the fastest and most reliable service.

c. The data mentioned above will be held only for the time needed to provide you with our services and to be able to respond quickly to questions that may arise after the service has been provided.

1.2 DATA FROM THE DEVICES IN YOUR CONNECTED CAR

a. In order for you to be able to share your data with other parties at any time and to take full advantage of the Services they have to offer, we also process the data being generated by the devices in your Connected Car. For example, depending on your Connected Car, we may collect the following data via the devices:

  • Location data of your vehicle;
  • Data concerning the use of the vehicle (such as the speed in km/h, acceleration and deceleration (calculated by us on the basis of time and speed), the throttle position, g-forces, the status of the brake pedal (applied, released), the status of the parking brake (applied, released), the engine speed (RPMs) and the gear position, provided that your vehicle has the required sensors. To put these data in context, we can combine them with information about the outside temperature, weather conditions, the type of the road surface and the maximum speed, obtained from external data sources. In addition, based on the speed driven, the maximum permitted speed, acceleration and deceleration, we can calculate driving behaviour scores);
  • (Technical) vehicle data (such as the battery voltage, fuel level, engine coolant temperature, error codes (DTCs), distance driven since the last error codes (DTCs) have been removed and the distance driven with a malfunction lamp on, provided that your vehicle has the required sensors). The data originating from your Connected Car will be processed by us so that you can easily share it with the provider of a Service that you find interesting, and to tailor that Service specifically to meet your needs and wishes. As a result, you can always use the Services that perfectly match to your situation. The processing of this personal data is therefore necessary for the proper performance of our services. The data will be encrypted and linked to a pseudo-id. Hence, your data will be well secured and pseudonymised at all times.

b. The data mentioned above will be held only for the time needed to provide you with our services or the Services you chose and to be able to respond quickly to questions that may arise after the service has been provided.

1.3 USE OF THE DATA FOR OTHER PURPOSES

a. The data mentioned under 1.1 and 1.2 may also be used by us to improve and further develop our services. Only a select group of employees will have access to this data, in pseudonymised form, and can analyse it to compare it with other data, to discover certain trends, to gain new insights, and to solve problems and prevent future problems. Access to the data will be logged and we have established an internal access policy that the employees we designate must adhere to. If you do not want us to use your personal data to improve and further develop our services, you can always inform us at privacy@crossyn.com. We also use the data mentioned above to perform administrative and service-related tasks (for example, to solve problems together with you), and to make backups. This is necessary for the proper performance of our services. We also use the data to comply with legal obligations.

b. In addition, we can use pseudonymised and aggregated data (like the average travelling time for all drivers with a Connected Car) for analysis purposes.

2. SHARING PERSONAL DATA

a. We process your data so that you can share it at any time with the third parties you find interesting. We will not share your personal data with others on our own initiative. We only do this if you have chosen to share your details with a provider of a particular Service. You can easily make that choice yourself using the swipe-on and swipe-off system on the Drivers Portal. In case you choose to share your data, only the data needed for that specific Service, as indicated on the Drivers Portal, will be shared with the Service Provider chosen by you. Hence, you are always fully in control of your data! And have you changed your mind? You can stop sharing your data with the same ease, at any time you wish. Please note, however, that the data you have shared during a certain period of time can also be accessed later by the Service Provider in question! b. We require the Service Providers on the Drivers Portal to handle your data with utmost care and security. However, after the data has been sent to a certain Service Provider we have no power over how the Service Provider handles your data. Please, take the time to fully and carefully read the Service Provider’s privacy policy. c. In addition to what is described in subparagraph a) above, your data will also be shared if:

  • an affiliate (such as Crosscience B.V.) or an external contractor processes the data on our behalf, in which case the protection of the data and the compliance with the privacy legislation and this privacy policy will be ensured through an underlying data processing agreement;
  • we (in an exceptional case) are, in our reasonable opinion, obliged to transfer the data on the grounds of a legal obligation, judicial order or at the demand of a competent authority. In such a case, we will never transfer more data than is strictly necessary. If possible and legally permitted we will inform you of such an obligation;
  • a purchase, merger, reorganisation, dissolution or a similar event takes place, where the data are part of the transmittable data. In such a case, we will timely inform you and grant you the opportunity to adjust your privacy preferences.

3. SECURITY

a. The data originating from your Connected Car will be collected and processed with devices and processes that are suitable to guarantee the security and confidentiality of the data. b. The data originating from your Connected Car, your account details, and the personal data that you provide us with, will be stored on our platform. We take the protection of your data very seriously. Therefore, we have appropriate technical and organisational measures in place to protect our platform and your data against, for example, accidental loss or abuse. We not only adhere to the privacy legislation, but also to the standards of ISO 27001. Your data will be linked to a pseudo-id and encrypted with high-end encryption software. Furthermore, the data originating from your Connected Car will not be transmitted through the internet, but through a secured private network. From time to time, we will assess the adopted measures and adjust them to the state of the technique.

4. OTHER PROVISIONS

a. This privacy policy does not apply to websites or services from third parties, which are related to our services through links on our websites. We require the Service Providers on the Drivers Portal to handle your data with utmost care and security, but we cannot guarantee that they do so. Therefore, we recommend to take the time to fully and carefully read the relevant Service Provider’s privacy policy before you use their websites or services.

b. We ensure that your data will not be stored in, nor transmitted to countries outside of the European Union.

c. If you believe that we process your personal data in a way that is in violation of the privacy legislation, you have the right to submit a complaint to a regulatory authority. d. We may amend this privacy policy from time to time, for example to keep it up to date or to comply with legal requirements. The latest version of the privacy policy can always be found on our website. If we make any substantial changes to our privacy policy, we will inform you beforehand. This privacy policy was last updated on the 16 th of January 2019.

CONTACT DETAILS CROSSYN

Crossyn Automotive B.V.
Burgemeester Brokxlaan 12
5041 SB Tilburg
The Netherlands
E: privacy@crossyn.com
T: +31 85 015 0041