Updated on: June 14, 2023
Effective on: June 14, 2023
As the operator of Neusoft ISA, ISA Group Co., Ltd. (registered at No. 2, Xinxiu Street, Hunnan New District, Shenyang City, hereinafter referred to as "we") is fully aware of the importance of personal information to you and will do our best to protect the security and reliability of your personal information.
Please read thoroughly and understand the Neusoft ISA Privacy Policy (hereinafter referred to as "the Privacy Policy") before using our products or services. Please only use our products (or services) with your consent to the contents as agreed in this Privacy Policy.
If you have any questions, comments or suggestions, please contact us through the contact information:
Data controller: BYD Auto Industry Co., Ltd.
E-mail: -for [EU countries], please contact [privacy.eu@byd.com]
Address: No. 3001, 3007, HengPing Road, Pingshan, Shenzhen, P.R. China
Data Processor: Neusoft Group Co., Ltd.
Email: OneCoreGo.Care@neusoft.com
Address: No. 2 Xinxiu Rd, Hunnan District, Shenyang, Liaoning, P.R.China
This Policy will help you understand the following:
1. How we collect and use your personal information
2. How we process, share, transfer, and disclose your personal information through entrustment
3. How we protect your personal information
4. Your rights
5. How we process children's personal information
6. How your personal information is stored and transferred globally
7. How we update this Policy
8. How to contact us
1. How we collect and use your personal information
1) The basic function we provide depends on some information to run. If you choose to use this basic ISA function, you need to provide us with or allow us to collect and use necessary information, including:
a) When you first use Neusoft ISA, you can use the activation function. We will collect your vehicle ID, your location information, activation time, country code and map data version. We will use your location information to judge whether you are within the pre-stored map data coverage range, so as to complete the first activation of Neusoft ISA, which grants you normal access to Neusoft ISA.
b) When you use the positioning function, we will collect your location information to provide you ISA information.
When you use above-mentioned functions, we need your authorization to enable the location permission and disk access and read-write access permissions. You can disable the above-mentioned permissions through system authorization to stop us from collecting the above-mentioned information, but you may not be able to access relevant services or functions or achieve the intended effects of these services.
2) To enable additional functions, you can choose to provide us with or allow us to collect the following information.
a) When you use the Traffic function, we will collect your location information to display nearby traffic congestion.
b) When you use the map data online update function, we will collect your vehicle ID and map data version to update the latest version for you.
3) After-sales service server
During your use of Neusoft ISA, we will record the operation of Neusoft ISA in the form of logs under your IVI path /sdcard/logs and sdcard/isalog.
a) When there is a problem that requires us to analyze and investigate, you can contact the local dealer. After obtaining your authorization, the dealer will extract your logs and send them to the after-sales service server in Germany. We will use the logs in the after-sales service server to analyze the problem.
Personal information that may be involved includes: your vehicle ID, activation time, country code, map data version number; your location information; vehicle speed;
4) Legal basis for processing personal data
We will process your personal data in accordance with applicable data protection laws. Therefore, we will process your personal data on the following legal grounds:
a) To perform the contract to which you are a party, or to take measures according to your requirements before we sign the contract;
b) For the legitimate benefit of us or third parties;
c) To comply with our legal obligations;
d) Based on your consent.
2. How we process, share, transfer and publicly disclose your personal information through entrustment
1) Entrusted processing
a) In order to provide you with more perfect and high-quality products and services, some specific modules or functions in this basic function are provided by external suppliers. For example, we may hire a service provider to assist us in providing customer support.
b) For companies, organizations and individuals entrusted by us to process personal information, we will sign strict confidentiality agreements with them, and require them to process personal information in accordance with our requirements, this Privacy Policy, and any other relevant confidentiality and security measures.
