Privacy Notification to the Road Traffic Participants
Pedestrians, drivers, passengers, vehicle owners – On video surveillance and personal data processing.
Please note, that we use cameras or video recording only in some of our deployments, not in all of them.
Related to our self-driving vehicles’ (pilots) testing & operation.
1. Who We Are and Our Commitment to Your Privacy
Sensible 4 Oy (“Company”, “We”, “Us” or “Our”) is the Finnish Limited Liability Company established on 7.2.2017 with business ID 2813696-2 and domicile in Espoo, Finland.
Our contact phone number is: +358 40 0516778
Our current address is: Turuntie, 42, 02560, Espoo
Our CEO is Harri Santamala.
You can send Your requests and inquiries regarding Your privacy to: email@example.com
You can find more information about Us at www.sensible4.fi
We act as “Controllers” of Your personal information that:
- You provide to Us when contacting Us or
- we collect independently by means of live-feed monitoring and video recording on the driving route of Our (or Our customer’s) Pilot Vehicles, equipped with Our proprietary autonomously-driving system, – the self-driving (autonomous, robot) vehicle(s)’ prototypes (“Pilot” or “Pilot Vehicle”) and/or during the Pilot press-releases or public launch ceremonies (“Public Event”).
We collect and process Your personal video images as defined in this notification (and You become a Data Subject) only if you are present in the identified area and at the exact time of Our Pilot Vehicle(s) testing and operation with ongoing video recording and/or Our Public Event is recorded.
You can find geographical maps, information about the date and time (of recording duration) and other relevant details for each specific Pilot description here.
Each Pilot Vehicle has one or more outside mounted cameras. Number of cameras depend on the Pilot Vehicle’s size and type. Some of the Vehicles also have a camera inside. Vehicles have sticker-signs about ongoing video-surveillance indicating inside/outside cameras. Cameras collect only video data; audio function is disabled by default.
We are equally committed to the protecting and respecting the Privacy of all Data Subjects (defined in Section 2 below). For information on Your rights with respect to Your personal data see Section 7 below.
This Privacy Notification explains how, why we collect and otherwise process, where and for how long we store and use any personal data that we collect independently, automatically on Our Website or from You when you get in touch with us or participate in Our Public Events, and who we share Your data with.
This Privacy Notification is prepared in compliance with the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) https://eur-lex.europa.eu/eli/reg/2016/679/oj (“GDPR”), EDPB Guidelines 3/2019 on processing of personal data through video devices https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-32019-processing-personal-data-through-video_en (“Video Data Processing”) and instructions of Finnish Data Protection Ombudsman (“Ombudsman”) https://tietosuoja.fi/en/organisations
2. When and Where You Become a Data Subject; What (Limited) Personal Data We Collect
If You are (“Data Subject”, “You”, “Your”):
- a public traffic participant (pedestrian, driver, passenger, owners of other vehicles in the open traffic) or a voluntary passenger of Our Pilot (“Traffic Participant”) at the time and place where Our Pilot conducts active dynamic video recording and monitoring on-the-go and at the indicated stops to drop-off and collect passengers;
- a voluntarily participant of Our Public Event (“Guest”), or
- a visitor of Our Website and/or contact Us with respect to Privacy (“Visitor”).
We collect and process the following limited personal data depending on the specific case and time:
- Video images monitored and recorded in the dynamic mode (on-the-move) in the open public traffic during Pilot driving testing and operation by video cameras mounted on the Pilot Vehicle: individual personal images of Traffic Participants and images of vehicles’ license plates as part of the live-time video feed monitoring and video recording. Recoding takes place only during vehicle operation (movement on the road with brief stops on traffic lights, at bus stops, other obstacle detection) for the duration of the specific Pilot and during limited hours/day, which varies for each specific Pilot; You can check for details here. We do not conduct static video surveillance of one specific area 24/7; We do not monitor same people or vehicles for the extended period of time.
We do not use recorded images for identification of people, vehicle owners or drivers. Our technology (software) does not have any features or tools that enable Us to do so (no facial recognition, no tracking, no automated decision-making that can affect Your rights).
