Privacy Policy
Introduction
Seeing Machines Limited is headquartered in Australia and is the parent company for a number of wholly-owned subsidiaries (Seeing Machines). We are an industry leader in computer vision technologies, which enable machines to see, understand and assist people. We harness human factors science to create artificial intelligence technology that observes a driver’s attention – reliably, unobtrusively, and in real time – and intervenes seamlessly when necessary. We use data to develop an understanding of the real-world safety behaviours of drivers, pilots and other vehicle operators, and we design human sensing technology to address these behaviours in order to help make the world a safer, smarter place for drivers and the wider community.
We respect the privacy of individuals and are committed to protecting and managing the Personal Data we collect in accordance with this Privacy Policy, relevant data protection legislation, our contracts, and our stakeholders’ expectations.
For the purpose of this Privacy Policy, “Personal Data” means any information, including an opinion (whether true or not), about an individual whose identity is identified or can reasonably be identified. Examples of Personal Data include: names, home addresses, email addresses, reference reports, photos and video images, and telephone numbers or other individual contact information. For the purposes of this Privacy Policy, Personal Data also includes sensitive Personal Data, such as, biometric data (i.e. facial images), data revealing racial or ethnic origin or data concerning a person’s health that is obtained as a result of in-vehicle video recording and images of the driver or operator and information about the drivers’ driving behaviour, such as fatigue and distraction events.
References in this Privacy Policy to “Seeing Machines”, “we”, “us”, and “our” are references to the Seeing Machines entity responsible for the processing of your Personal Data, which generally is the Seeing Machines entity that collects your Personal Data.
Purpose
This Privacy Policy provides information on the types of Personal Data we obtain, how we may use that Personal Data, how we may share it and your rights regarding our processing of that Personal Data. In addition, this Privacy Policy also outlines the measures we take to protect the Personal Data we obtain.
This Privacy Policy applies to all Personal Data obtained by Seeing Machines. However, it does not apply to Personal Data:
- of other entities outside of our control;
- an individual provides to Seeing Machines in connection with the Seeing Machines’ recruitment process. This is addressed by the Seeing Machines Employee, Officer, Director & Applicant Privacy Notice.
- processed on behalf of our customers/end-users when providing technical support and other professional services under an executed agreement for the provision of Seeing Machines products and services which is addressed in the Seeing Machines Data Processing Addendum.
Collection of Personal Data
In providing Seeing Machines’ products and services, we collect and manage a range of data from different sources, including Personal Data about: our clients’ employees, contractors or agents; our distributors’ employees, contractors or agents; our suppliers’ employees, contractors or agents; other end users of our products and services; potential investors for marketing purposes; individuals, through digital services, such as mobile applications, social media or newsletters; and individuals that interact with us or our employees, such as by visiting our premises or phoning our staff. The categories of Personal Data that we may collect is identified in table 1 below.
Table 1: Personal Data that may be Collected by the Seeing Machines Group
Data Subject | Categories of Information | Purpose | Legal Basis |
Our client’s (including their affiliate’s) employees or contractors |
|
To:
|
|
Our distributors’ and authorised third-parties’ employees and contractors |
|
To:
|
|
Our suppliers’, their employees and contractors |
|
To:
|
|
Individuals who engage with us in relation to marketing or corporate communication |
|
To:
|
|
Shareholders, board members and individuals who engage with Seeing Machines in relation to investment, or other corporate engagement |
|
To:
|
|
Individuals who visit our premises |
|
To:
|
|
Individuals who engage with our corporate digital services (i.e. visit our website), utilise our mobile app or email or telephone our employees |
|
To:
|
|
1Whilst we may obtain sensitive Personal Data as a result of in-vehicle video recording and images of the driver or operator and information about the drivers’ driving behaviour we do not purposefully process or record racial, ethnic or health data in our databases.
Sharing Personal Data
We may disclose Personal Data to other entities for the purposes described above and with another entity in order to comply with our obligations under relevant jurisdictional law. We will do this: when the law requires it; at the direction of a government authority; in responding to an emergency, declared by a State, Territory, Federal or National Government; for national security, law enforcement or litigation purposes; or in the event we sell or transfer all or a portion of our business or assets.
We will not share or sell Personal Data with unaffiliated third parties for any other purpose, unless explicit written consent is submitted by the data subject.
Retention of Personal Data
We retain Personal Data about a range of individuals in order to provide our products and services. For example, we retain Personal Data, in the form of in-vehicle video recording and images of drivers, for 12 months to enable our clients to monitor driver fatigue and distraction and therefore prevent accidents. Overall, we retain Personal Data for the minimum period required to achieve the purposes outlined in this Privacy Policy (see Table 1), unless a different retention period is required under our client or distributor contracts or relevant jurisdictional legislation. We may also retain certain Personal Data related to our products and services for longer in order to enhance, improve, or modify our products and services or to help develop new products and services. In these circumstances, access to that Personal Data is tightly controlled.