2) Sharing
a) In order to provide you with more perfect and high-quality products and services, some of our services will be provided by our partners. We may share some of your personal information with our partners to provide better customer service and user experience. We will only share your personal information for legal, just, necessary, specific and clear purposes, and will only share the personal information necessary for the provision of the service. We will strictly monitor the software development kit (SDK) and application program interface (API) of our partners to protect data security. At the same time, we will sign a strict confidentiality agreement with our partners, and require them to process your personal information in strict accordance with our instructions, this Policy, and any other relevant confidentiality and security measures. We will require our partners not to use the shared personal information for any other purpose.
Currently, as the supplier of the ISA application, we provide ISA service support for BYD IVI system.
Our partners include HERE, an online data service provider, which provides us with online data service support. When you use Neusoft ISA online, we will share relevant information with HERE in the following scenarios.
1) When you use the Traffic function, we will share your location information with HERE to obtain Traffic information around you.
3) Transfer
In the event of merger, acquisition or bankruptcy liquidation, we will comply with all applicable legal requirements where personal information transfer is concerned. We will require the new company or organization that holds your personal information to continue being bound by the Privacy Policy, otherwise, we will require the company or organization to ask you for authorization and consent again.
4) Public disclosure
We will only disclose your personal information under the following circumstances:
a) With your express consent;
b) Disclosure based on law: We may publicly disclose your personal information under the mandatory requirements of laws, legal procedures, lawsuits or government authorities.
3. How we protect your personal information
(1) We have used security protection measures that conform to industry standards to protect the personal information you provide from unauthorized access, public disclosure, usage, modification, damage, or loss.
(2) We have established an advanced data security management system with data as the core and focusing on the data life cycle in the industry to improve the security of personal information from the dimensions of organization construction, system design, personnel management and product technology. Through training courses and examinations, we continuously enhance employees' awareness of the importance of protecting personal information.
(3) The Internet environment is not 100% secure, so we will try our best to ensure or guarantee the security of any information you send us. If our physical, technical or management protection facilities are damaged, resulting in damage to your legitimate rights and interests, we will start the emergency plan in time and take reasonable and necessary measures to minimize the impact on you.
(4) In case of any unfortunate security incident, we will promptly inform you of the basic information and possible effects of the incident, the measures we have taken or will take, the suggestions on your risk prevention and reduction, the remedial measures for you, etc. according to laws and regulations. We will notify you of the related information by mail, correspondence, telephone, push notification, etc. When it is difficult to notify the subject of personal information one by one, we will release corresponding announcements through reasonable and effective methods. Meanwhile, we will report the disposal of such security incidents according to the requirements of the regulatory authorities.
(5) Special notice:
a) When you provide your geographical location or whereabouts through third-party software, do protect your personal information.
b) Please understand that various malicious or non-malicious attacks may exist or occur due to the rapid development of computer and Internet technology and the limitation of synchronization speed. We do everything we can to enhance security measures, but it's not always possible to ensure that information is 100% secure.
c) Neusoft ISA cannot control the system and communication network, or hardware devices you use for our products or services, or hardware devices. Please understand and protect your personal information.
d) Your personal information, after being anonymized, will be the data that can be used and circulated. For the storage and processing of such data, Neusoft ISA has no need to inform you or obtain your consent.
4. Your rights
This section describes your rights to the personal data we collect under the Applied Data Protection Laws (any applicable legislation or supervision system established by a recognized government, government or administrative entity to protect the privacy rights of natural persons or families composed of natural persons). If you need to exercise relevant rights or have questions, please contact us through the contact information in this Policy. If your request is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing information or correspondence or taking the requested action) or to refuse to take action on the request.
1) Access rights
You are entitled to access to your personal information unless otherwise stipulated by laws and regulations. If you want to exercise the data access right, you can access it by yourself through the following access methods. For example:
You can observe the icon position of your vehicle to view your location information;
You can view the historical information of the destination you have reached by clicking Search Box;
You can view your home address/workplace/favorites by clicking Search Box - Home/Company/Favorites;
You can view your search history by clicking Search Box - Pop-up Keyboard.
If you are unable to access your personal information in the above way, you can contact us via the contact information herein. We will reply to your access request within the time limit stipulated by law.
2) Correction rights
If you find errors in the personal information we processed about you, you have the right to ask us to make corrections.
