GDPR Compliance

Data privacy, Personally Identifiable Information (PII), and GPS technology

In a GPS-based location tracking system, in order to achieve efficiency in travel time and fuel consumption among others, the following types of personal data are collected and processed so that the client has access to the fleet analytics. The data includes, but is not limited to:
Date/time stamp of travel
Speed & Fuel data collected at regular intervals
Location data collected at regular intervals
Vehicle driver’s contact details for driver’s identification
Foreground services from mobile to send attachment data on the server
Camera to upload images while adding vehicles to the system
Read Contacts in mobile application used to share location on a specific number
Wifi state to check internet connection to access the application

How Kimii Telematics can help comply with GDPR:

For fleet owners who are considering implementing a cutting-edge GPS solution without breaching the privacy of their vehicle drivers, it becomes a necessity to verify the solution provider’s data privacy controls. Kimii Telematics has integrated a world-class Privacy Management System in its location tracking solutions to stay in compliance with GDPR at all times.
Kimii Telematics’s Privacy Information Management System ensures:
All personally identifiable information is end-to-end encrypted.
All the data sent from the GPS device of the vehicle to Kimii Telematics’s data cloud is encrypted (encryption on transmission/encryption of data in motion)
The data once processed, is also encrypted on the disk so that in case of a data breach, the data remains unusable. (encryption of data at rest)
Data minimization
Kimii Telematics’s solution is designed to collect only data that is necessary for the purposes of the collection (the services being offered to the client). Minimal data collection means minimal risks posed by personal data.
Third-party transfers
As any other business, Kimii Telematics leverages partnerships with vendors for the storage and processing of location data. In order to safeguard data privacy, Kimii Telematics has vendor risk management procedures to ensure that all the vendors are vetted for privacy protection. For critical vendors who may access the data as a part of service delivery, Kimii Telematics uses Data Processing Addendums (DPAs) used in conjunction with standard clauses to enforce best privacy practices on the vendors.
Privacy by Design
The product development team at Kimii Telematics follows the ‘7 foundational principles of Privacy by Design’ in the product development process. This ensures the solution built by Kimii Telematics not only brings value to the client’s business but also mitigates the privacy risks of such a solution.
For more information on our GPS solutions that comply with Global privacy regulations including EU-GDPR, CCPA (California), PDPA (Singapore) and LGPD (BRazil), please contact us today and request a comprehensive report of data privacy practices at Kimii Telematics.

Our History
Scroll to Top