Data protection policy

Effective from 25 May 2018

1. Scope of this policy

The purpose of this policy is to set out the terms and conditions under which aiMotive Informatikai Korlátolt Felelősségű Társaság (seat: 1025 Budapest, Szépvölgyi út 22.; registry no.: 01-09-208015; hereinafter: “aiMotive”), a global provider of vision-first self-driving technology as data controller may process the personal information of individuals in connection with its research and development activities, including the development and testing of artificial intelligence based applications (hereinafter: “AI”) in connection with autonomous car systems including, without limitation, aiDrive, aiSim and aiWare.

Furthermore, this policy applies to the processing (e.g. recording, collection) of personal information by aiMotive’s branch offices located in the United States of America and Japan in a way that personal data collected by these entities is sent to Hungary and processed by aiMotive.

This policy contains information on

  • the contact details of aiMotive as data controller as well as its data privacy champion;

  • the purpose of the data processing as well as the applicable legal basis for the processing, including a description of aiMotive’s related legitimate interests;

  • the recipients to which the processed data may be forwarded including information on the applicable guarantees in cases when the data are transferred outside the European Union (hereinafter: “EU”);

  • the storage periods for the processed data;

  • the rights of the individuals in relation to the data processing;

  • the remedies available to the individuals in relation to the data processing;

  • other organizational measures adopted by aiMotive in order to ensure compliance with privacy regulations, such as the data privacy champion and the records of processing activities.
     

2. Introduction

aiMotive utilizes artificial intelligence, simulation and supporting hardware architectures for a safe autonomous driving experience.

One of the greatest challenges of self-driving is the complex environments of urban areas. aiMotive’s technology provides a solution for high-speed autonomous driving and is growing into a robust autopilot that handles all the challenges of highway driving. Powered by artificial intelligence, the system predicts the actions of those around it to provide a smooth and safe experience. Utilizing the power of computer vision and artificial intelligence, it provides a global autonomous experience. Unique solutions allow cameras to be supported by several secondary sensors, which results in a safe self-driving solution prepared for any environment, climate and driving culture.

aiMotive uses technology designed to recreate real-world situations and create unique scenarios, which ensures the safe development of autonomous vehicle technology. Incorporating advanced software engineering, artificial intelligence, simulation testing and public road tests, aiMotive’s self-driving technology matures quickly, safely and efficiently.
 

3. Compliance with applicable privacy regulations

The development and testing of aiMotive’s products involves processing (including e.g. recording and marking) pictures and/or video recordings taken in realistic and real environments such as the streets of a certain part of a city, roads in rural areas and parking garages in order to supply the AI with information enabling the improvement of software systems designed to control the movement of vehicles, including steering, acceleration and deceleration, anti-collision maneuvers and safety-related analysis of the environment.

The recording of such material is made using multiple cameras installed on test vehicles (cars) operated by aiMotive.

aiMotive’s activity is primarily not aimed at processing personal data. However, test drives of aiMotive’s vehicles involves the recording of images (photos) and/or video in urban and rural environments which entails that it is practically inevitable that certain information relating to individuals (such as their image, presence at the given time and place, license plate information etc.), which may qualify as personal data, is processed by aiMotive.

In the light of the above, aiMotive is dedicated to protecting privacy and personal data and strives to put in place necessary measures for this purpose. In order to ensure compliance with the underlying legal regulations and to eliminate, to a reasonable extent, potential negative consequences of the data processing, aiMotive hereby sets out the rules on its processing of the personal data, as well as the rights and remedies of individuals affected by such processing.

aiMotive shall publish this policy on its website and update it as applicable and when necessary
(e.g. due to a change in aiMotive’s activities or in laws).

The underlying legal regulations applicable to data controllers established in the EU is contained in Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “GDPR”).

Given that aiMotive falls under the scope of the GDPR, this policy takes into consideration and is in line with its rules.

This policy is binding on any aiMotive personnel. The terms of this policy are in addition to, not exclusive of or in substitution for the rights and remedies of individuals under the applicable mandatory legal regulations, especially the GDPR.