You can correct your home address/workplace/favorites by clicking Search Box - Home/Company/Favorites;
If you are unable to correct your personal information in the above way, you can contact us via the contact information herein. We will reply to your correction request within the time limit stipulated by law.
3) Right to delete
You can contact us via the contact details herein. When we receive your request, all data will be deleted except for those that we have legal obligations to retain.
We are obligated to delete your personal information immediately in any of the following cases:
Your personal data is no longer used for the purpose of collection or other processing.
You withdraw your consent and there is no other legal basis for processing the data.
You object to the processing of the data (see below).
Your personal data is processed illegally.
4) Restriction rights
You can contact us via the contact details herein
You have the right to request restrictions on our data processing when one of the following conditions is met:
You question the accuracy of your personal data,
Where data is processed illegally, you do not agree to delete personal data, but instead, ask for restrictions on its use,
Where personal data is no longer needed for our processing purposes, you need the data to establish, perform or defend legal claims;
You object to the processing (see below) and it is unclear whether our legitimate interests will prevail.
5) Objection rights
If you object to the processing of your personal data, you can contact us via the contact details herein. An objection will be granted unless it is based on one of the following grounds:
We need to process your personal data to accomplish tasks that are in the public interest or to exercise public powers delegated to us;
Where your interests or basic rights are premised on the protection of your personal data, the processing is necessary to protect the legitimate interests of us and of third parties.
The objection right also applies to analysis based on these processes.
If personal data is processed for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing purposes. This also applies to analyses related to such direct marketing.
You also have the right, based on your particular personal circumstances, to object to our processing of your personal data for scientific or historical research purposes or for statistical purposes, unless such processing is necessary for performing tasks in the interest of the public.
6) Change of the scope of your authorization
Some basic personal information is required for the performance of each ISA function. For the collection and use of personal information additionally collected, you can offer or withdraw your authorization at any time.
You can make operations in the following ways:
Disable ISA in “Vehicle settings- Adas- Driving Assist- Traffic Sign Recognition(TSR)” in your vehicle screen.
Once your authorized consent is withdrawn, we will no longer process the corresponding personal information. However, your decision to withdraw does not affect the previous personal information processing based on your authorization.
You can cancel your previously registered account at any time, and you can contact us via the contact details in this article.
After the account is canceled, we will stop providing you with products or services and delete your personal information as required, unless otherwise prescribed by laws and regulations.
7) Portability
You have the right to obtain a copy of your personal information. You can contact us via the contact details herein.
As long as it is technically feasible, for instance, mutually matching data interfaces, we can also directly transfer a copy of your personal information to a third party designated by you as required.
8) Constrain on automatic decision-making of information systems
In some ISA functions, decisions may be made only based on non-artificial automatic decision-making mechanisms including information systems and algorithms. If such decisions significantly affect your legitimate rights and interests, you are entitled to request explanations from us, and we will also provide proper remedies.
9) Response to your above requests
To ensure security, you may need to provide a written request or prove your identity in other ways. We may verify your identity before replying to your requests.
We will reply within the time limit stipulated by law.
For your reasonable request, we will not charge you any fees in principle, but for repeated requests beyond the reasonable limit, we will collect a certain cost as appropriate. We may reject the requests that repeatedly occur without justified reason, require too many technical measures (for example, it is required to develop new systems or fundamentally change the existing practices), pose risks to the legitimate rights and interests of others, or are very impractical (for example, involving information stored on back-up tapes).
5. How we process children's personal information
Our products, websites and services are primarily intended for adults. Children shall not create their own personal information subject accounts without the consent of their parents or guardians.
For the collection of children's personal information with the consent of parents, we will only use or publicly disclose this information if permitted by law, expressly agreed by parents or guardians or necessary to protect children.
Although local laws and customs define children differently, we treat anyone under 16 as a child.
In the event we find ourselves have any personal information collected about children without the prior consent of their parents, we will seek to remove it as soon as possible.
