This privacy notice (hereinafter “Notice”) explains how DriveX Technologies OÜ (hereinafter “we” or “us”) processes personal data of related to DriveX SmartScan Application (hereinafter “Application”). This Notice also explains how we process personal data of visitors of our website https://drivex.io/ (hereinafter “Website”) and other individuals that reach out to us. All such individuals collectively referred to as “you”.
The Notice describes the processing of personal data by us as a data controller. This means that we individually or along with others determine the purposes and means of the processing of personal data.
- DATA CONTROLLER
DriveX Technologies OÜ
Registry code: 14874493
Address: Staapli 3-92, 10415 Tallinn, Estonia
Email: info@drivex.io
Contact details of a data protection officer: valter.lall@drivex.io - PERSONAL DATA WE PROCESS
2.1. “Identity data” – this includes your first name and last name.
Sources of collection of data: we get this data directly from you (e.g., when you contact us for a free trial or demo) or from the representative of the company you work for. In some cases, we receive this data from the requestors in relation to vehicle identification service.
2.2. “Contact data” – this includes your email address and phone number.
Sources of collection of data: we get this data directly from you (e.g., when you contact us for a free trial or demo) or from the representative of the company you work for. In some cases, we receive this data from the requestors in relation to vehicle identification service.
2.3. “Company data” – this includes your company name and other details, such as registry code and address (where relevant).
Sources of collection of data: we get this data directly from you or from the representative of the company you work for.
2.4. “Contract data” – this includes the date and the number of a contract (where relevant), as well as the written contract document.
Sources of collection of data: this data is generated upon conclusion of the contract.
2.5. “Vehicle data” – this includes the vehicle identification number (VIN), vehicle license plate number and photos of the vehicle (where relevant).
Sources of collection of data: we get this data you when you use the Application or in relation to vehicle identification service.
2.6. “Correspondence data” – this includes personal data contained in the correspondence with us.
Sources of collection of data: we get this data when you contact us.
2.7. “Website visit data” – this includes the personal data which is processed via cookies upon visiting and using our Website. Depending on the particular cookie we use, the types of personal data may include e.g.: online identifiers, including cookie identifiers, IP addresses, device identifiers, client identifiers or session ID.
Sources of collection of data: we get this data when you visit our Website.
2.8. “Application usage data” – this includes the personal data which is processed via cookies upon using the Application. Depending on the particular cookie we use, the types of personal data may include e.g.: online identifiers, including cookie identifiers, IP addresses, device identifiers, client identifiers or session ID.
Sources of collection of data: we get this data when you use the Application.
- PURPOSES AND LEGAL GROUNDS FOR DATA PROCESSING
When we process your personal data, we rely on the following legal grounds:
3.1. Processing is necessary for the performance of a contract to which you are the party, or in order to take steps at your request prior to entering into a contract
Purposes of processing Personal data that we process
Providing vehicle inspection service to buyers and sellers. The data we receive from the requestor:
- The vehicle seller’s email address and phone number.
- Vehicle VIN code.
- The requestor’s e-mail address.
The data we receive from the seller of the vehicle: - Photos of the vehicle.
3.2. Consent
In some cases, we need your consent for data processing. With regard to cookies, you always have the right to withdraw the consent by changing your preferences on our Website. Withdrawal of the consent does not affect the legality of the processing of your personal data prior to withdrawal.
Purposes of processing Personal data that we process
Processing of personal data via functional, analytical, and marketing cookies. This is done for the development and improvement of products and services provided by us on the Website, as well as to improve your browsing experience.
We retain and evaluate the information on your recent visits to the Website for analytical purposes in order to improve the functionality of the Website. In addition, we use analytical cookies to perform static analysis of the frequency of visits and the country of origin.
The marketing cookies are used for targeted advertising. The data we receive from you:
- Website visit data.
3.3. Legitimate interests
We process your personal data based on our legitimate interests for purposes described below. You have the right to ask clarifications regarding the processing based on the legitimate interests. You also have the right to send the objection, if you find that processing of your personal data for the purposes provided below prejudice your rights. Please see Section 1 of this notice for our contact details.
Purposes of processing Personal data that we process
Enhancement of marketing and sales of the Application, i.e., the processing of personal data in the event of booking and running a demo. The data we receive from you:
- Identity data
- Contact data
- Company data
Offering a free trial version of the Application to show our potential business customers the value they will receive if they decide to purchase a full subscription. The data we receive from you: - Identity data
- Contact data
- Company data
- Photos of the vehicle.