By publishing this policy on its website as well as taking the steps described in Section 12.1 of this policy, aiMotive aims to inform all potential data subjects of the above described data processing. aiMotive will make reasonable efforts to prepare the recordings at dates and times when the number of individuals in the area recorded is low but which still allows making recordings that are suitable for the development and testing activity, it however cannot completely exclude the possibility of personal data processing given the nature of its operations. By exercising their right to object (among other rights), individuals affected will have the possibility to request prompt deletion of their image and other personal data from the recordings and aiMotive’s systems. In the event that recordings made during the process are published for demonstration purposes, they shall be cleansed of personal data prior to
publishing.

What is personal data?

Personal data can be any data or information based on which a natural person can be directly or indirectly identified, for example, the natural person’s face, name, phone number and address, or a license plate number.

Who is a data subject?

Data subject is an identified or identifiable natural person.

What is data processing?

Data processing means all actions performed on personal data, including, among others, collecting, organizing, storing, using, forwarding, disclosing or deleting personal data.

What is a data controller?

The data controller is responsible for specifying the purpose and means of the data processing.

Note: privacy-related concepts in this policy are to be interpreted as per the definitions of the GDPR.

Note: natural persons the personal data of whom are processed in the framework of this policy are referred to either as “individual” or data subject” in this document. The two concepts are equivalent.
 

4. Data processing principles

Before starting the processing of personal data, it must be carefully assessed at all times whether the processing is actually necessary. Personal data must be processed only if the purpose of data processing cannot be realized in another way with less impact on the data subjects.

aiMotive shall process the personal data of data subjects lawfully, fairly and in a transparent manner.

Collection of personal data can only be performed for specific, clear and legal purposes. aiMotive shall avoid all data processing that is done in a manner that cannot be adjusted to the purpose related to the personal data in question in the first place or shall terminate such data processing immediately. aiMotive is only entitled to process personal data to the extent necessary and shall delete all personal data concerning which the purpose of data processing ceased to exist or the legal basis for data processing cannot be justified.

aiMotive shall ensure that

  • the personal data is in compliance with the purposes of data processing during the entire term of the data processing, and

  • the extent of data processing is restricted to the necessary extent considering both the scope of the data and the term of data processing.

Personal data processed by aiMotive shall be accurate and up to date.

Personal data that is useless from the perspective of the purposes of data processing or becomes useless in the meantime shall be erased immediately.

Storage of personal data shall be done in a manner that makes identification of the data subjects possible only for a period necessary for the achievement of the purposes of personal data processing.

Processing of personal data shall be performed so that by applying appropriate technical or organizational measures, the adequate security of personal data can be ensured, including all measures that serve to protect personal data against unauthorized or illegal processing, incidental loss, destruction or damage.
 

5. Legal basis of data processing

For the purposes set out in section 8 of this policy, aiMotive collects and processes the information (including personal data) listed in section 9 of this policy (hereinafter: “AI Input Data”) from and about individuals and stores it in its files (which may include written, printed and electronic form).

The legal basis of the processing of AI Input Data under this policy is the legitimate interests pursued by aiMotive under sections 6 (1) f) (legitimate interest) and 6 (1) c) (compliance with a legal obligation) of the GDPR.

aiMotive’s legitimate interests in this regard are the successful development and testing of its technology, which would become impossible without the recording of images during the public road test drives, while compliance with a legal obligation primarily refers to the provisions of Point 3 of Annex 17 of KöHÉM decree no. 6/1990. (IV. 12.) (hereinafter: “Decree”).

Considering the safeguards put in place, the related balancing test carried out by aiMotive determined that its legitimate interests are not overridden by the interests or fundamental rights and freedoms of the data subjects which require protection, therefore the legitimate interest mentioned in the previous paragraph serves as valid legal basis for the data processing.
 

6. Details of the data controller and its data privacy champion

The data controller in respect of personal data processed under this policy is as follows:

  • Name: aiMotive Informatikai Korlátolt Felelősségű Társaság

  • Seat: 1025 Budapest, Szépvölgyi út 22.

