Data Privacy and Protection

Explanatory Notes on Personal Data:

GDPR extends the definition of personal data to include digital identifiers such as IP addresses. Identifiers in telematics systems that correlate data and drivers, including information on location, speed or driving events, may thus be personal data.

This means that fleets need a lawful basis for processing it and they face extra responsibilities to guard it and to respond to driver enquiries and concerns.

Several options are available as the basis for processing, including driver consent; the performance of a contract; compliance with a legal obligation; to fulfill a task in the public interest or to pursue legitimate interests.

If the telematics data is being used for contractual reasons, such as to record driving time because the driver is paid by the hour, then the collection of the data ought to be covered by the contract of employment.

Similarly, fleet operators can reasonably claim ‘fraud prevention, security and safety’, as a motive to collect and process telematics data.

Controller / Processor status

Under Data Protection legislation, Humn.ai Ltd is registered with the UK Information Commissioner’s Office and operates as both a Data Processor and a Data Controller of your personal information, normally in conjunction with the Contracting Entity (normally your employer, the vehicle owner and/or the vehicle insurer)

The Contracting Entity will also be a Data Controller under Data Protection legislation. The Contracting Entity are responsible for defining the Purpose for processing your personal information and for ensuring a Lawful Basis for that processing. Humn.ai are responsible for determining what information to collect from the telematics or dashcam device in order to fulfil the stated purpose.

Typically, retention periods for data are defined by the Contracting Entity as part of the contractual agreement, to reflect the Contracting Entity’s legal and organisational requirements.

Enquiries relating to the Retention of data should be directed to the relevant person at the Contracting Entity in the first instance.

Humn.ai may retain data for a longer period where we deem it necessary to reflect our own legal and organisational requirements.

ICO Registration: ZA504331

Driver Privacy Policy

This privacy policy describes what to expect where Humn.ai collects and processes your personal data.

Generally, we do not have a direct contractual relationship with individual drivers; normally we have a contract with a 3rd party which is typically your employer, the insurer of the vehicle, the owner of your vehicle or the broker placing the vehicle insurance policy with the insurer (the Contracting Entity).

It is very important that you read this Privacy Notice in full so that you understand what information we collect from you and from the Telematics device fitted to your vehicle(s) and how we then process this information.

This Privacy Notice only covers the processing performed by Humn.ai and its sub-processors; it does not cover the processing performed by the Contracting Entity.

It is therefore important that you also read the Privacy Notice provided by the Contracting Entity to obtain a full picture of the processing being undertaken.

Phrases which start with capital letters (such as “Privacy Notice”) are defined in the Definitions section at the end of this notice.

Where you have any concerns about the information collected or how your information may be used, you should discuss in the first instance with the relevant individual within your organisation or service provider, for example where you are leasing a vehicle, the leasing company or financing firm.

Revisions to this Privacy Policy

As the needs of the business develop, there may need to be revisions to this Privacy Policy. You should refer back to our website at https://www.humn.ai/privacy from time to time to view the latest Privacy Policy.

Lawful Basis

Humn.ai and our partners will collect, process and will pass this information to the Contracting Entity under our Legitimate Interests in order to provide the Service.

The Contracting Entity will have their own, separate Lawful Basis for their initial collection and processing of personal data and the subsequent processing of the information provided by Humn.ai.

Enquiries relating to the Contracting Entity’s Lawful Purpose should be directed at the relevant individual within your organisation or service provider, for example where you are leasing a vehicle, the leasing company or financing firm.

What data do we collect when you are registered for our Services?

When you are registered for our Service, we will typically collect such information as may be required to set up and deliver the Service. This information may include such items as:

  • 1 Contact Name
  • 2 Company Name
  • 3 Vehicle Registration(s)
  • 4 Vehicle Identity Number(s)
  • 5 Driver Names

Note that this information may be collected directly from the Data Subjects or may be provided to Humn.ai by the Contracting Entity.