The data generated upon conclusion of the contract: - Contract data.
Providing DriveX SmartScan services to the business customers. This also includes customer invoicing. For this purpose, we process the personal data of business customer representatives (contract signatories, contact persons). The data we receive either directly from you or from the representative of the company you work for:
− Identity data, including, where relevant, a personal identification code, if the contract is signed digitally.
− Contact data.
− Company data
The data generated upon conclusion of the contract: - Contract data.
Retention of contracts after their termination or expiry. This is done for the purpose of legal claims that we may submit, and for protection against them, in case they are filed against us. The data generated upon conclusion of the contract: - Contract data.
Product development – for this purpose, we process your personal data to train our Artificial Intelligence algorithms.
The personal data we receive from you: - Vehicle photos that may also include a license plate number.
General business communication with individuals that contact us by email, phone, etc. The personal data we receive from you: - Identity data
- Contact data
- Correspondence data
Processing of personal data via essential cookies. Without using this type of cookies, our Website will simply not work properly.
The aim is to maintain a company Website that provides existing and potential customers with general information about our company, allows us to contact us about our Application and use other services offered on the Website. The data we receive from you:
- Website visit data.
- Application usage data.
3.4. Processing necessary for compliance with a legal obligation
We process personal data on this legal ground if the legal obligation for processing arises from the law.
Purposes of processing Categories of data
Notification of and response to the information requests of public authorities and government institutions. All relevant personal data described in this Notice.
Bookkeeping (including storage of accounting source documents). – Identity data
- Contact data
- Company data
- Contract data
- CATEGORIES OF RECIPIENTS OF PERSONAL DATA AND TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
In some cases, we may transfer your personal data to certain recipients who are categorized as follows:
4.1. Partners who provide the services to us, and who process the personal data on our behalf (data processors), e.g.:
(a) Providers of ICT services (including providers of Website and Application hosting services and other providers of cloud services);
(b) Various contractors (IT development, support).
4.2. Public authorities and supervisory bodies, e.g., court, law enforcement authorities, Data Protection Inspectorate. We transfer your personal data to public authorities and supervisory bodies only if the law requires it.
Unless necessary for the provision of services, we do not transfer your personal data outside of the European Union (EU) or the European Economic Area (EEA), nor to such third country or international organization, the level of data protection of which the European Commission has not considered adequate. If your personal data is transferred outside of the EU or EEA, such transfer of personal data will take place only upon appropriate legal basis, and we will take appropriate protective measures.
You have the right to get additional information about the transfer of your personal data by sending us the relevant request at info@drivex.io. - RETENTION OF PERSONAL DATA
We keep your personal data for the period necessary for the achievement of purposes stated in this Notice or until the law requires it.
Specific terms of retention can be exercised by accessing your personal data. Please see the explanation in the section “Your rights regarding the personal data”. - YOUR RIGHTS REGARDING THE PERSONAL DATA
Right of access to your data: you have the right to know, whether personal data concerning you are being processed or not, what is the purpose of processing and what are the categories of personal data. Besides, to whom the personal data is disclosed (especially the recipients in third countries), for how long the personal data is retained and what are your rights concerning rectification, erasure and restriction of the processing.
Right of rectification: you have the right to demand rectification of the personal data concerning you if the data are inaccurate or incomplete.
Right of erasure: in some cases, you have the right to demand erasure of the personal data concerning you, for example in case when you withdraw your consent and there are no other legal grounds for the processing of the personal data.
Right to restrict the processing: in some cases, you have the right to restrict processing of the personal data concerning you for a certain time (e.g., if you have objected the processing of personal data).
Right to object: you have the right to object the processing of personal data, which is processed based on the legitimate interest, including profiling. Upon objection, we will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
Right to data portability: if processing of your personal data is based on your consent or the contract with us and the data processing is carried out by automated means, then you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Also, you have the right to claim to transmit those personal data to another service provider if it is technically possible.
Right to turn to us, supervisory authority, or a court: if you want to exercise the above-mentioned rights, please send us an email at info@drivex.io. If you find that your rights have been breached, you have the right to turn to the court and/or local data protection authority. The contact details of Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) are as follows: address: Tatari 39, 10134 Tallinn, Estonia, email: info@aki.ee, website: http://www.aki.ee/. The contact details for other data protection authorities in the EEA are available here. - COOKIES
We use all the cookies, except the “essential” technical cookies, with your prior consent. You always have the right to withdraw the consent by changing your preferences on our Website. Should technical cookies process your personal data, we rely on our legitimate interests in processing of such data (see the section above that explains our legitimate interests).