  • Company reg. no.: 01-09-208015

  • Tax no.: 25316663-2-41

  • Telephone no.: + 36 1 770 7234

  • Website: www.aimotive.com

  • E-mail.: [email protected]

  • Primary contact: Head of Legal Department

The data controller’s data privacy champion:

7. Persons with access to AI Input Data

AI Input Data processed by aiMotive under this policy may be accessed by the following persons at aiMotive (as applicable from time to time), on a need-to-know basis and in line with the principle of data minimization:

  • head of Data Team and employees working at Data Team;

  • employees working at software development and testing;

  • employees working at the Vehicle Validation Group (incl. test drivers);

  • IT department;

  • head and employees of Marketing and Communication department.

Without prejudice to its obligations and liability under the applicable data protection regulations, aiMotive may grant access to AI Input Data to third party data processors, based on the respective engagements, to process AI Input Data in accordance with the instructions of aiMotive for the purposes indicated herein. aiMotive may also grant access to other data controllers as well, if it is justified by the activity of aiMotive and if it is done in compliance with the respective data protection provisions. For more information on such data processors and data controllers, please refer to section 13 of this policy.
 

8. Purpose of data processing

Within the scope of its Research and Development and testing activity aiMotive may process AI Input Data for the following purposes:

I. under legitimate interest:
 

  • development, testing and demonstration of AI applications, software and hardware;

  • improvement of AI, software and hardware to enhance efficiency and safety of autonomous driving systems;

  • proper marketing for aiMotive necessary for business development, financing and new hires (indirectly supporting the AI development by ensuring funds and highly skilled employees);

II. under legitimate interest:
 

  • complying with the data storing provisions of the Decree enabling aiMotive to hand over public road testing data to the authorities upon request.

9. AI Input Data

aiMotive may process the following AI Input Data in connection with its Research and Development, testing and demonstration activities (with data that could qualify as personal marked in green):

  • Location;

  • GPS coordinates;

  • Time and date;

  • Image of individuals;

  • Other personal data or information that might appear around aiMotive’s vehicles (within sight of the on-board cameras);

  • Information appearing on vehicles’ license places.

aiMotive will not record or collect acoustic data (sound), wireless network (Wi-Fi) or mobile network data during its activities under this policy.
 

10. Source of information collected

aiMotive collects the personal data under this policy directly using its own equipment and personnel. aiMotive will not collect AI Input Data from third parties.
 

11. Use of information

In line with the principle of purpose limitation, AI Input Data will only be processed to the extent that it is necessary for the specific purposes set out in section 8 of this policy.
 

12. Details of the collection and processing of AI Input Data

aiMotive collects and processes AI Input Data within the framework of the procedure described in this section 12.

12.1. Prior notification of the public

Prior to the commencement of recording activity aiMotive shall inform the public about the planned route which the aiMotive test vehicles will use for the purposes of recording AI Input Data in order to notify individuals that might be affected by such recording activity. All information in respect of aiMotive’s activity in Hungary shall be published in Hungarian and English. All information in respect of aiMotive’s activity abroad shall be published in English, and also in the local language, if explicitly required by laws.

The announcements regarding the recording of AI Input Data will be published usually in two months periods prior to the commencement of the recording activity. The announcements will appear on aiMotive’s website (aimotive.com/test-schedule) informing the public in detail about the planned activity and including a link to this policy.

12.2. Place and time of the collection of AI Input Data

aiMotive will make reasonable efforts to make recordings, including the collection of AI Input Data at such times and places where it is likely that not many individuals will be present, in order to minimize the number of individuals affected by the collection of AI Input Data.

Not withstanding the above, for the purposes of optimization of AI and thereby improving the safety of autonomous driving systems, it is required from time to time that a larger number of individuals and objects appear around the test vehicles (including driving at peak hours) in order to construct and improve the algorithms used to recognize humans in the environment of the test vehicle (e.g. for the purposes of developing anti-collision and/or accident prevention algorithms).

