Privacy Policy

Privacy Policy for the Processing of Video and Image Data In the context of test drives for research, development, and testing of Advanced Driver Assistance Systems (ADAS) 

 

Joint Controllership Notice: This data processing is carried out jointly by PTOWER sp. z o.o. (“PTOWER”) and Lumo Intelligent Technology (Suzhou) Co., Ltd (“Lumo”) (hereinafter referred to as the "Parties"). The Parties act as Joint Controllers within the meaning of Art. 26 of the General Data Protection Regulation (GDPR). In a joint controllership agreement, the Parties have determined their respective tasks and responsibilities for the processing of personal data and defined who fulfills which data protection obligations. Specifically, this concerns the collection of environmental data through sensor-equipped test vehicles.

 

The protection of personal data is our top priority and is integrated into all our business processes. In the following data protection notices, data subjects will receive an overview of how personal data is processed by the Parties (collectively referred to as "we" or "the Joint Controllers") in connection with our joint research, development, and testing activities.

 

In accordance with Art. 13 and 14 of the GDPR, we hereby inform the data subjects about the collection and processing of their personal data as follows:

List of contents

1. Who is responsible for the processing of the data and who can be contacted by data subjects regarding data protection?
2. What is the purpose and legal basis for data processing?
3. Where does the data come from and what data is processed?
4. Will the data be shared?
5. Will the data be transferred outside the EU/EEA?
6. Is automated decision-making taking place?
7. How long will the data be stored?
8. What rights do data subjects have?

1. Who is responsible for the processing of the data and who can be contacted by data subjects regarding data protection?

1.1 Joint Controllership

The parties responsible for the collection and processing of your personal data (Joint Controllers) are:

·       PTOWER sp. z o.o.

Address: ul. KRUCZA, nr 68, lok. 9, miejsc. WROCŁAW, kod 53-411, poczta WROCŁAW, kraj POLSKA

Email: dana@sh-ptah.com

 

·       Lumo Intelligent Technology (Suzhou) Co., Ltd (hereinafter "Lumo")

Address: No. 28 Yingqian Road, Suzhou Industrial Park 21512 Suzhou, Jiangsu Province, China

Data Protection Officer (DPO) Email: eu.dpo@lumo-intelligent.de

 

In accordance with Article 27 GDPR, LUMO has appointed the following EU representative:

EU Representative (Art. 27 GDPR):

TÜV SÜD Akademie GmbH

80339 München
E-Mail: eu.datenschutzvertreter@lumo-intelligent.de 

 

The EU representative acts as the contact point for supervisory authorities and data subjects within the European Union in all matters relating to data protection. For postal correspondence, please additionally indicate “Data Protection Consulting Service - Lumo” as the addressee.

 

1.2 Essence of the Joint Controllership Agreement

In accordance with Art. 26 GDPR, PTOWER and Lumo have concluded an agreement to determine their respective responsibilities. The essence of this allocation is as follows:

• Information Obligations and Public Notice: PTOWER is responsible for providing mandatory information at the point of capture, primarily through signs and QR codes attached to the test vehicles.
• Exercise of Data Subject Rights: Lumo (via its DPO and EU Representative) is the central point of contact for all inquiries. Lumo is responsible for coordinating and responding to requests regarding data subject rights (Art. 15-22 GDPR).
• Cooperation with Supervisory Authorities: Lumo (via its EU Representative) acts as the primary liaison for communications with the relevant data protection supervisory authorities in the EU.
• Data Security: Both Parties ensure the technical and organizational security of data within their respective control.

2. What is the purpose and legal basis for data processing?

We conduct ADAS (Advanced Driver Assistance Systems) road testing and data collection activities within the European Union. Video and image data collected during these tests are used solely for developing, testing, validating, and improving the algorithms and accuracy of our advanced driver assistance systems. Specifically, the collected data are processed to assess whether the ADAS correctly recognizes road information, such as traffic signs, and detects nearby vehicles or pedestrians. We do not use this data to directly identify individuals, and any processing is limited to what is necessary for ADAS development and testing purposes.

