PRIVACY POLICY

according to art. 13 of the General Data Protection Regulation (EU) 2016/679 (GDPR)

Processing of Personal Data for the Development of Self-Driving Prototype Vehicles

Research in the scientific-technological field is an institutional goal of the Politecnico di Milano. Among the areas of investigation is also the development of self -driving vehicles, with the aim of supporting the transition to future models of mobility in urban areas that are safer and more sustainable.

To this end, we introduce into public road traffic vehicles, duly marked, equipped with sensors that allow the detection of various data, including Personal Data, even of a particular nature. These vehicles of ours are used both during manual driving tests, conducted by authorized members of the research group, and during autonomous driving trials. The latter type of trial is specifically authorized by the Ministry of Infrastructure and Transport.

This information refers to the Personal Data collected during manual driving tests and autonomous driving trials within the scope of the project “AIDA Artificial Intelligence Driving Autonomous”.

In managing such personal data, the Politecnico di Milano undertakes to guarantee and ensure full compliance with current regulations on privacy.

 

Data Controller

The data controller is the Politecnico di Milano (CF: 80057930150), with registered office in Piazza Leonardo Da Vinci n. 32, Milan, 20133, in the person of the General Manager, by delegation of the Rector pro tempore.

 

What Personal Data can be collected and for what purposes?

Vehicles intended for testing collect the following Personal Data:

  1. Video recordings. Video recordings of the vehicle’s surroundings (in the form of consecutive images) allow us to trace Personal Data (vehicle license plate, image of the person, etc.), even of a particular nature. In some cases, in fact, it is possible to detect physical-somatic characteristics from the images that could sometimes allow us to infer the racial or ethnic origin of the people filmed, or even their state of health, for example in the presence of evident disabilities.
  2. GPS Position. This data allows only indirectly and potentially to trace the Personal Data coinciding with the location of the people filmed: if you have access to the GPS position and the video footage, and if you have the means to write a specific code, it is possible to associate the two pieces of information and trace their geographical position at the time the filming took place.

 

Purpose of the collection:

1. Research purpose manual driving tests and autonomous driving experiments

Video footage provides visual information such as the presence of other vehicles, pedestrians, road signs and obstacles. It is used to understand the environment surrounding the vehicle, allowing it to be aware of what is happening around it. Video footage (mostly those acquired during manual driving tests) is used as a basis for training the mathematical model used (neural network) and in case of model performance analysis, to see which parts of the image the model recognizes correctly (cars, road lines, etc.).

Objects and subjects present in the video footage are categorized based on the type of road user they represent (vehicle, pedestrian, etc.). Therefore, no personal data detected (vehicle license plate, image of the person, etc.) is collected and used in itself for analysis purposes. The extraction of personal data from these images is therefore in no way part of the experiment, nor does it constitute one of its objectives.

GPS location acquisition is essential to track the position of the vehicle in real time and with centimeter precision. The potential process of association between this and the video footage, which would allow to trace the geographical position of the interested party, is not carried out in any way by theresearchers, since it is completely outside the purposes of the collection.

2.Conservation purposes pursuant to Ministerial Decree 70/2018 autonomous driving trials

With reference only to the data collected during autonomous driving trials, the processing is also justified because, pursuant to Ministerial Decree 70/2018, art.12, paragraph 1, letter e), automatic driving systems, for the purposes of admission to testing on public roads, must be able, for the entire duration of the trials, to record detailed data with a frequency of at least ten hertz and such as to include

the data acquired by the sensors forming part of the systems being tested.

 

What legal basis justifies the processing?

The legal basis for the processing of the collected data is based on two requirements:

  1. Public interest: the processing of data collected during manual driving tests and autonomous driving trials is justified by the need to carry out a task of public interest, such as scientific research aimed at the technological development of autonomous driving vehicles. Research is part of the institutional purposes of the Politecnico di Milano, as described in its statutes. Therefore, the experimental activity carried out by the Politecnico di Milano, through the testing of autonomous driving cars, falls within the scope of a scientific research activity conducted in the public interest that can be lawfully carried out by the University. The public interest is also linked to the collective benefits associated with research, such as the improvement of road safety, traffic efficiency and the reduction of pollution. The legal basis for the processing is therefore identified in the performance of its tasks of public interest (art. 6, par. 1, lett. e) of the GDPR and in art. 9 par. 2 lett. j) of the GDPR.
  2. Fulfillment of a legal obligation: the processing of only the data collected during autonomous driving trials is also necessary to fulfill the legal obligations imposed by Ministerial Decree 70/2018, in particular with regard to the recording and storage of data during autonomous driving trials on public roads. This obligation requires that the test data be correctly collected and kept available to the Ministry of Infrastructure and Transport (Ministerial Decree 70/2018, art. 12, paragraph 1, letter e) and 16, paragraph 1, letter b)).

 

How long will personal data be retained?

1. Research purpose manual driving tests and autonomous driving experiments

Personal data collected for research purposes during manual testing will be retained exclusively for the time strictly necessary for the transcription of the contents and, in any case, no longer than 5 years .