12.3. Equipment recording and storing AI Input Data

AI Input Data is recorded and stored using on-board IT equipment comprising the following main elements installed in AImotive vehicles:

  • multiple on-board cameras with high-definition recording capabilities;

  • graphic engine processing input signal of cameras;

  • storage devices recording graphic data supplied by cameras;

  • clocks and GPS based positioning devices to assign time and location information to the recordings made by cameras.

Recording devices on vehicles used for testing will be placed in a way to prevent viewing of areas that are otherwise hidden from the views of pedestrians (i.e. the cameras on the vehicles are placed lower than an average person’s eye level).

In certain cases, AI Input Data is also collected manually by the employees of aiMotive by cameras.

12.4. Collection and processing of AI Input Data by aiMotive

After the recordings under section 12.2 and 12.3 are made, raw AI Input Data is transferred to aiMotive’s mainframe system where it is stored locally at aiMotive’s premises. aiMotive’s Data Team processes the Data. This includes labeling objects on the raw image/video data in order to enable the AI to identify objects as belonging to certain categories (e.g. parts of the road, vehicles, road signs, pedestrians, vegetation, traffic lights, other objects, etc.). In order to enable effective “machine learning” by the AI (i.e. to have the AI “learn” from real images and video), AI Input Data used in this phase is not cleansed of personal data.

Besides “teaching” AI, aiMotive’s simulation team uses the raw data to build a realistic simulated environment for testing purposes. The final version of the virtual testing environment does not include personal data (i.e. there are no recognizable faces, no visible license plate numbers, etc.).

If the raw data used for the simulated environment is not useful for AI teaching purposes nor is it necessary for the simulation team for any purpose (incl. further development of the simulated environment, etc.) any more, the raw data shall be anonymized (with blurring faces, license plates, etc.) or permanently deleted. The virtual testing environment is used to design, test and improve AI. AI Input Data used during the simulation and development process is not published.

To the necessary extent Marketing and Communication department also uses AI Input Data for marketing purposes (creating demonstration videos, etc.). During this marketing type of application, Marketing and Communication department uses only unrecognizable materials (blurred and obfuscated images), therefore these will not contain any personal data.

Once the AI is tested in the virtual environment and is deemed operational, the AI is loaded into aiMotive’s testing vehicles. Such testing vehicles use AI to control the testing vehicle’s movement under real circumstances (i.e. in an urban or rural environment). The testing vehicles are also equipped with cameras that feed real-time video data into the AI control system, which controls the car based on such real-time data. Such real-time data includes AI Input Data and may be stored by the car’s on-board computer system, from where it is transferred to aiMotive’s own storage devices and/or the cloud, in order to review the testing process of a given software (version or build) once the test run is completed.

The final versions of the software are not intended to store any AI Input Data as they will rely on pre-programmed features that do not require personal data to be stored in the vehicle system to perceive and recognize objects in the environment. Also, the final version of the software controlling the autonomous vehicle’s movement will not make any recording of the environment while it is in operation.

12.5. Publication of material including AI Input Data for demonstration purposes

For demonstration purposes, aiMotive may from time to time create and publish images and/or videos made during the development and testing phases of a certain software version. Such publication of images and video material may include making it available online for download via the Internet. Prior to such publication, if and to the extent it is reasonable based on the intended purpose, images/videos are cleansed of personal data.

13. Third party data processors or data controllers

AI Input Data may be transferred to companies within aiMotive’s group of companies and thirdparty data processors engaged by them located in one of the European Economic Area (hereainafter: “EEA”) member states and third countries where the adequate protection of the AI Input Data is ensured. The list of countries belonging to the latter category can be accessed here:

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacyprotection-personal-data-non-eu-countries_en


When the processing of AI Input Data is carried out by a third-party processor, aiMotive ensures that the necessary contractual and organizational measures are in place to guarantee safe processing of AI Input Data.