We process personal data based on the following legal grounds:

• Legitimate Interests (Art. 6(1)(f) GDPR): Our legitimate interest lies in developing innovative driving technologies and enhancing road safety. Since laboratory simulations cannot fully replicate the complexity of the real world, recording on public roads is essential to achieve the aforementioned research and development purposes.

As required, we have conducted a legitimate interest balancing test to ensure our interests do not override your privacy rights. To further protect privacy, we implement robust safeguards including automated blurring or masking of faces and license plates where technically feasible, alongside strict access controls and contractual data protection obligations that limit data handling to authorized personnel only.

3. Where does the data come from and what data is processed?

The data is collected directly from the vehicle’s surroundings by our test vehicles during operations on public and private roads within the European Union. The vehicles are equipped with a comprehensive sensor suite (cameras, Radar and LiDAR) designed for environmental perception.

In the course of environmental perception, our test vehicles inevitably capture the following personal data as a byproduct of their operations:

• Facial images and behavioral patterns of pedestrians within the perception range
• License plate numbers and distinctive characteristics of vehicles in the vicinity
• Location

Please note that we have no intention, nor the technical capability within our system, to identify specific natural persons. Our systems are not equipped with facial recognition or identity tracking functions.

To prioritize data privacy, we implement a "Privacy by Design" architecture where personal data such as facial information and license plates are automatically blurred or masked at the vehicle level prior to storage or further processing.

In line with the principle of data minimization, our storage systems are configured to preferentially retain data in masked or pseudonymized form. We continuously improve our masking algorithms in accordance with the state of the art to enhance the level of data protection.

4. Will the data be shared?

In principle, masked or pseudonymized data sets (where personal identifiers such as faces and license plates have been blurred) are transmitted to other recipients or processed outside the initial capture environment. We only transfer data if it is necessary for the research and development purposes described above, or if we have entrusted specific service providers with tasks where access to such data cannot be ruled out.

Specifically, the data recipients are structured as follows:

• Cloud Infrastructure (IBM): These masked or pseudonymized data sets are first uploaded to a secure cloud platform provided by IBM. IBM acts as a data processor for LUMO. Both parties have entered into a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR, ensuring that IBM processes the data strictly according to our instructions and maintains high security standards.
• Affiliated companies: For the purpose of algorithm training and improving the accuracy of our automated driving systems, masked or pseudonymized data are transferred via the secure IBM Cloud to PTOWER’s affiliated companies, including its parent company in China.

5. Will the data be transferred outside the EU/EEA?

For the purpose of algorithm training and improving the accuracy of our automated driving systems, we may transfer masked or pseudonymized data to countries outside the EU, including PTOWER’s parent company in China. To ensure a level of data protection equivalent to that within the EU/EEA, we have implemented the following safeguards:

• Transfer Impact Assessment (TIA): We have conducted a comprehensive Transfer Impact Assessment to evaluate the legal environment of the recipient country and have implemented supplementary technical and organizational measures to ensure the security of the transferred data.
• Standard Contractual Clauses (SCCs): We have entered into the European Commission’s Standard Contractual Clauses with the data recipient to legally bind the recipient to EU privacy standards.

6. Is automated decision-making taking place?

Automated decision-making within the meaning of Article 22 GDPR does not take place.

7. How long will the data be stored?

We adhere to the principle of storage minimization and purpose-driven retention. Personal data processed in masked or pseudonymized form is processed and stored only for the period necessary to achieve the research and development purposes described in this policy. The retention periods are defined as follows:

