This site is owned and operated by eDriving. It is the policy of eDriving and its global subsidiaries and affiliates to respect personal data, including sensitive personal data that is collected or maintained by or on behalf of eDriving for the benefit of the eDriving customers for whom eDriving is an authorized service provider.
NOTICE TO INDIVIDUALS
By means of a definitive consent and its acceptance by an individual, eDriving or the eDriving customer notifies individual as to the identity of the “data controller”, the purposes for which eDriving collects, processes and maintains the data and any further information as may be required by the circumstances under which the data is being collected including the types of personal data eDriving collects, the recipients or categories of recipients of the data, the proposed transfer of such data to third countries, the types of third parties to which eDriving may disclose such data and the right of access to the data. Notice to each individual is provided at the time of consenting to participation into the service or at the time of collection, or as soon as practicable thereafter and before eDriving uses or discloses the information for a purpose other than that for which it was originally collected.
CHOICE OF INDIVIDUALS TO PROVIDE PERSONAL DATA
eDriving only uses the personal data of individuals who have provided their consent to collect and use such data either directly to eDriving or to their employer which in turn has authorized eDriving to collect and use such data. Individuals can opt out of providing such data by not providing their consent.
PURPOSES FOR WHICH EDRIVING COLLECTS AND USES PERSONAL DATA
In the course of servicing eDriving customers directly and servicing the employees of eDriving customers indirectly, eDriving acquires, collects, maintains, utilizes, discloses and transfers customer and individual communications and information that individuals may regard as private or sensitive. Some of this information – such as the individual’s name and e-mail address – is provided to eDriving by its customers in order to establish service. Other information – such as the aggregate results of a customer’s ‘risk assessment’ and the ‘risk assessment’ of an individual related to such eDriving customer – is created and maintained by eDriving in the normal course of providing services and is used for research, statistical archival and other analytical purposes. In addition, eDriving may store an individuals’ electronic mail and other communications as a necessary incident to the transmission and delivery of those communications.
WHAT IS A COOKIE?
“Cookies” are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
WHAT COOKIES DOES THIS WEBSITE USE?
This website uses the following cookies:
- Cookies are used to remember the user who is currently logged into the system.
- Cookies that evenly distribute the Virtual Risk Manager web traffic across the Virtual Risk Manager website infrastructure.
- Cookies which tell us statistical information about our website visitors, e.g. popular pages, what browsers are used, and how much time is spent on each page.
MORE DETAIL ON COOKIES WE USE?
Here is a list of the cookies we use, their names and what we use them for.
|Website Infrastructure||NSC_Qspe-Bqq-IUUQT||Evenly Distribute Website Traffic||This is a first party cookie, and is set immediately upon visiting the website. This cookie stores a random set of characters, and is used to evenly distribute web traffic across the virtualriskmanager website infrastructure.|
|To allow logging in||These cookie stores random numeric entries unique to the user currently logged into the Virtual Risk Manager. These are to enable the user to remain logged in. These are first party cookies, and are set when logging into the site.|
|Google Analytics||__utma||Identifying Unique Visitors||Each unique browser that visits a page on this site is provided with a unique ID via the __utma cookie. In this way, subsequent visits to the website via the same browser are recorded as belonging to the same (unique) visitor. This is a first party cookie, and is set immediately upon visiting the website.||Google Analytics Opt-out Browser Add-on|
|Determining Visitor Session||Two cookies are used by Google Analytics to determine a session; a session is a period of interaction between a visitor’s browser and a particular website. These are first party cookies, and are set immediately upon visiting the website.|
|__utmz||Tracking Traffic Sources &; Navigation||When you reach this site via a search engine result, a direct link, or an ad that links to the website, Google Analytics stores the type of referral information in a cookie. This is a first party cookie, and is set immediately upon visiting the website.|
HOW DO I DELETE THE COOKIES?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit https://ico.org.uk/for-the-public/online/cookies/
HOW IS PERSONAL INFORMATION USED?
eDriving will only acquire, collect, maintain, utilize, disclose or transfer individual sensitive personal information at the express instruction/permission of the eDriving customer to provide fleet risk management services and driver assessments to such customer and to undertake research and dissemination of driver safety developments and trends. Under no circumstances will any personal information be used by eDriving for promotion or marketing to individuals related to such eDriving customers.
eDriving takes all reasonable steps to protect personally identifiable information and protect such information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction including:
- All Personal Data is encrypted in transit and at rest (minimum 256 bit encryption)
- Access to Virtual Risk Manager Driver HQ and Manager MIS is via HTTPS only.
- eDF Data centers have:
- multiple levels of security including CCTV, restricted access, locked cabinets
- strict employee procedures regarding data protection (Staff vetting, training)
- are dedicated ‘High Availability’ unique to eDF
- 24/7 Monitoring and intrusion detection in place
- regular scheduled security testing
- ISO27001 certification for Information Security and regularly audited (both internally and by 3rd parties).
DISCLOSURE OF PERSONAL INFORMATION AND COMMUNICATIONS
eDriving will not disclose its customers’ information and information obtained from individuals unless eDriving has reason to believe that disclosing such information is necessary to identify, make contact with, or bring legal action against someone who may be causing harm or interfering with the rights or property of eDriving, eDriving customers, or others, or where eDriving has a good faith belief that the law requires such disclosure.