What data do we collect from the telematics/dashcam device?

Once the telematics device has been installed and activated, it will record and analyse data relating to the vehicle to which it has been fitted. Depending on the specific unit fitted and the instructions from the Contracting Entity, the telematics device will collect driver behaviour related information such as:

  • 1
    Vehicle Data: Registration, VIN, make, model etc.
  • 2
    Journey Data: GPS location, time and date, direction, speed, acceleration/deceleration rates etc.

Note:

This includes Private Journey data which may be available as standard to the Contracting Entity; which may be made available under specific, agreed circumstances; or which may only be made available with the consent of the Data Subject. Please refer to the Contracting Entity to establish which is the correct scenario for your device

  • 3
    Dashcam Data: images captured by the dashcam device(s)
  • 4
    Diagnostic Data: vehicle fault codes, battery health status etc.

What data do we collect from your mobile device?

When you access our App (Rideshur) via a mobile device, we will process your device location and settings to enable the map display function within the App, to allow the Bluetooth features to operate and to help optimise performance.

Granting these permissions is necessary for the App to operate correctly. 

This data is used locally by the App and is NOT transferred from the device.

Use of Mobile Device Data

When using our App (Rideshur), we process the location of your device for the purposes of enabling the feature to display your current location on a map. Any such data is NOT transferred from the device at any point; the data is not stored by Humn.ai and is never passed to 3rd parties.

Profiling – Driver Behaviour Scores

Humn.ai systems including Rideshur allow Driver Behaviour Scores to be calculated based on recorded telematics data and other publicly available data such as speed limits. The calculation of Driver Behaviour Scores is a form of profiling under Data Protection Legislation.

Driver Behaviour Scores are calculated using a combination of recorded telematics data, speed limit or similar data and System Thresholds that may be defined within our systems by the Contracting Entity. These thresholds typically relate to legal speed limits (speeding events), acceleration rates (harsh acceleration events), deceleration rates (harsh braking events) or other driving behaviours (such as harsh cornering).

Humn.ai uses the Driver Behaviour Score profiling as key metrics in automated decision making processes to calculate dynamic insurance premium prices on behalf of the Contracting Entity. Calculated Driver Behaviour Scores are passed directly from Humn.ai to the Contracting Entity for their subsequent processing and use. Humn.ai do not control the use of Driver Behaviour Score data by the Contracting Entity and you should contact the Contracting Entity directly for further information on their use of this data.

Enquiries relating to Driver Scoring and how it is used should be directed to the Contracting Entity in the first instance.

Third Parties

We use your information only as set out in this Policy and will not sell, rent or pass your information on to others for marketing or other purposes without your express consent.

Humn.ai may however provide aggregate statistics about our customers, sales traffic patterns and related site information to reputable third-party vendors and relevant affiliate partners, but these statistics will include no personally identifying information.

Humn.ai will provide certain telematics and dashcam data to the Contracting Entity in order to provide the Services, as agreed in our contract with the Contracting Entity.

We may also release account, telematics and/or dashcam data where we believe in good faith that this release is reasonably necessary to comply with the law.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Your Rights - Controlling your personal information

Under data protection legislation, you have the right to:

  • 1 Request access to the personal data we hold about you and details of any other party we share that data with;
  • 2 Request a copy of the personal data that we hold about you;
  • 3 Request that we correct your personal data when it is incorrect, out of date or incomplete;
  • 4 Request that we stop using your personal data for direct marketing communications;
  • 5 Request that we stop any consent-based processing of your personaldata after you withdraw that consent.

You have the right to request a copy of any information about you that Humn.ai holds at any time, and also to have that information corrected if it is inaccurate.

Your right to withdraw consent

Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent. We will then cease processing your data for that purpose.

Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

If we decide not to action your request we will explain to you the reasons for our refusal.

You may also request that some or all of your data is deleted; however, the Right to Erasure is not absolute and we may decide to retain the data if we have an overriding reason for doing so.