You are not legally required to provide any requested information to Sensible 4 unless in accordance with the law, on which we separately inform you, when applicable in relation to Your request.
By submitting Your request/inquiry via Our email or phone call, You acknowledge that all information provided by You is true, complete, correct and not misleading to the best of Your knowledge and belief, and that You allow Us to Use Your personal data for the purposes identified in this Notification. Not providing or providing any inaccurate or misleading information will result in Us not being able to satisfy Your request/inquiry.
- Other information obtained during Public Events: From time to time, Sensible 4 hosts different sales, marketing, Pilot launch and other Public Events. If You voluntarily become a Guest at such Event, be aware that our marketing team takes photos and videos during the Event, where Your image can be captured.
- Your electronic identification when You access Our content on Our Third-Party Partner Website(s): From time to time, Sensible 4 publishes company information, marketing material and information about Our projects, including publicly-funded, open Company events on third party website platforms such as Our project partners and other. If and when You access Our content, we Use Website cookies (for details see Section 8 below).
For information on Your rights with respect to Your personal data see Section 7 below.
3. Why We Collect and Process Your Personal Data and Our Legal Right To Do So ( “Purposes of Use” and “Legal Basis” Under GDPR); Who and Why Has Authorised Access to It
We only process limited personal data of Data Subjects (video/photo images only) and not for the purpose of identifying, not for using these data to disadvantage of Data Subjects, not used for any automatic decision making (Art. 11 GDPR). Our software does not have excessive data analytics – no facial recognition, no license-plates tracking, no automatic decision-making regarding Data Subject. Personal data are collected from cameras as a part of the entire vehicle technical data from its sensors, lidars and other special equipment.
a. Our remote Pilot operator and supporting technical team are watching all images in the video-stream in real time transmitted through the mounted cameras and vehicle computer during the Pilot Vehicle driving on the public road in the open traffic.
- To Ensure safe operation of the experimental Pilot Vehicle in the public traffic, prevent collision due to Vehicle malfunction, any damage to health and personal safety of the Traffic Participants, public and private property on the road and nearby – To protect the vital interests of the data subject or of another natural person, Art. 6(1)(d) GDPR;
- To Comply with general traffic safety rules applicable to passenger vehicles by operating a new technology prototype vehicle in piloting/testing mode -Controller’s obligation under law, Art. 6(1)(d) GDPR (comply with the applicable law on traffic safety).
b. Video-stream from the mounted cameras is also transmitted to the Pilot Vehicle’s computer (PC) and driver manually saves recording on encrypted storage media. Limited number of Our authorised technical experts format the recorded video into special files (“ROS bags”), that can be read only by an experienced IT expert. The formatted video-files are saved to the secured physical or cloud servers located in Finland. Transfer of files takes place in accordance with internal process of strict monitoring, ensuring safety of the data. Saved video files are modified and applied in the software development activities by a limited number of authorised experts for creation of a tool teaching our autonomous-driving software system to recognize and detect obstacles, including people, animals, bicycles, other vehicles, buildings, traffic lights etc, where individual personalities are irrelevant (machine-learning).
Video footage is also necessary to investigate technical incidents such as Pilot Vehicle malfunction, failure to react to the remote operator’s command or the safety driver’s action – information that is crucial for the further development of the safe and efficient technology for all Traffic Participants.
Sometimes Video footage is sampled into fractions of short-interval recording and transmitted for testing functioning of connection and correctness of integration with the monitoring centre located away from the Pilot Vehicle, sometimes in another EEA country; in such case a limited number of authorised employees of our customer, local transport authorities, fleet operator has access to the samples of the video footage for the described purpose.