If the recipient third-party data processor or data controller is located in a third country that does not ensure an adequate level of protection for personal data (e.g. certain Asian countries or the U.S.), aiMotive ensures that the data transfer takes place on the basis of the Standard Contractual Clauses (hereinafter: “SCC”) adopted by the European Commission for such transfers.

The SCC used by aiMotive during such transfers can be accessed here:

https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087

14. Duration of the processing of personal data

AI Input Data may be processed by aiMotive according to the followings:

  • under legitimate interest: until 5 (five) years following the capturing of the picture or video in general (except for the materials for marketing purposes where no fixed duration is set after the marketing images or videos are published), but not longer than necessary for the purposes of the processing defined in section 8 above;

  • under compliance with a legal obligation: until 72 hours after the completion of a public road testing, or, in case of an accident during the public road testing, until 3 years after the accident.

aiMotive determines the erasure periods applicable to the personal data in a way that no personal data is retained once the term of the data processing has passed. aiMotive has the necessary internal organizational measures in place that ensure that such erasure periods are respected and applied in practice.

15. Data Security

Maintaining data security means guaranteeing the confidentiality, integrity, availability and accuracy (for authorized purposes) of the personal data.

Confidentiality means that only people who are authorized to use the data can access it.

Integrity means that personal data should be accurate and suitable for the purpose for which it is processed.

Availability means that authorized users should be able to access the data if they need it for authorized purposes.

Accuracy means that the data is kept up to date and every reasonable step is taken to ensure that inaccurate data is erased or rectified without delay.

These principles are enforced by putting in place appropriate hardware and software based security measures (including physical entry and system access control, locks, alarms, firewalls, etc.). aiMotive has in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction.

16. Rights of data subjects

16.1. List of the data subjects’ rights

Individuals affected by aiMotive’s processing of their personal data hereunder in the course of aiMotive’s activities have the right:

  • to obtain confirmation as to whether or not their personal data is being processed, and if yes, access the processed personal data as well as certain information detailed in section 16.2 of this policy (“Right of access”);

  • to obtain without undue delay the rectification of inaccurate personal data concerning them (“Right to rectification”);

  • to obtain the erasure of personal data concerning them without undue delay if one of the conditions described in section 16.4 of this policy is met (“Right to erasure” or “Right to be forgotten”);

  • to obtain restriction of processing as per the conditions described in section 16.5 of this policy (“Right to restriction of processing”);

  • to object on grounds relating to their particular situation at any time to the processing of their personal data.

16.2. Right of access

The data subject has the right to obtain from aiMotive confirmation as to whether or not personal data concerning him or her are being processed and, where that is the case, access to the personal data and the following information:

  • the purposes of the processing;

  • the categories of personal data concerned;

  • the categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;

  • where possible, the envisaged period for which the personal data will be retained, or, if not possible, the criteria used to determine that period;

  • the existence of the right to request from AImotive rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

  • the right to lodge a complaint with the supervisory authority;

  • the applied safeguards in case personal data is transferred to a third country or to an international organization.

Further, if the data subject decides to exercise his/her right of access, aiMotive shall provide a copy of their personal data undergoing processing.

For any further copies requested by the data subject, aiMotive may charge a reasonable fee based on administrative costs.

If the data subject makes the request by electronic means and unless otherwise requested by the data subject, aiMotive shall provide the information in a commonly used electronic form (e.g. via email).

16.3. Right to rectification

The data subject has the right to obtain from aiMotive without undue delay the rectification of inaccurate personal data concerning him/her. Taking into account the purposes of the processing, the data subject has right to have incomplete personal data completed.

16.4. Right to erasure or right to be forgotten

The data subject has the right to obtain from aiMotive the erasure of personal data concerning him/her without undue delay and aiMotive shall have the obligation to erase the personal data without undue delay where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were originally collected or otherwise processed;

  • the individual objects to the processing as per Section 16.7 of this policy and there are no overriding legitimate grounds for the processing;

  • the personal data have been unlawfully processed;

  • the personal data have to be erased for compliance with a legal obligation in EU or member state law to which aiMotive is subject;

The above does not apply if the processing is necessary for compliance with a legal obligation, which requires processing by EU or member state law to which aiMotive is subject or for the establishment, exercise or defense of legal claims.

