Effective date 7/19/2017
This Policy applies to persons and companies who use our Services to understand the environment and experience of their drivers. This Policy does not apply to individual drivers who may have installed or used Nauto devices in their cars. If you interact with our Services as both a fleet owner or insurance provider, and a driver, the respective privacy statements apply to your different interactions.
Nauto collects information about a driver’s environment and experience while on the road (Driving Data). Nauto devices use forward-facing camera and sensor technology to scan a driver’s environment, collecting information in the form of videos and photos about:
At the same time, Nauto uses inward-facing camera and sensor technology to monitor a driver’s state and driving behavior, collecting information about:
In addition, Nauto uses automated means to collect information from Nauto devices, such as:
Once connected to a wireless network, the Nauto device in your vehicle regularly sends the data described in this Policy to Nauto to provide you with the Services.
Nauto collects personally identifiable information about the driver and passengers ("Personal Data"). Nauto uses Personal Data for the sole purpose of providing value to our Fleet Owners and Insurance Providers. This data includes:
In addition, drivers and passengers may transmit information to Nauto voluntarily, by recording a short voice note using the Nauto device. Nauto processes the voice note to understand additional details of an incident or passenger interaction and may use the information provided to offer technical or emergency support to drivers.
Nauto uses aggregate, anonymized, non-personal driving to provide insights to improve driving behavior. This data includes:
You may be asked to create a Nauto account “Profile,” to make it easier for you to communicate with us and access the Services we provide to you. To create an account, you may be asked to provide some personal data, such as your name, username, password, email address, mailing address, and phone number.
Nauto may also collect payment information from you or your company, including a credit or debit card number, card expiration date, CVV code, billing address, and shipping address, to complete a transaction through our Services.
To the extent you request it, we may create account “Profiles” for your drivers. These Profiles allow Nauto to display a driver’s Profile name and photo, and link that Profile with information collected by that driver’s Nauto device, including all the information discussed at Sections 2.1 and 2.2 above. So that we may create these Profiles, your drivers may be asked to provide personal data, such as their name, username, password, email address, mailing address, and phone number.
When you visit Nauto’s website or other online services, we and our third-party partners analyze log file information and other data collected through cookies, web beacons, and other tracking technology, to collect information about your browsing behavior. This information may include, for example, your browser type, domains, page views, IP address, referring/exit pages, information about how you interact with our website or online services interface and links, traffic and usage trends, etc. We may use session cookies to keep you logged in while you use features of our website or online services.
Nauto respects Do Not Track (“DNT”) settings in browsers. If you are logged out of our services and have DNT enabled, we will not set cookies that can be used to aggregate information about your usage. We may use some cookies to enhance your experience by storing preferences or options.
Nauto uses the driving and connectivity data it collects from Nauto devices, as well as any information voluntarily provided by drivers, to provide, improve and develop its services. Using the data, Nauto is able to, among other things:
Nauto also uses the information it collects to provide technical support, improve the quality of service Nauto provides, and develop new services and technologies.
Nauto also uses face scanning and facial recognition software on the images of drivers collected. Nauto uses this software to create a profile, based on the driver’s facial features, such as the distance between the eyes, nose and ears, for a particular individual, that it uses to connect a driver in one particular photo or video to another photo or video. Nauto does not and could not use this information to recreate an image of a person.
Nauto also uses aggregate, anonymized, non-personal driving and connectivity data for business purposes, including for product improvement, analytics, industry and market research, and other purposes consistent with Nauto’s legitimate business needs.
Nauto will share with you the data it collects. This means that you can receive up-to-date information about your drivers’ location, speed, driving hazards, and attentiveness, in addition to in-depth analysis of driver safety, traffic dynamics, or insurer loss data.
To the extent required under applicable laws, we may take certain measures to protect the privacy of third persons whose personal data may be collected by the Nauto device outside the United States. In such cases, Nauto reserves the right to withhold, within its sole discretion, identifying images and information of passersby or nearby drivers. For example, we may blur the faces of pedestrians or the content of vehicle license plates so that they cannot be identified in video content recorded by Nauto. Additionally and to the extent required under applicable law, Nauto reserves the right to withhold, within its sole discretion, certain personal data about your drivers and passengers, such as health, financial, or other sensitive information.
Nauto may provide the information described above to vendors, service providers, and other partners who support Nauto’s business by providing technical infrastructure services, analyzing how our services are used, measuring the effectiveness of our services, providing customer service, facilitating payments, or conducting academic research and surveys. These partners must adhere to strict confidentiality obligations in a way that is consistent with this Policy and the agreements we enter into with them.