6. How your personal information is stored and transferred globally
1) Storage period
Unless otherwise stipulated by laws and regulations, Neusoft ISA will store your personal information for the following period:
| Information | Service condition | Storage location | Storage period |
|---|---|---|---|
|
Your vehicle ID Activation time Country code Map data version |
Collection and storage | Cloud | 7 years |
| Your location information | Collection and storage | Cloud | Deleted after use |
| Terminal |
Stored in terminals; Not applicable |
If after-sales services are involved and you need Neusoft ISA to investigate the problem, you can transfer the logs to the after-sales service server, and the information in the logs should include the following information:
| Information | Service condition | Storage location | Storage period |
|---|---|---|---|
|
Your vehicle ID Activation time Country code Map data version Your location information vehicle speed |
Collection and storage | Cloud | 30 days |
We determine the retention period of personal data based on its nature and usage scenario. We will keep the activity record information for a short period of time and de-identify the data for further authorization. We may retain your personal data for other purposes permitted by law, for example, to defend any legal claim. We may retain your personal data depending on your use of products or services.
2) Storage Area
2.1) When you are using the ISA application, the following are the storage areas of the online server;
If your location is in the following countries, your personal information will be stored in Germany.
Austria,Belgium,Bulgaria,Croatia,Cyprus,Czechia,Denmark,Estonia,Finland,France,Germany,Greece,Hungary,Iceland EEA,Ireland,Isreal,Italy,Latvia,Liechtenstein,Lithuania,Luxembourg,Malta,Monaco,Netherlands,Norway,Poland,Portugal,Romania,Slovakia,Slovenia,Spain,Sweden,Switzerland,Türkiye,UK,Vatican
2.2) When you need us to investigate the problem related to our after-sales
service server, the following are the storage areas of the after-sales service server.
When there is a problem that requires us to analyze and investigate, you can contact the local dealer. After obtaining your authorization, the dealer will extract your logs and send them to the after-sales service server in Germany. We will use the logs in the after-sales service server to analyze the problem.
If your location is in the following countries, your personal information will be stored in Germany:
Austria,Belgium,Bulgaria,Croatia,Cyprus,Czechia,Denmark,Estonia,Finland,France,Germany,Greece,Hungary,Iceland EEA,Ireland,Isreal,Italy,Latvia,Liechtenstein,Lithuania,Luxembourg,Malta,Monaco,Netherlands,Norway,Poland,Portugal,Romania,Slovakia,Slovenia,Spain,Sweden,Switzerland,Türkiye,UK,Vatican
If cross-border transmission is required when using the online ISA service, we hope to inform you and obtain your authorization and consent through this agreement.
7. How to update this Privacy Policy
Our Privacy Policy is subject to change.
We will not compromise your rights hereunder without your express consent. We will post any changes to this Policy on this page.
For major changes, we will also provide more prominent notices (for certain services, we will send notices by email, specifying the specific changes to this Privacy Policy).
Major changes to this Policy include but are not limited to:
1. Significant changes to our service mode, such as the purpose of processing personal information, the type of personal information processed, and the manner to use personal information;
2. Significant changes to our ownership structure and organizational structure, etc., such as changes in owners caused by business adjustment, bankruptcy, mergers and acquisitions;
3. Changes to main objects which the personal information is shared with, transferred to or publicly disclosed to;
4. Significant changes to your right to participate in the processing of personal information as well as the mode of exercising that right;
5. Changes to the department that is responsible for the personal information security, its contact information, and the complaint channel; and
6. The impact assessment report on personal information security indicates a high risk.
Old versions of this Policy will also be archived for your reference.
8. How to contact us
If you have any questions, comments or recommendations about this Privacy Policy, please contact us through one of the following methods:
Email: OneCoreGo.Care@neusoft.com
Generally, we will respond to you within 5 days.
We will verify your identity with "reasonable certainty" or "reasonable high certainty" based on the sensitivity of personal data and the risk of harm to you from unauthorized disclosure or deletion (as applicable). Before we process your request, we may ask you to provide additional personal data to verify your identity.