If you have a user name and password for any of the features on the eDriving Web sites, you have the responsibility of keeping your password secret. You should not reveal your password to anyone. eDriving will not ask you in an unsolicited telephone call or e-mail for your password. In addition, you should take reasonable precautions when using a computer that is not your own or in a public setting.
Data collected online may also be combined or merged with information you provide to eDriving by means other than through this site as part of eDriving standard business operations.
eDriving or its affiliates may sell or buy other businesses or entities. In such transactions, personal information may be one of the transferred business assets. Also, in the event that eDriving or substantially all of its assets are acquired, personal information may be one of the transferred assets. eDriving may also transfer such information to its affiliates directly involved in the operation of the web site or any application.
eDriving also will not, except for reasons stated below, otherwise disclose to third parties personal information or the contents of any electronic mail or other electronic communications that eDriving stores or transmits for its customers. The other circumstances under which eDriving will disclose such personal information or electronic customer communications are when:
- It is necessary to protect the legitimate interests of eDriving and its customers;
- It is required to cooperate with interception orders, warrants, or other legal process that eDriving determines in its sole discretion to be valid and enforceable;
- It is necessary to provide to a law enforcement agency when the contents are inadvertently obtained by eDriving and appear to pertain to the commission of a crime;
- For certain research purposes to seek to improve driver safety; and
- When necessary to avert a serious threat to your health; or safety or to the health and safety of another individual or the public.
eDriving will report to its direct customers any use or disclosure of the individual sensitive personal information (“ISPI”) not provided for under these policies of which it becomes aware in accordance with applicable national, federal, state and local law. eDriving will destroy, or arrange for the destruction of records within its custody or control containing ISPI which is no longer to be retained by eDriving or the eDriving customer to make such ISPI unreadable, undecipherable or non-reconstructable through generally available means.
Consistent with these privacy principles, personal information must be relevant for the purposes for which it is to be used. eDriving seeks not to process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, eDriving takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current and that that decisions will not be based upon erroneously or inappropriate information. The data integrity principle minimizes the risk that personal information would be misused or abused because as eDriving is collecting only relevant information, there is less opportunity to misuse and abuse personal information.
eDriving allows employees of eDriving customers to check the stored information and ensure that it is up-to-date and correct, and that eDriving and the eDriving customer is doing what it says it is doing about collecting and retaining data. eDriving also enables the individuals whose personal information has been collected to access such personal information so as to be able to correct, amend, or delete that information where it is inaccurate.
eDriving has implemented self-assessment procedures for verifying that the attestations and assertions eDriving has made about its privacy practices are true and that privacy practices have been implemented as presented with appropriate follow up procedures. eDriving has put in place a readily available and affordable independent dispute resolution system that will investigate and resolve individual complaints and disputes and damages awarded where the applicable law or private sector initiatives so provide. This dispute resolution system is also designed to remedy problems arising out of a failure by eDriving, the eDriving customer or a disputing individual to comply with these privacy principles that is sufficiently rigorous to ensure compliance.
In addition, eDriving permits an independent third party, BSI, to conduct an audit of eDriving’s Information Security Management System (ISMS) each year. EDRIVING’s ISMS (Certificate/License Number: IS 615148) covers the provision of driving and driving related risk management services to organizations. The eDriving ISMS also includes all information and information processing facilities/equipment owned by, or in custody of eDriving, all people employed by eDriving, including contractors, all business functions and processes, including information processing, the management and configuration of software, testing processes and procedures, protection and integrity of code and libraries and the physical/procedural/personal security of the coding environment.
HOW DOES EDRIVING PROTECT THE PRIVACY OF CHILDREN?
eDriving does not knowingly collect or use any personal information from children (eDriving defines “children” as minors younger than 13) on eDriving web sites. eDriving does not knowingly allow children to order our products, communicate with us, or use any of our online services. If you are a parent and become aware that your child has provided eDriving with information, please contact eDriving using any of the methods specified below, and eDriving will work with you to address this issue.
YOUR COUNTRY, STATE OR PROVINCE PRIVACY RIGHTS
Applicable country, state or province local law may provide additional privacy rights.
CHANGES TO THIS PRIVACY STATEMENT
This privacy statement may be amended from time to time to reflect technological advancements, legal and regulatory changes and good business practices. When eDriving does update the privacy statement, eDriving will also revise the effective date paragraph to provide a “last updated” date.
eDriving welcomes your comments regarding this privacy statement. If you believe eDriving has not adhered to this statement, please contact us at the addresses below. eDriving will use commercially reasonable efforts to promptly determine and remedy the problem.
UK, EUROPE, AFRICA & THE MIDDLE EAST:
Pennine Business Park, 9 Longbow Close, Huddersfield, HD2 1GQ, England, United Kingdom.
NORTH & SOUTH AMERICA, CANADA, ASIA PACIFIC & THE CARIBBEAN:
eDriving FLEET LLC.
211 Bayberry Drive, Suites 1 D, E & F, Cape May Court House, New Jersey, 08210, USA.
This statement is effective as of February 1st 2019.