Nauto may share, license, or sell aggregate, anonymized, non-personal Driving Data, connectivity, and driver-provided data it collects from your drivers with and among other fleet owners, insurers, Nauto drivers, and other third parties. No Personal Data will be shared. Nauto uses this information to advise other fleet owners, insurers and Nauto drivers about driving conditions and to warn them of hazards. Nauto also uses this information to provide all its clients with the most up-to-date and precise fleet management and mapping services, driver safety scores, risk analysis, and traffic analysis available. Nauto may contact emergency services and share certain Driving Data and Personal Data if there is an accident based on information that Nauto receives from Nauto devices.
Under no circumstances do we share your Personal Data, or the Personal Data of your drivers, for any commercial or marketing purposes, to any third-party company or organization outside the Nauto network other than as described in Section 4.2 above, without your explicit consent. Nauto will never share or sell your account, payment, or billing information, other than as described in Section 4.2 above, without asking you first.
Signing up for or connecting to third-party products or services sometimes requires us to share data with third parties. Before we share your data with a third party, you will be shown details about any proposed exchange(s) of data between Nauto and the third party that is providing the product or service. In some cases, Nauto or the third party will instead (or also) ask for permission to control the products that you have connected. Your explicit consent is required to allow any of these exchanges or requests for control and you will be able to revoke it at any time.
In the event Nauto is involved in a bankruptcy, merger, acquisition, reorganization, or sale of assets, your information may be sold or transferred as part of that transaction. This Policy will apply to your information as transferred to the new entity.
Nauto may access, preserve, and share your information or information collected from your drivers when Nauto has a good faith belief that it is necessary to: protect the property and security of Nauto, Nauto users, and others; or to prevent death or imminent bodily harm.
Nauto may access, preserve, and share your information or information collected from your drivers in response to a legal request (like a search warrant, court order, or subpoena) if Nauto has a good faith belief that the law requires it. Information concerning you or your drivers may be accessed, processed, and retained for an extended period of time when it is the subject of a legal request or obligation, government investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
The information we collect may be processed and stored on Nauto servers located in the United States or in other countries. Your information may be subject to legal requirements, including disclosure requirements, in those jurisdictions.
Nauto takes security seriously. We use commercially reasonable physical, administrative, and
technological methods to transmit your data securely including HTTPS, TLS/SSL protocol, AES and RSA data encryption. The Nauto cloud is supported by third-party vendors and service providers which process and store information in compliance with this Policy and any other appropriate confidentiality and security measures.
In addition to technological security measures, Nauto places access controls on its employees, contractors, and agents. We restrict access to any Personal Data to those Nauto employees, contractors, and agents who need to know that information in order to transmit, store, or process it, and who are subject to strict contractual confidentiality obligations that are consistent with this Policy, and may be disciplined or terminated if they fail to meet these obligations.
Nauto cannot guarantee that unauthorized third parties will never be able to defeat our security measures or use your Personal Data for improper purposes. In the event that any information in our possession or under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Most data are temporarily stored locally on the Nauto device while awaiting processing and only select data is sent up into the cloud. Only limited Personal Data and Driver Data are kept for an extended period of time. We may retain your Personal Data or the Personal Data of your drivers after you have closed your account if retention is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes between Nauto users, prevent fraud or abuse, or enforce this Policy and our User Agreement. Because of the way we maintain certain Services, after your information is deleted, backup copies may linger for some time before they are deleted, and we may retain certain data for a longer period of time if we are required to do so for legal reasons.
Under the Privacy Shield Principles, Nauto has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf under Section 4.2 above. Nauto complies with the Privacy Shield Principles for all onward transfers of personal data from the E.U., including the onward transfer liability provisions.
In compliance with the Privacy Shield Principles, Nauto commits to resolve complaints about our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Nauto at firstname.lastname@example.org. If there is a dispute that we are unable to resolve, Nauto has committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you are unsatisfied with the resolution of your complaint, you may contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield for further information and assistance. You may also have the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by a complaint to Nauto or through JAMS. More information related to this arbitration procedure is available at https://www.privacyshield.gov/article?id=ANNEX-I-introduction. The Federal Trade Commission has jurisdiction over Nauto’s compliance with the Privacy Shield.
We may revise this Policy from time to time. The most current version will govern our use of your information. If we make a change to this policy that, in our sole discretion, is material, we will notify you via an email update using an email address associated with your account. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Policy.
If you have any questions, please contact us at email@example.com.