We may use both session cookies and persistent cookies. Session cookies or in other words non-persistent cookies are cookies that exist only temporarily while you browse our Website. Your web browser should delete these cookies when you close your browser. On the other hand, persistent cookies that we use expire at a specific date or after a specific length of time set by the third-party or us.
For your convenience, we have categorised the cookies we use our Website by their purposes as follows:
Essential | We use these types of cookies to provide basic functions of our Website, as well as to run the Application. Our Website and Application will not work properly without these cookies. Due to the nature of such cookies, and in accordance with the applicable legislation, we have the right to use them without your prior consent. However, if these cookies process personal data, we rely on our legitimate interests upon processing of such data (please see the relevant section above). |
Functional | We use this type of cookies to improve your browsing experience. For example, such cookies may allow Website to remember your preferences and choices you make on the site including region, and language. We use the functional cookies only based on your prior consent. |
Analytical | We use this type of cookies to analyse how you use our Website. We retain and evaluate the information on your recent visits to the Website for analytical purposes in order to improve the functionality the Website. In addition, we use analytical cookies to perform static analysis of the frequency of visits and the country of origin. We use the analytical cookies only based on your prior consent. |
Marketing | We use this type of cookies for targeted advertising based on your Website visiting activity. We use the marketing cookies only based on your prior consent. |
Hereunder we have listed all the cookies used on our Website. You will find the information regarding their purpose, retention period and whether it is a first-party or a third-party cookie.
Category | Name | Purpose | Expiry | Provider | Used at drivex.ee | Used on the Application |
Essential | __cf_bm | This cookie is used to distinguish between humans and bots. | 1 day | Pipedrive | x | |
Essential | li_gc | This cookie is used to store user’s cookie consent for the current domain. | 2 years | x | ||
Functional | lang | This cookie remembers user’s selected language version of the website. | Session | x | ||
Analytical | _ga | This cookie is used as part of Google Analytics to distinguish users. | 2 years | x | ||
Analytical | _gat | This cookie is used as part of Google Analytics to throttle request rate. | 1 minute | x | ||
Analytical | _gid | This cookie is used as part of Google Analytics to distinguish users. | 24 hours | x | ||
Analytical | ajs_anonymous_id | This cookie is used to identify a specific visitor – the information is used to identify the number of specific visitors on the website. | 1 year | DriveX | x | |
Analytical | ajs_anonymous_id | This cookie is used to count how many times a website has been visited by different visitors – this is done by assigning the visitor an ID, so the visitor does not get registered twice. | Persistent | DriveX | x | |
Analytical | ajs_anonymous_id | This cookie is used to identify a specific visitor – the information is used to identify the number of specific visitors on the website. | 29 days | Figma | x | |
Analytical | AnalyticsSyncHistory | This cookie is used in connection with data-synchronization with third-party analysis service. | 29 days | x | ||
Marketing | __tld__ | This cookie is used to track visitors on multiple websites in order to present relevant advertisement based on the visitor’s preferences. | Session | Segment (Twilio) | x | |
Marketing | _fbp | This cookie is used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months | Meta (Facebook) | x | |
Marketing | ajs_user_id | This cookie collects data on visitors’ preferences and behaviour on the website – this information is used to make content and advertisement more relevant to the specific visitor. | Persistent | Atlassian (Jira) | x | |
Marketing | bcookie | This cookie is used by LinkedIn for tracking the use of embedded services. | 2 years | x | ||
Marketing | bscookie | This cookie is used by LinkedIn for tracking the use of embedded services. | 2 years | x | ||
Marketing | lang | This cookie is used by LinkedIn when the website contains an embedded “Follow us” panel. | Session | x | ||
Marketing | lidc | This cookie is used by LinkedIn for tracking the use of embedded services. | Session | x | ||
Marketing | UserMatchHistory | This cookie ensures visitor browsing security by preventing cross-site request forgery | 29 days | x | ||
[●] | figma.ref | [●] | Session | Figma | x | |
[●] | initialPathName | [●] | Session | Figma | x | |
[●] | userleap.ids | [●] | Persistent | Sprig | x | |
[●] | userleap.pageviews | [●] | Persistent | Sprig | x |
- AMENDMENT OF THIS NOTICE
We have the right to amend this Notice unilaterally. We will notify of amendment of this Notice in the Application, by email or in other manner.