• Raw Data: Raw data collected on the vehicle are processed in real time using on-device data masking. Once masking is completed, the raw data are immediately deleted.
• Masked or Pseudonymized Data:
• Local Hard Drive Storage (Test Vehicle): Video and image data are processed directly on the vehicle's hardware, where automated masking of faces and license plates is applied. These masked datasets are stored on encrypted hard drives from the moment of masking completion and are deleted immediately after successful upload to the cloud, typically remaining on the hard drive for up to one week solely to support testing operations and the controlled data transfer process.
• Cloud Storage (IBM Cloud): Once uploaded, the data are stored on the secure IBM Cloud from the time of successful upload, for a limited period typically up to one month, to ensure data synchronization and facilitate international transfer.
• Research, Development, and Analysis: Following transfer from the cloud to PTOWER’s parent company in China, the datasets are stored from the moment of arrival in the secure R&D infrastructure, for a limited period typically up to three months, necessary for iterative algorithm training, functional safety verification, and fulfillment of technical documentation requirements for the automotive industry.

8. What rights do data subjects have?

As a data subject, you have certain rights under the GDPR (Articles 15–22). However, our ability to fulfill these rights is significantly affected by the nature of our on-device automated masking techniques:

1. Identification and Technical Constraints Our systems are designed for environmental perception and do not identify natural persons. We do not maintain any database linking faces or license plates to names. Therefore, we are generally unable to identify a specific individual unless you provide us with precision information to locate the specific sequence.

2. Impact of Automated Masking Techniques on Data Subject Rights Our vehicles utilize advanced, on-device automated masking techniques to protect your privacy.

• Automated Masking: The system is designed to automatically detect and blur personal identifiers (such as faces and license plates) directly on the vehicle's hardware before the data is stored or transmitted. Once the data has undergone this process, our ability to distinguish a specific individual from other road users is significantly limited, as the identifiable features are intended to be obscured.
• Verification Limits: Even if you provide additional details, we may not be able to verify with certainty that a specific masked or pseudonymized image belongs to you. In such cases, pursuant to Art. 11(2) GDPR, we may be unable to fulfill requests for access, erasure, or rectification unless you provide information that enables your definitive identification within the dataset. The additional information which we needed is the date, time, and location where you encountered our test vehicle, as well as your clothing or license plate information at the time, or any other information that would help us identify you personally.

In cases where you provide the necessary additional information and we are successfully able to identify you within our datasets, you may exercise the following rights:

• Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and where that is the case, access to the personal data and information regarding its processing.
• Right to rectification of inaccurate data (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data. Please note: Since video and image recordings are a factual representation of reality at a specific moment, they are by nature "accurate." As we do not process these recordings to create a profile or a biography, rectification typically does not apply to the visual content itself.
• Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data, for instance, if the data is no longer necessary for our research purposes or if you successfully object to the processing.
• Right to restriction of processing (Art. 18 GDPR): You have the right to request that we limit the processing of your data (e.g., if you contest its accuracy or the legality of the processing), meaning the data will be stored but not further used.
• Right to object: You have the right to object to the processing of your data at any time for reasons arising from your particular situation. Since our processing is primarily based on our legitimate interests pursuant to Art. 6(1)(f) GDPR, we will generally cease processing your data upon such an objection. However, please note that we may be entitled to continue processing if we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights, and freedoms, or if the data is required for the establishment, exercise, or defense of legal claims.
• Right to complain to a supervisory authority: We take your concerns and rights very seriously. However, if you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

If you are a data subject of the above-mentioned data processing and would like to exercise any of your rights or obtain further information, please send an email to eu.dpo@lumo-intelligent.de.

The controller responsible for receiving data subject requests, LUMO, is established outside the European Union (EU). Please note that if you contact the provided email address to exercise your rights under the GDPR, your personal data will be transferred to the country where the controller is located.

By sending such a request, you explicitly consent to this transfer under Article 49(1)(a) of the GDPR.

If you do not wish your personal data to be transferred outside the EU, you may alternatively exercise your rights by sending a request by postal mail to the EU representative of LUMO.

TÜV SÜD Akademie GmbH

Westendstr. 160

80339 Munich

Germany

For postal correspondence, please additionally indicate “Data Protection Consulting Service - LUMO” as the addressee.

 

Update log:This is released version 2.0.