If we decide not to action your request we will explain to you the reasons for our refusal.

Direct marketing

You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request

Checking your identity

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.

If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Making and Dealing with Requests

Any requests relating to this Service and the Personal data being processed will be handled jointly between Humn.ai and the Contracting Entity.

Requests relating to your personal data should be made to the Contracting Entity in the first instance – details of how to do that will be included in the relevant Privacy Notice provided by the Contracting Entity.

However, if you so wish, you are also able to make such as request directlyto Humn.ai via email at privacy@humn.ai or by writing to:

The Data Protection Officer

Humn.ai Ltd
12 Hammersmith Grove
London
W6 7AP

Contacting the Regulator

If you feel that your data has not been handled correctly or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

The Information Commissioner’s Office can be contacted via telephone on 0303 123 1113 or online at www.ico.org.uk/concerns

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

  • App
  • Software application typically installed on a mobile device.
  • Associated Person
  • Any other person who has been authorised to work on the vehicle (such as mechanics), to drive the vehicle, who use or are provided with or transported in a vehicle fitted with Telematics device for any period of time and for any purpose. It is the Driver’s responsibility to make a copy of this policy available to any Nominated Drivers.
  • Contracting Entity
  • The entity entering into the contract with Humn.ai and on whose instructions the Service is provided. This is typically your employer, your insurer or the vehicle owner (in the case of hire or lease cars).
  • Customer Personal Data
  • Personal data contained in the Data or otherwise collected from the Customer, and which is processed by the Supplier in the course of performing its obligations and for the other purposes set out herein.
  • DashCam
  • Dashboard and/or in vehicle or asset camera(s);
  • DashCam Data
  • Data produced by a Camera;
  • Data
  • Telematics Data, Driver Profile Data, Diagnostic Data, On Board Diagnostic Data, FNOL, Battery Status Data and Camera Data;
  • Data Protection Legislation
  • General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK, and any successor legislation to the foregoing;
  • Diagnostic Data
  • All raw, unprocessed data specified under the European On-Board Diagnostic standards available at a Vehicle or plant’s J1962 diagnostic socket;
  • Drivers
  • The main Driver and/or owner of the vehicle fitted with a Telematics device for the purposes of carrying out their duties or for any other purpose.
  • Mobile Device
  • Smartphone, tablet or similar.
  • Nominated Drivers
  • Any other person who has been authorised to drive the vehicle, who use or are provided with or transported in a vehicle fitted with Telematics device for any period of time and for any purpose. It is the Driver’s responsibility to make a copy of this policy available to any Nominated Drivers.
  • Personal data, process, data controller, data processor and data subject
  • Have the meanings given in the Data Protection Legislation.
  • Service
  • The full range of tracking, risk management, driver monitoring and fleet management services provided by Humn.ai and its subsidiary companies.
  • Telematics Device (Plug-in)
  • The unit which is fitted into the OBD port of your vehicle that collects and transmits data to us.
  • Telematics Device (Fitted to Vehicle)
  • The unit which has been fitted to your vehicle by an installation engineer (as opposed to the Plug-in) and that collects and transmits data to us.
  • Tracking Information
  • Any information collected by the device fitted to the vehicle.
  • VIN
  • Vehicle Identification Number
  • Time to evolve your insurance.

    Real-time rates, organised claims, and increased road safety are all yours. Just a few simple questions to get started.

    I manage a fleet

    I’m a driver

    I’m a broker

    You’re now armed with knowledge.

    Time to make the move. The next step. Shift into drive. Head forward into the future of fleet insurance.

    Get Started
    Humn.ai Limited is authorised and regulated by the Financial Conduct Authority. It is entered on the FCA registered (www.fca.org.uk/register) under No.923700.
    Humn.ai Ltd, 12 Hammersmith Grove, London, W6 7AP is a registered company number 11032616 incorporated in the United Kingdom. Registered with the information commissioner's office (ICO) number ZA504331.