Personal data collected during autonomous driving trials will in any case be stored exclusively for the period established by Ministerial Decree 70/2018, even if used for research purposes.

2.Conservation purposes pursuant to Ministerial Decree 70/2018 autonomous driving trials

In accordance with the provisions of Ministerial Decree 70/2018, art.16, paragraph 1, letter b), the Politecnico di Milano, as the holder of the authorization for testing on public roads, has the obligation to ensure that only the data from autonomous driving tests, as specified in art. 12, paragraph 1, letter e), are correctly collected and made available to the authorizing entity, i.e. the Ministry of Infrastructure and Transport. The latter may request the viewing or transmission of such data for the entire duration of the authorization (equal to one year and renewable) and for the following twelve months. Therefore, such personal data will also be stored in a separate form for the period of time strictly necessary to comply with the provisions of Ministerial Decree 70/2018. These data could, during the indicated

period, i.e. the duration of the authorization (equal to one year, possibly renewable) and for the following twelve months, also be used for research purposes, exclusively in the ways described above.

 

How is data protected?

The data will be processed in such a way as to guarantee their security and confidentiality in accordance with current legislation. Specifically, the Politecnico di Milano undertakes to:

  • process data through specifically designated members of the research team;
  • take care of the subsequent processing and storage phases of the collected data in order to protect them from abuse or any unauthorized processing;
  • disseminate research results only in an aggregated and/or anonymous manner. Furthermore, this sharing occursin extremely limited quantities, that is, only thosestrictly necessary to ensure the understanding and use of the results without compromising the privacy of the interested parties.

 

Are the collected data transferred to third parties?

Single and limited images extracted from the videos, containing Personal Data, may be shared with third parties, such as research partners or sponsors affiliated with projects of the research group, or in the context of other initiatives promoted by the Politecnico di Milano, exclusively for purposes related to the institutional purposes of the University. This will be possible only in a strictly anonymous form (anonymization is performed manually), thus ensuring that no Personal Data is present in the images and video footage that will be shared.

Examples of manually anonymized screenshots:

Furthermore, pursuant to Ministerial Decree 70/2018, art.16, paragraph 1, letter b), the holder of the authorization for testing on public roads (Politecnico di Milano) is required to ensure that only the data from autonomous driving tests, as specified in art. 12, paragraph 1, letter e), are correctly recorded and kept available to the authorizing entity (Ministry of Infrastructure and Transport), who may request their viewing or transmission for the entire duration of the authorization and for the following twelve months.

Transfer of data to non-EU countries or international organisations

Personal data will be processed by the Data Controller within the territory of the European Union. If for technical and/or operational reasons it becomes necessary to use entities located outside the European Union, or it becomes necessary to transfer some of the data collected to technical systems and services managed in the cloud and located outside the European Union area, the processing will be regulated in accordance with the provisions of Chapter V of the EU Regulation and authorized on the basis of specific decisions of the European Union. All necessary precautions will therefore be adopted in order to guarantee the most complete protection of personal data, basing the transfer:

  1. on decisions on the adequacy of recipient third countries expressed by the European Commission;
  2. on adequate guarantees expressed by the third party recipient pursuant to art. 46 of the EU Regulation;
  3. on the adoption of binding corporate rules, the so-called Corporate binding rules.

How to contact us

You can contact the Data Controller at the following email address: dirgen@polimi.it .

Furthermore, it is possible to contact the Scientific Manager of the project, who collaborates internally with the Owner in the management of personal data collected during the experiments, Prof. Sergio Matteo Savaresi of the Department of Electronics, Information and Bioengineering, at the following email address: sergio.savaresi@polimi.it .

Finally, to support the Data Controller, the Politecnico di Milano has appointed a Data Protection Officer, who can be contacted at the following email address: privacy@polimi.it .

 

Identification of prototype vehicles used for manual driving tests and autonomous driving trials

Prototype vehicles used for manual driving tests and autonomous driving trials are accompanied by the following or similar stickers:

Rights of interested parties

Interested parties may assert their rights under the GDPR and other provisions for the protection of their personal data with us.

Please note that the rights of interested parties are limited by the rights of others or by the need to retain data for other reasons provided by law.

Furthermore, in certain situations and based on specific legal indications or the information available to us, we may not be able to guarantee the full exercise of these rights. In such cases, we will not be able to access the data of registered persons without further information. Since the persons recorded in certain cases cannot be identified without further information and since such recognition is not necessary for the processing purpose pursued by the Politecnico di Milano, we will not be permitted by law to proceed with any further processing of the data for identification purposes; in such cases, the rights of the data subject pursuant to Articles 15, 17, 18, 20, 21 GDPR may be excluded. These rights are applicable only if the data subject himself provides further information by virtue of which we can unequivocally identify him. In any case, we may not be able to guarantee these rights despite this additional information, since it is possible that through the images and video recordings we are not able to identify any person and therefore we do not know the identity of the persons recorded in the recordings.

