– Explanation of GDPR for beginners
We do not intend to present the GDPR completely, we only give a few principles that will help you to understand what parts of your existing or future product may be in conflict with European regulations. For details and complete understanding please read official texts.
. Concept 1 : no recording of infridgement to the law Except if you are credited by a Government for that, you shouldn’t record infridgements to the law. In car telematics, this leads to a real problem when it comes about CAR SPEED. Indeed, car speed may be over the legal speed limit and then may contain an infridgement to the law. Same idea, you shouldn’t count infridgements to the law even if you do not record them (example : 10 overspeed alerts etc).
You can alert driver on overspeed, but not record it.
Note : not recording car speed means not recording it directly or indirectly : Precise geolocation and accelerations recording may be used to reshape car speed … This is a limitation to cloud computing based solutions that record raw data on a cloud and postprocess those data to extract intended information.
. Concept 2 : are recorded data NEEDED for the company that records ?
Example : if you manage a vehicles fleet for precious products transportation, you may argue that you need to know in real time the precise geolocation of all your vehicles. But if you are a car insurer or a car manufacturer, it will be hard to explain why you need to know where your customers go and when. It could be considered as « spying ».
– Solution of NEXYAD
SafetyNex API computes the risk that driver is currentlt taking, in real time.
Car Speed is necessary to compute this risk. So SafetyNex uses this value as input of the risk computing algorithm. The output is a risk value, and then you may record risk value without recording car speed, because risk is the « final variable » that you need.
All is computed INSIDE the onboard device (smartphone, telematics device, ADAS computer, …) and car speed recording is not needed at all.
Computing in real time INSIDE the onboard device every « final » variable is a good wayto be compliant. This is called « privacy by design ».
– Download offical French GDPR regulation text (available both in French and in English)
Note : You will notice that NEXYAD is quoted in page 3.
. PACK DE CONFORMITE : VEHICULE CONNECTE ET DONNES PERSONELLES
. COMPLIANCE PACKAGE : CONNECTED CAR AND PERSONAL DATA