Personal Data that is not used for any purpose is deleted. If a person objects to us processing their Personal Data, we will remove it from our systems in accordance with our data deletion cycle, unless we have a valid justification to hold on to it, such as to resolve disputes or comply with our legal obligations.
Personal Data Rights
With your assistance, we aim to ensure that the Personal Data that we collect and process, is accurate, up-to-date, complete and Individuals have the following rights with regards to their Personal Data.
- Opt-out of our use of Personal Data
Individuals may withdraw consent for us to process their data so long as it does not impede our capacity to meet our legal obligations under relevant jurisdictional law. - Delete Personal Data
Individuals can ask us to erase or delete all, or some, of their Personal Data, so long as it does not impede our capacity to meet our legal obligations under relevant jurisdictional law. - Change or correct Personal Data
Individuals can ask us to correct some of their Personal Data, so long as it does not impede our capacity to meet our legal obligations under relevant jurisdictional law. They can also ask us to change, update or fix information about you in certain cases, particularly if it is inaccurate. - Object to, or limit or restrict use of Personal Data
Individuals can ask us to stop using all or some their Personal Data (for example, if we have no legal right to keep using it) or to limit our use of it (for example, if the information about them is inaccurate), so long as it does not impede our capacity to meet our legal obligations under relevant jurisdictional law. - Right to access Personal Data
Individuals can also ask us for a copy of their Personal Data in machine readable form if they reside in the EU, Australia or another country that provides this right as a matter of law.
Exercising these rights may be governed by an individual’s contract with their employer, as it may impact on the provision of Seeing Machines’ products and services and therefore driver safety.
Should an individual wish to exercise these rights in relation to Seeing Machines’ products and services, they should contact their employer. Where relevant, they can write to us:
via e‐mail at privacy@seeingmachines.com or
via mail at:
Att: Privacy & Data Protection Officer
Seeing Machines Limited
80 Mildura Street,
Fyshwick, ACT, 2609,
Australia
Data Protections
Personal Data is principally held in electronic databases maintained within the Seeing Machines computer network. We maintain appropriate administrative, technical and physical safeguards designed to protect your Personal Data against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use, consistent with this policy and relevant data protection legislation.
We use the following mechanisms to protect Personal Data:
- Active Management of Data Access – only those who need access to Personal Data in order to provide or support the provision of those products or services, have access to that data, with both physical and IT access restricted for different users based on user/access rights models;
- Secure Log On and Access – our IT systems utilise strength-tested passwords and unique identifiers and our premises have secure key card access;
- Logging – within our IT systems, there is tracking of certain activities, based on specific user roles and the activities;
- IT System Maintenance – our IT systems are constantly monitored and maintained, with telemetry in place to track upgrades and bugs;
- IT System Protections – our systems use industry standards to protect Personal Data and we rely on those systems security to protect your data, with most systems including protection from and monitoring for malicious software;
- Physical Protections – archived data is stored within secure on-site servers;
- Contractual Restrictions – use of data by third parties, such as our contracted IT system providers, is limited to the allowable uses set out in contracts and as governed by relevant data protection legislation; and
- Training and Approvals – our employees who access Personal Data have been made aware of data protection and privacy requirements, with key employees being authorised and receiving specialist training. In addition, all employees have signed confidentiality agreements.
We use reasonable organisational, technical, and administrative procedures designed to protect Personal Data. Unfortunately, no system, data transmission or storage mechanism can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us at privacy@seeingmachines.com.
Cookies
We use cookies across our websites to help enhance user experience, help make visits to our sites more effective and to collect industry-standard web statistics. Cookies are small data files which are sent from a web server to a web browser, and, depending on the type of cookie being used, either expire at the end of a browsing session or are stored until a set date.
Individuals can control the use of cookies at the individual browser level. Please note, however, that restricting the use of cookies may impact the functionality of our websites, particularly those that are designed to enable you to access a service. The three types of Cookies that we employ are: 1) essential (necessary to use the websites); 2) analytics (to help us understand how people use our websites); and 3) preference (to help us remember your language/ region choices).
We may provide links to other third-party websites which are outside of our control, individuals should review the privacy policies posted on the websites they visit.
Notifiable Data Breaches
We actively manage any suspected, actual or likely data breaches. We have put in place a data breach response plan and procedure as required by relevant legislation. Our employees must operate in accordance with these and our other data protection policies and procedures.
A data breach occurs when there is unauthorised access, transmission, copying, alteration, loss, storage, disclosure, or misuse of Personal Data. An action that prevents access to Personal Data on either a temporary or permanent basis, such as ransomware incidents, may also be considered a data breach under relevant data protection laws. Such data breaches may be as a result of malicious or criminal behaviour, system fault, human error or another factor.
We will notify affected individuals and relevant supervisory authorities of a data breach as required under relevant data protection legislation. Any notification of a data breach will be in accordance with the relevant data protection legislation.