16.5. Right to restriction of processing

Data subjects have the right to obtain from aiMotive restriction of processing where one of the following applies:

  • the accuracy of the personal data is contested by the individual for a period enabling aiMotive to verify the accuracy of the personal data;

  • the processing is unlawful and the individual opposes the erasure of the personal data and requests the restrictions of its use instead;

  • aiMotive no longer needs the personal data for the purposes of the processing, but they are required by the individual for the establishment, exercise of defense of legal claims.

Where the processing has been restricted under this section, such personal data shall, with the exception of storage only be processed with the data subject’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a member state.

The data subject who has obtained restriction of processing shall be informed by aiMotive before the restriction of processing is lifted.

16.6. Communication by aiMotive of the rectification, erasure of personal data or restriction of processing

aiMotive shall communicate any rectification or erasure of personal data or restriction of processing to each recipient (e.g third party data processors) to whom it disclosed the personal data, unless this proves impossible or involves disproportionate effort.

Upon the data subject’s request, aiMotive shall inform the data subject about such recipients.

16.7. Right to object

Considering that the data processing is based on aiMotive’s legitimate interests described in section 5 of this policy, data subjects have the right to object at any time to the processing of their personal data. In such cases, aiMotive shall cease the processing without delay.

The above does not apply if the processing is necessary for compliance with a legal obligation, which requires processing by EU or member state law to which aiMotive is subject or for the establishment, exercise or defense of legal claims.

17. Remedies

17.1 Right to lodge a complaint

If the individual considers the processing of their personal data by aiMotive to be in violation of the provisions of the established legal regulations on privacy, especially those in the GDPR, the individual is entitled to lodge a complaint with the following bodies:

  • the Hungarian National Authority for Data Protection and Freedom of Information (postal address: 1530 Budapest, Pf.: 5.; address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.; telephone: +36 (1) 391-1400; facsimile: +36 (1) 391-1410; e-mail: [email protected]; web: http://naih.hu) and the

  • local supervisory authority for data protection within the EEA

The data subject is entitled to lodge complaints at supervisory authorities established in EU member states other than those mentioned above, especially ones according to the data subject’s usual place of residence, workplace or the place of the assumed infringement as well.

In any event, it is advisable that in order to resolve the issue data subjects send any complaints or enquiries to aiMotive first prior to addressing the authorities.

17.2 Court review of the decision of the supervisory authority and other options of legal remedy

The individual is entitled to effective court legal remedy against the legally binding decision of the supervisory authority concerning them. The right to effective court legal remedy does not concern measures taken by the supervisory authorities without legally binding effect, e.g. opinions issued or advice given.

Further, individuals are entitled to effective court legal remedy if the supervisory authority with competence does not deal with their complaint or does not inform them about the developments in the proceedings concerning the submitted complaint within three months.

Proceedings against the supervisory authority shall be initiated before the court of the given EU member state according to the seat of the supervisory authority.

17.3 Right to initiate a lawsuit

Individuals – regardless of their right to file complaints – may turn to courts if their rights under the GDPR were violated in the course of processing their personal data.

Lawsuits can be initiated before the competent court against aiMotive (e.g. Hungary, Sweden or Finland depending on the location of the data processing). If the individual’s usual place of residence is in another member state of the EU, the individual may initiate the lawsuit before the court of such member state.

18. Procedural rules related to the exercising of the rights of data subjects

If the data subject exercises his/her abovementioned rights derived from the GDPR, aiMotive shall act in accordance with the following provisions.

Individuals may submit their requests to aiMotive via the following contact points:

  • e-mail: [email protected]

  • mail: aiMotive Kft. / Data protection (1025 Budapest, Szépvölgyi út 22.)