- For the development (“R&D”) of the autonomous driving technology and software (“self-driving”) that helps brining electrical vehicle operation to the next level of automation (SAE-4), ensure competitiveness of the European economy, automotive industry and leads to a safer traffic for all participants –Controller’s legitimate interest Art.6(1)(f);
- For the Scientific R&D of the autonomous technology (“self-driving/connected/smart electrical vehicles”) is also core business of our start-up company (SME), small private enterprise – Controller’s legitimate interest, Art.6(1)(f);
- For the Performing legal obligations of technical support, services, back-end operation, repair, fixing malfunction, ensuring safety or other under the binding agreements with Our customers, including public (EU and Finnish) funding authorities, project coordinating research facilities, private companies working on developing of the self-driving vehicles – Controller’s legitimate Interest, Art. 6(1)(f);
- For the projects, where Pilot Vehicles and/or camera equipment do not belong to Us, but our system is integrated with such Vehicles and the data is transmitted to Us and our customers for the same purposes as explained above – Controller’s legitimate Interest, Art. 6(1)(f).
Sensible 4 does not use Your personal data for purposes that are incompatible with the purposes listed in this Privacy Notification, unless any derogations are authorized by law or the Ombudsman, or are in Your own vital interest (e.g. in case of a health and safety emergency).
When required and permitted under the mandatory applicable law and binding contracts ensuring safety and security of the data processing, We securely share Your personal video data with the authorised third parties (professional and reliable service providers, public authorities, customers) bound by confidentiality and other obligations of ensuring security and safety of data processing, and only use Your personal data in compliance with GDPR and relevant agreement (data processors, joint data controllers.
4. Where We Store Your Information
We are a Finland-based company and comply with GDPR requirements for transfer of personal data within EU/EEA countries. We store all information on Servers in Finland with providers based in EEA in accordance with diligent Data Processing Agreements.
We do not transfer personal data outside of EU or EEA, however, if in the future personal data is transferred outside the EU/EEA, such transfers are either made to a country that is deemed to provide a sufficient level of privacy protection by the European Commission or transfers are carried out by using appropriate safeguards such as Standard Contractual Clauses (SCC) adopted, including any supplementary measures, where assessed to be necessary, or otherwise approved by the EU Commission or competent data protection authority in accordance with the GDPR. We separately inform You about such changes.
5. How Long We Store Your Personal Data
Sensible 4 determines the reasonable and legally justified retention period defined as follows:
- In earlier Pilots and depending on the Pilot Vehicle type video-stream data may require manual back-up by the safety driver every 4 minutes, or it will be automatically erased. In more recent Pilots and vehicle-types, especially operated outside Finland, back-up process is automated;
- Live-feed video data is not stored in the camera equipment and only saved to the Pilot-Vehicle encrypted-PC and safely erased from the Pilot Vehicle PV entirely after completion of each Pilot;
- Daily recorded video feed during Pilot operation copied to encrypted storage media and securely erased from Pilot-Vehicle-PC and from the encrypted storage media not later than one week (7 days) from the recording;
- Video data is stored on sensible 4 local-secured-servers utilised for the software development for the duration of the system software development up to five (5) years from the end date of each Pilot;
- When IT experts process video data on the secured Company computers for the purposes of the software development, it is securely erased from the PCs after 6 months;
- Video feed recording evidence of the traffic accident will be stored for the duration of statutory limits applicable in the jurisdiction where the accident takes place in order to safeguard or improve legal position of the affected Traffic Participants (for instance in relation to the statutes of limitations, litigation, or regulatory investigations) and can be provided to the authorities under request.
During the retention period, we can at our own discretion at any time safely erase some old data and data-sets and replace them with the new data, more relevant to the R&D. After applicable retention period Your personal data will be securely erased from all Sensible 4 systems and devices, systems and devices of our data processors or joint data controllers in accordance with the law.
If We process Your personal Data, You have the rights you can exercise anytime by sending Us a request to firstname.lastname@example.org in accordance with GDPR as explained in Section 7 below.
6. How We Protect Your Personal Data
Sensible 4 employs reasonably and technically available and necessary organisational, technical, and physical security measures in order to protect Your data from loss, misuse, unauthorised access, disclosure or theft. Where we engage third-party suppliers to provide services that enable them to access Your personal data (such as cloud services providers), we ensure their credibility, require them by contract to have sufficient security controls in place and comply with GDPR.
Some of the safeguards We use include physical security of Our premises, firewalls, VPN, multilayer authorization, restricted access, cloud storage, device and connection encryption, limited employee access, instructions on monitoring the access and use of data. Although We believe We have taken adequate and appropriate measures, however, no system is perfect and we cannot guarantee that unauthorised access or theft are absolutely impossible. We believe, that we minimised the risk of any potential damage to You if any of such video data is lost or stolen.