Cross Border Transfers
We primarily store, collect and process Personal Data in Australia, European Economic Area (EEA) and the United States. In the case of Personal Data collected in the EEA, the Personal Data is stored on servers located within the EEA. As we operate globally, Personal Data is also collected in any country where we operate. It may therefore be stored and accessed in those countries. This Personal Data is collected and transferred in accordance with relevant data protection legislation (including, without limitation, the GDPR and any national laws implementing the GDPR). Transfer of Personal Data in most circumstances will be via a telecommunication or World Wide Web network.
Personal Data relating to products and services is normally stored within a database, which reside within a system provided by Amazon Web Services in the United States. When required by law, Seeing Machines may transfer Personal Data in accordance with the European Commission approved Standard Contractual Clauses pursuant to the GDPR, United Kingdom Information Commissioner Office approved International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses, or other data transfer agreements.
Some countries may not require the same level of protection for Personal Data as the country in which the Personal Data was collected. However, we maintain consistent data protection processes globally, similar to the requirements imposed under the GDPR.
Contacting Us
For further information about privacy, to lodge a complaint or exercise your Personal Data rights, please contact us:
via e‐mail at privacy@seeingmachines.com or
via mail at:
Att: Privacy & Data Protection Officer
Seeing Machines Limited
80 Mildura Street,
Fyshwick, ACT, 2609
Australia
In the event of a complaint, you may also contact the relevant supervisory authority in their country.
Updates to this policy
We reserve the right to change this policy from time to time. Any changes to this policy will become effective when we post the revised policy on our website.
Notice to California Residents
CALIFORNIA CONSUMER PRIVACY STATEMENT
This California Consumer Privacy Statement (“CCPA Privacy Statement”) supplements the Seeing Machines Privacy Policy and applies only to California consumers that is intended to address the applicable notice requirements under the California Consumer Privacy Act 2018 (“CCPA”). Nothing in this CCPA Privacy Statement is intended to contradict or limit the applicability of the information provided in the Seeing Machines Privacy Policy.
This Statement does not apply to Personal Data submitted in connection with the Seeing Machines’ recruitment process.
Collection and Disclosure
During the prior 12-month period, we may have:
- Collected the following categories of Personal Data about you:
- identifiers such as a name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, Internet Protocol address, email address, account name;
- signature, bank account number, credit card number, debit card number, and other financial information;
- commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;
- Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements;
- geolocation data;
- audio, electronic, visual, and similar information;
- professional or employment-related information; and
- inferences drawn from any of the information identified above to create a profile about you reflecting your preferences.
- Collected Personal Data about you from the following categories of sources:
- from you, for example, when request access or visit our offices or facilities; or through your interaction with Seeing Machines online and offline marketing material;
- participate in Seeing Machines events including conferences, webinars, surveys, questionnaires, research or evaluations;
- third parties such as your employer, company administrator or business partner, through their use of Seeing Machines’ online and offline marketing material;
- our affiliates;
- social media networks;
- Personal Data contained in forums, blogs, and testimonials you provide or that we obtain from publicly available sources (such as social media channels);
- marketing and business information sources; and
- advertising networks.
- Collected Personal Data about you for the following business or commercial purposes (in addition to the purposes detailed in the Seeing Machines Privacy Policy:
- performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services;
- auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance;
- short-term, transient use, including, but not limited to, the contextual customisation of ads shown as part of the same interaction;
- detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
- debugging to identify and repair errors that impair existing intended functionality;
- undertaking internal research for technological development and demonstration; and
- undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.
- Disclosed for a business purpose the following categories of Personal Data about you:
- identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, Internet Protocol address, email address, account name;
- signature, bank account number, credit card number, debit card number, and other financial information;
- commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;
- Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements;
- geolocation data;
- audio, electronic, visual, and similar information;
- professional or employment-related information; and
- inferences drawn from any of the information identified above to create a profile about you reflecting your preferences.
- Shared your Personal Data for the business purposes described above with the following categories of third parties:
- our affiliates and subsidiaries;
- vendors who provide services on our behalf;
- persons connected to your business, such as your employer, company administrator or business partner;
- our customers and partners, to inform them about their users’ use of our services and online and offline marketing material;
- our joint marketing partners, sales partners and other business partners; and
- third-party marketers (who may combine your Personal Data with their own records, and records available from other sources), for their own direct marketing purposes, and the direct marketing purposes of other third-party marketers.
California Consumer Privacy Rights
You may have the right to request, twice in a 12-month period, the following information about the Personal Data we have collected about you during the past 12 months:
- the categories and specific pieces of Personal Data we have collected about you;
- the categories of sources from which we collected the Personal Data;
- the business or commercial purpose for which we collected or disclosed the Personal Data;
- the categories of third parties with whom we shared the Personal Data; and
- the categories of Personal Data about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.
You also may have the right to request that we provide you with (1) a list of certain categories of Personal Data we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and (2) the identity of those third parties. In addition, you have the right to request that we delete the Personal Data we have collected from you.
Notwithstanding that Seeing Machines does not sell any Personal Data unless explicit written consent is provided, you have the right to opt out of the sale of your information. To opt out please contact privacy@seeingmachines.com.
To submit a request related to other rights, you may contact privacy@seeingmachines.com.