The request may be submitted in writing, either by email or on paper.

aiMotive can only determine if the data subject actually appears on any of the records made, if the data subject exercising his/her rights under the GDPR provides a picture of themselves, together with the exact date and location of the suspected recording, that allows their
identification or any other information suitable for that purpose.

Consequently, aiMotive can only answer inquiries and requests, if it has a way to identify the data subject submitting the request and the exact date and location of the suspected recording.

Otherwise, aiMotive will provide information on the fact that it is not in a position to process and evaluate the request because the data subject cannot be identified (see Article 11 of the GDPR).

In case the data subject exercises its right to erasure or to be forgotten, aiMotive, at its sole discretion, may decide either to delete the pictures/video recordings containing the personal data of the data subject or blur the personal data in those.

Personal information provided by the data subject in relation to exercising his/her rights will be retained for a period of 5 (five) years and will be used solely in order to ensure that aiMotive can process and answer the data subject’s request.

Inquiries and requests will be carefully processed and generally replied within 1 month of receiving the request. This period may be extended by two further months where necessary, taking into account the complexity of the request, as well as the number of requests. In such cases, aiMotive shall inform the individual of any such extension within one month of receipt of the request, together with the reasons for the delay.

If aiMotive finds that the request of the individual is well founded, it shall enact the requested measures within the above deadlines and provide written information to the individual thereon.

If aiMotive denies the request of the individual, it shall pass a written decision about the denial and inform the data subject thereof without delay but within 1 month from receiving the request at the latest. In its decision, aiMotive shall indicate the facts serving as basis for the decision and the reasons for the decision by presenting the relevant legal regulations.

aiMotive provides the information within the meaning of Article 13 of the GDPR, the information concerning the rights of data subjects, the information concerning personal data breaches and the requested measures free of charge. However, if the request of the individual is clearly unfounded or (especially due to its repeated nature) excessive, aiMotive, considering the administrative costs of providing the requested data or information or taking the requested measure may

  • impose a fee of reasonable amount or

  • refuse taking measures based on the request.

The individual may only be obliged to compensate reasonable costs incurred as a result of answering the request if aiMotive informed them about their request being unfounded or excessive at the same time informing them about the amount of the administrative costs within 15 days following the receipt of the request, and the individual still upholds the claim in writing.

The individual obliged to bear the costs shall pay the costs within 8 days from receiving the payment notice issued by aiMotive.

19. Personal data breaches

19.1. Reporting to the supervisory authority

In the case of a personal data breach, aiMotive shall act in accordance with the following rules.

aiMotive shall report the personal data breach to the supervisory authority without undue delay and if possible, within 72 hours of becoming aware of it.

The report shall have at least the following content:

  • presentation of the nature of the personal data breach, including the categories and approximate number of the data subjects, the categories and approximate number of data records affected by the breach;

  • name and contact options of the data privacy champion or other contact person providing additional information;

  • probable consequences originating from the personal data breach;

  • measures taken or planned by aiMotive to remedy the personal data breach including measures to mitigate possible adverse consequences.

If the report cannot be submitted within 72 hours, the reasons justifying the delay shall be attached as well.

aiMotive shall not report the personal data breach if the breach will probably not pose risks to the rights and freedoms of natural persons. The probability and severity of the risk shall be determined on the basis of objective evaluation, depending on the nature, scope, circumstances and purposes of data processing.

19.2. Informing data subjects

In every case when the personal data breach will probably pose severe risks to the rights and freedoms of data subjects, and aiMotive becomes aware of the breach, aiMotive shall immediately inform the data subjects thereof. The following information shall be clearly and understandably presented:

  • the nature of the personal data breach;

  • the name and contact options of the data privacy champion or another contact person providing additional information;

  • the probable consequences originating from the personal data breach;

  • the measures taken or planned by aiMotive to remedy the personal data breach, including, if applicable, the measures aimed at mitigating the possible adverse consequences originating from the personal data breach.