Technical measures like blurring or darkening images make them unrecognisable for the vehicle system, cause difficulty in detecting the object correctly as different from the other vehicles, trees, buildings. Additional processing (by applying special measures) during the data recording delays the video steam. Receiving information with delay, the remote operator cannot ensure timely reaction, which may result in the traffic accident. If software system cannot efficiently differentiate people from other objects and traffic participants, predict human behaviour in the traffic in order to ensure future safety of its operation, the risk to Traffic Participants’ safety significantly increases and software will never learn properly. These measures may also render video material unusable for the traffic accident investigation, as the vehicle prototypes are not currently equipped with the black-box devices due to absent regulation.
7. Your Rights in Relation to Your Personal Data Processed by Us and How to Exercise Them (Articles 12-23 GDPR)
If You are a Data Subject and You have justifiable reason to believe that we process Your personal data defined in this Notification:
- the right to be informed about Your data processing;
- the right to access Your personal data stored by Us;
- the right to object to Our processing of Your personal data;
- the right to restrict Our processing of Your personal data;
- the right to request erasure of Your personal data.
Your rights to demand the rectification of the incorrect data and not to be subjected to automated decision making cannot be realised with respect to Our processing, because correspondingly 1) We do not use manual collection of information, but Our equipment records real-time video feed and your actual image without alteration of reality and 2) We cannot and do not use Your visual images for any automated decision making, as we do not process data for Your identification.
While We may have only video or photo image of You or Your car with the license plate visible, We do not know Your name, address, Who You are, that the vehicle is Yours or any other directly identifying information about You. For handling Your requests, We need to check that We indeed collected a video of You. We have hundreds and thousands of traffic video recording hours at numerous locations. Finding and confirming that We have Your image, Our employees will have to go over extensive amount of video material, where Your image can be recorded, sometimes in poor quality or only for a fraction of a second, or not recorded at all. When submitting request while exercising Your rights, please provide information on the date, time and location where You anticipate Your image have been recorded by Us. Please be ready to confirm Your actual identity, as We cannot provide any personal data if it is not really Yours, based on the assumption.
As a small Company that does not systematically process personal data on a regular basis or on large scale and not for purposes of observing, monitoring, tracking or locating individuals, we do not have a Data Protection Officer. Our general management and several employees that competent in different areas related to the data security are jointly ensuring compliance with the GDPR requirements.
Any requests You reasonably and justifiable have regarding Your privacy and Our business activity, or where You have grounds to believe that You became a Data Subject, or where You wish to exercise any of Your rights, you may contact us
- by email at email@example.com;
- you can call our Company official number; if we are not immediately able to respond to Your inquiry, Our employees will get back to you within reasonable time; or
- you can visit us at our office. In case of a personal visit, please notify us in advance, because our offices have restricted access and we need to ensure that an authorised and competent employee can meet you. Please also mind that due to COVID-19 official recommendations our offices may be closed for visits, access or availability of Our employees may be limited during certain times to ensure safety and health of You and Our employees.
If You are not satisfied with Our response, You are entitled to submit an official complaint the Ombudsman https://tietosuoja.fi/en/office-of-the-data-protection-ombudsman.
8. IP Addresses and Cookies on Our Website
Our Website uses small data files known as cookies (the “Cookies”) to collect information about the people that use Our Website or Our publications on Our partners’ websites. When You use the Website, Cookies are transferred to and stored on Your computer’s hard drive. They collect personal information about You to enable Us to identify returning applicants only. This means we can provide You with a more personalised application process.
You can reject these Cookies by changing the setting on Your website browser but You should be aware this impairs the functionality of the Website. Aside from the Cookies to identify applicants returning to the Website, we do not use any other Cookies.
9. Changes to Our Privacy Notification
Any changes to Our Privacy Notification in the future will be posted on this page and, where required, will be notified to Your e-mail You wish to provide Us. On separate pages you can find information relevant to each Pilot, that You can access via this link.