Cambridge Mobile Telematics, Inc. (CMT) takes your privacy seriously. This policy explains how we collect, use, store, and process your Personal Data as a data controller when you use our DriveScape dashcam device and backend web-based services (DriveScape Service).

This Privacy Policy sets out the basis on which CMT collects Personal Data from users, or which users provide, when using the DriveScape Service.  

This Policy Only Applies to the Processing or Collection of Personal Data with the DriveScape Service.

Summary

The DriveScape dashcam has been developed for the ride-share industry.  

The following table summarizes how and when your data is collected and under what conditions it is shared with others. 

Details

1. Scope

This Policy Only Applies to the Processing or Collection of Personal Data

Personal Data means any information about an individual from which that individual can be identified. 

Role as Controller

This Privacy Policy describes our role as a ‘controller’ of Personal Data (the party that decides the purpose and means of the processing of Personal Data). 

For the purposes of US data protection laws and any applicable national implementing laws, regulations and secondary legislation relating to the processing of personal data, the controller is Cambridge Mobile Telematics, Inc. of 314 Main Street, Suite 1200, Cambridge, MA 02142.

2. Data Collection

A. Personal Data We Collect Directly from You

The Personal Data we collect directly from you may include:

Video and Audio Data: (see Summary Table)

Telematics Data: (see Summary Table)

Road and Cabin Snapshots (see Summary Table)

Location Data: we also use GPS technology to determine your current location and while driving. 

Aggregated Data: we also collect, use and share statistical or demographic data for any purpose. This Aggregated Data could be derived from your personal data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature. 

3. Use of Personal Data

We have set out below, in table format, a description of all the ways we plan to use your Personal Data.

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to obtain an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

4. Disclosure and Sharing with third parties

CMT does not sell your Personal Data.  

We may share your Personal Data with third parties for the purposes set out in the table above. Below is a summary of the types of other third parties used:

A. Service Providers

Our contracted service providers, who provide services such as IT and system administration, help desk, CRM, and cloud-hosting.

B. Our Affiliates 

With affiliates within our corporate group, to the extent such sharing of data is necessary to fulfill a request you have submitted online or for customer support, marketing, technical operations, and account management purposes.

C. Professional Advisers 

In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers based in countries in which we operate.

D. Change in Ownership

To a successor, if we engage in a merger, reorganization, or other corporate change, or sell a business unit, or a significant portion of our business. By applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.

E. Legal Requirements

We may be required by law or legal process to disclose your Personal Data, to enforce our legal agreements, or to protect our rights, property, safety, our customers, or others, and we will try to take steps to limit any such disclosure. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

5. Retention

After the expiry of the applicable retention periods, your Personal Data will be deleted, except if there is a dispute, crash, driving incident, or legal or compliance reason for retaining it for a longer period of time). If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.

In addition, we may retain your Personal Data for a longer period in the event of a complaint, if we reasonably believe there is a prospect of litigation in respect of our relationship with you, to comply with law enforcement requests, maintain security, prevent fraud and abuse, resolve disputes, enforce our legal agreements, or fulfill your request to “unsubscribe” from further messages from us.

We will retain some anonymized information after your account has been closed and we may use this for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

6. Your Rights Relating to Your Personal Dat

A. Your Rights

You have the right under certain US based data protection law, free of charge to request:

• Access your Personal Data held by us;
• Rectification or deletion of your Personal Data;
• A restriction on our processing of your Personal Data;
• A transfer of your Personal Data (data portability) in a structured, machine readable and commonly used format;
• Object to the processing of your Personal Data;
• Withdraw your consent to us processing your Personal Data, at any time.

To exercise any of the above rights, please contact us by email at privacy@cmtelematics.com, or by phone at 800-941-7177. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of data protection law. Occasionally it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights), for example your email address and telephone number used to register with us. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

B. Data Security

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

7. Data Protection Officer

CMT has a data protection officer (DPO) who can be contacted as follows: dpo@cmtelematics.com.

8. Complaints

Our intention is to meet the highest standards when collecting and using Personal Data. For this reason, we take complaints we receive very seriously. We encourage users to notify us if they think that our collection or use of Personal Data is unfair, misleading, or inappropriate. If you have any complaints about our use of your Personal Data, please contact our DPO or contact your local data protection supervisory authority.

9. Other Terms

A. Industry Standard Security

While we use industry-standard security measures to protect against the loss, misuse, and alteration of the Personal Data under our control, there is no guarantee that it cannot be compromised. We have aligned our Information Security Management System with the ISO 27001 Standard and SOC2 Type II Framework and are audited against these standards and frameworks on an annual basis.

B. No Contractual Rights

This Privacy Policy is not a contract and does not create any contractual rights or obligations.

C. Links to Third Party Sites 

Our services and website may contain links to other sites and services owned and controlled by others. These third-party websites have privacy policies, and you should review those policies.

D. Contact Us

For specific information, or to ask questions of our privacy team, please contact us at privacy@cmtelematics.com.

Revisions to this Policy 

We may change this Privacy Policy at any time and changes will be posted on this page and, where appropriate, we will notify you through email. Please check back frequently to see any updates or changes to our Privacy Policy.

This Privacy Policy was last revised on January 23, 2024