Informing the data subjects is not necessary if any of the following criteria is met:

  • aiMotive enacted appropriate technical and organizational measures and these measures were applied;

  • following the personal data breach, aiMotive took additional measures to ensure that the high risk posed to the rights and freedoms of data subjects are unlikely to materialize;

  • informing the data subjects would make disproportionate amount of efforts necessary. In such cases, aiMotive shall ensure that there is a public communication instead, which ensures that the data subjects are informed in an equally effective manner.

20. Records of data processing activities

aiMotive shall keep written records of the data processing activities it performs.

These records shall contain the following information:

  • name and contact details of aiMotive and the data privacy champion;

  • purposes of data processing;

  • presentation of the categories of the data subjects and the categories of personal data;

  • the categories of recipients to whom personal data is or will be disclosed, including recipients in third countries or international organizations;

  • if applicable, information concerning the transfer of personal data to third countries or international organizations, including the identification of the

  • third country or international organization and the description of the appropriate guarantees;

  • if possible the erasure periods for the different categories of the data;

  • a general description of the technical and organizational measures adopted in order to protect the processed data

Further, aiMotive shall keep records of data protection incidents, containing the following information:

  • the facts related to the data protection incident;

  • the effects of the data protection incident;

  • the measures taken to remedy the situation.

21. Data privacy champion

The data privacy champion is a person performing independent, objective advisory and supervisory activities, acting within aiMotive to discover faults, deficiencies, irregularities in the area of privacy, and ensure compliance with legal regulations concerning privacy, in this regard especially commenting on the existing and planned data processing and to increase privacy awareness.

The tasks of the data privacy champion are at least the following:

  • providing information and professional advice to aiMotive and the employees performing data processing with regards to their obligations under the GDPR and other provisions contained in national privacy law;

  • checking compliance with the GDPR and the other EU or national privacy provisions and the internal rules of aiMotive, including the designation of

  • tasks, increasing the awareness and training of staff participating in the data processing operations and related audits;

  • providing professional advice concerning data protection impact assessments and tracking the performance of the impact assessment;

  • cooperating with the supervisory authority;

  • serving as a contact point towards the supervisory authority in matters connected to data processing.

The data privacy champion performs the above tasks paying due consideration to the risk posed by the data processing operations, also considering the nature, scope, circumstances and purpose of data processing.

aiMotive ensures that there is no incompatibility in the course of performing its tasks. With regards to the performance of its tasks, the data privacy champion is bound by confidentiality obligation.

To ensure that the data privacy champion becomes aware of all processes involving personal data as soon as possible and receives a full picture of the measures to be introduced, they must be involved in the related consultations, and their opinion shall be requested from the beginning of the planning to the realization, and afterwards in the course of the follow-up checking of processes as well.

The organizational independence of the data privacy champion shall be ensured so that they can perform objective evaluation functions. In connection with this position, the data privacy champion cannot be instructed, cannot be imposed sanctions on due to their activity and is responsible directly to the uppermost processing.

aiMotive provides the data privacy champion with the organizational, administrative and material assets necessary for the efficient performance of their tasks, publishes the name and contact options of the data privacy champion (see Section 6 of this policy) and informs the supervisory authority about such data.

22. Data protection impact assessment

In the course of the data protection impact assessment, aiMotive shall perform impact assessment in the case of data processing operations probably posing a high level of risk to the rights and freedoms of natural persons.

The impact assessment shall include at least the following information:

  • the methodical description of the planned data processing operations and the presentation of the purposes of data processing, including, if applicable, the legitimate interest the data controller wishes to enforce,

  • the necessity and proportionality test of the data processing operations considering the purposes of data processing,

  • the assessment of risks concerning the rights and freedoms of the data subject,

  • the presentation of measures aimed at the handling of risks, including the guarantees, security measures and mechanisms serving the protection of personal data, certifying compliance with the GDPR and considering the rights and rightful interests of the data subjects and other persons.

23. Miscellaneous

This policy takes effect on the day on which it is issued and remains in force until its withdrawal or replacement by aiMotive. aiMotive shall review this policy on a regular basis and align it with respect to the changed circumstances, as it deems appropriate.