 

Right of access (art. 15 of the GDPR):

Interested parties may request information from us about their data stored by us at any time, including, among other things, information about the categories of data we process, the purposes for which we process such data, the source of the data, if we have not collected it directly from them, and, where applicable, the recipients to whom the data is communicated.

 

Right to rectification (art. 16 of the GDPR):

The experiment does not entail the possibility of rectification of data by the interested parties, as the personal data, included in the shots of the public road context, are not processed or analyzed.

 

Right to erasure (art. 17 of the GDPR):

1.Manually guided test

Interested parties may request that we delete their personal data collected during manual driving tests, in all cases provided for by art. 17 GDPR and compatible with the nature of the processing in question.

Furthermore, during and immediately after the collection of your data during manual driving tests (e.g. if you, as a pedestrian, find yourself in the camera’s field of view and notice the recording) you will have the right to ask the driver directly to delete the collected data. However, the deletion can only be carried out once the data has been transferred and processed at the Politecnico.

2.Self-driving trials

In the case of personal data collected during autonomous driving trials, the right to erasure does not apply as the Data Controller must comply with a legal obligation. Pursuant to Ministerial Decree 70/2018, art. 16, paragraph 1, letter b), the holder of the authorization for testing on public roads (Politecnico di Milano) is obliged to ensure that the test data, as specified in art. 12, paragraph 1, letter e), are correctly collected and kept available to the authorizing entity (the Ministry of Infrastructure and Transport which, in accordance with the procedures set out in the aforementioned decree, issues the authorization for testing of the self-driving vehicle on public roads) for the entire duration of the authorization (equal to one year and renewable) and for the following twelve months.

 

Right to restriction (Article 18 of the GDPR):

1.Manually guided test

Interested parties may request that we limit the processing of their personal datacollected during manual driving tests, in all cases provided for by art. 18 GDPR and compatible with the nature of the processing in question.

2.Self-driving experiments

In the case of personal data collected during autonomous driving trials, the right to limitation does not apply as the Data Controller must comply with a legal obligation. Pursuant to Ministerial Decree 70/2018, art. 16, paragraph 1, letter b), the holder of the authorization for testing on public roads (Politecnico di Milano) is obliged to ensure that the test data, as specified in art. 12, paragraph 1, letter e), are correctly collected and kept available to the authorizing entity (the Ministry of Infrastructure and Transport which, in accordance with the procedures set out in the aforementioned decree, issues the authorization for testing of the self-driving vehicle on public roads).

 

Right to data portability (art. 20 of the GDPR):

In the case of this experiment, the right to data portability is not configurable, as it is only possible if the processing is based on the consent of the interested party or if necessary for the execution of a contract.

Furthermore, with reference only to the personal data collected during autonomous driving trials, pursuant to Ministerial Decree 70/2018, art.16, paragraph 1, letter b), the Holder of the authorization for testing on public roads (Politecnico di Milano) has the obligation to ensure that the test data, as specified in art. 12, paragraph 1, letter e), are correctly collected and kept available to the authorizing entity (the Ministry of Infrastructure and Transport which, in accordance with the procedures set out in the aforementioned decree, issues the authorization for testing of the self -driving vehicle on public roads).

 

Right to object (Article 21 of the GDPR):

1.Manually guided test

Data subjects may object to the processing of their data for reasons relating to their situation. In this

case, we will no longer process such personal data unless the public interest underlying the processing overrides theinterests, rights and freedoms of the data subjects or unless the processing of such personal data is necessary for the establishment, exercise or defence of legal claims.

2.Self-driving experiments

In the case of personal data collected during autonomous driving trials, the right to object does not apply as the Data Controller must comply with a legal obligation. Pursuant to Ministerial Decree 70/2018, art. 16, paragraph 1, letterb), the Data Controller of the authorization for testing on public roads(Politecnico di Milano) is obliged to ensure that the test data, as specified in art. 12, paragraph 1, letter e), are correctly collected and kept available to the authorizing entity (the Ministry of In frastructure and

Transport which, in accordance with the procedures set out in the aforementioned decree, issues the

authorization for testing of the self-driving vehicle on public roads).

 

Terms for fulfilling the rights of the interested party

The response times of the Politecnico di Milano can be quantified in 30 days from the acceptance of the request, therefore from the start of the procedure with an initial identification contact with the interested party through a specific document.

However, response times may exceed 30 days due to justified needs and provisions, in the presence of highly complex cases.

 

Complaint to the Guarantor Authority

Politecnico di Milano takes your requests and rights very seriously. However, if you believe that your complaints or concerns have not been addressed sufficiently, you have the right to lodge a complaint with the competent data protection supervisory authority.

 

List of activities belonging to the AIDA project subject of this information:

  1. Urban Auto Labs
  2. CityConnect
  3. Sharing For Caring
  4. Smart Gas
  5. Mediterranean Grand Tour
  6. TCC_L3
  7. A2Auto
  8. Serravalle Future Drive