PROTECTION OF PRIVACY, Helpten TripLogger App
Latest update 14. December 2020
Helpten guarantees absolute data and privacy protection.
Helpten TripLogger app: Collection of sensitive personal data and required permissions
Helpten TripLogger is an automatic trip logger application for vehicle drivers. With the application users can easily report e.g. work related trips for travel claims.
Helpten TripLogger is designed for automated route tracking n Helpten Service for our Journey log purposes. Therefore you need to allow the Location Permission before use of this application.
When you decide to use the application we will ask for your specific consent before we receive access to your geo-location and you will have the right to withdraw or decline your consent to such access and process at any time, by changing the App permission settings in your phone..
Helpten TripLogger app collects location data to enable registration of the location of you phone and sending this location to Helpten server, even when the app is closed or not in use.
This is necessary because otherwise you would not be able to were view your trips in Helpten service
The app needs the background location for keeping the trip logging ongoing while the phone itself could be used e.g. for navigation. Without the background location the reliable trip logging would not work.
The application can be used only if you are a registered user in Helpten service. The app requires you to log in.
The new Data Protection Regulation of EU (GDPR) became effective on 25. 5 2018. The purpose of this regulation is to enhance natural person’s rights in managing and processing his or her personal data and harmonize legislation inside the European Union.
The operations of Helpten Oy (Helpten Ltd) and its personnel are based on the principle of absolute reliability in managing data security in order to protect customers’ privacy. As our customer, you can trust that your driving data is and will remain solely at your own disposal. Helpten uses encrypted data transfer, and secured server connections are protected by firewalls. A written contract is drawn up on the services, and only the party to the contract can monitor their own driving data. In addition, no driving data can be submitted to the authorities without the customer’s written request or agreement. All of Helpten’s key partners have passed a detailed data security audit.
What does GDPR mean to our customers?
GDPR makes our customers Controllers (Registrars) for the personal data they manage with Helpten services and this brings new responsibilities to all of you. For us it is very important to help our customers comply with the new requirements that are set to them. At Helpten, we also want to continue to provide our high-quality service and we commit to in all ways assist you to fulfill also the new requirements for processing of Personal data.
How is this Privacy page organized?
We will introduce the basic concepts of Controller role and Data Processor role and the responsibilities of both roles. We will tell you, how we collect, store, process, share and transfer your personal data after it is sored and when you use our services. Our goal is to handle your valuable information with extreme care and safety and not to process any personal data that is not necessary for providing the services you have ordered.
From these pages you will find our privacy policies that we execute when processing personal data and the register descriptions which describe what data we are processing and why we process it.
Helpten updates privacy policies as our services are further developing. Therefore, we recommend you to visit our privacy pages regularly.
Data protection officer at Helpten
Additional information about privacy and data protection is available from Helpten’s data protection officer Timo Lampola, privacy(at)helpten.fi, phone +358 (0)50 377 4438.
What personal data Helpten is processing, and what are the rights of the data subjects?
Helpten act as Registrar for Helpten’s customer register and register for potential customers.
In case of Helpten service (Driving Data service, Service Shop service and Tachograph Remote Download service), our customer acts as the Controller and Helpten acts as Data Processor on behalf of our customers.
The categories of personal data and its usage are described in the register descriptions we have provided for you:
- Helpten Oy, register of potential customers
- Register description: Customer register of Helpten Oy
- Register description: Customer specific register for driving data, vehicle maintenance and Remote Download services provided by Helpten
- Helpten’s privacy description
In most cases, processing of personal data is based on customer relationship, on other legitimate interest of the Controller, or on consent from data subject. We may also handle personal data based on a request from customer or based on legislation. We collect information also from selected external sources, like vehicle data from Trafi.
What responsibilities do I have as Controller (as Helpten’s customer)?
Helpten’s customers usually act as the Controller (Registrar) for the user data, vehicle data and location data that is stored under their account in Helpten services. The Controller needs to define the purpose (for example: trip reports, travel invoices, tracking and reporting of production vehicles) of the register, while the Data Processor’s (Helpten and its sub-processors) role is to assist the Controller in processing the personal data in a way that is required by the ordered service.
It is the Controller’s responsibility to make sure that either there is consent for the data subjects or there is an adequate reason (legitimate interest) for processing personal data. The Controller is responsible for making sure that the personal information of the data subjects is processed so that the processing is compliant to GDPR requirements, and that sufficient technical and organizational safety measures are in place.
The Controller needs to make sure that the rights and freedoms of the data subjects are secured, that the unnecessary personal data is erased, that processing of personal data is transparent, that personal data is correct and that access to the personal data is restricted correctly.
The Controller needs to instruct the Data Processor (Helpten) in how to process the personal data. In practice, this is handled so that an agreement is made (for example as part of the order process) between the customer and Helpten. Naturally, the Customer (Controller) can give additional instructions to Helpten (Data Processor).
When the customer starts using the service, the customer (Controller) needs to make sure that the information about the users, vehicles and tracking devices has been delivered to Helpten with correct and accurate user access information, so that the rights and freedoms of the data subjects are not violated. Additionally, it is the customer’s (Controller’s) responsibility to maintain this accuracy in change situations (for example person changes, selling of vehicles, etc.) and that information regarding such changes is delivered to Helpten without undue delay.
The Controller needs to take into consideration what GDPR regulates about personal data od data subjects under the age of 16.
What responsibilities Helpten has as Data Processor?
Helpten is responsible for processing personal data according to legislation and written instructions from the Controller and following appropriate security processes. Helpten must inform the Controller if Helpten feels the instructions from Controller are not in line with the legislation. Whenever needed, Helpten co-operates with the Controller’s Data Protection staff.
Helpten is responsible that only persons that have committed to security processes and confidentiality shall participate to processing of personal data.
In case a data subject sends privacy related requests directly to Helpten, Helpten shall inform the Controller about such request. Based on instructions from the Controller, Helpten shall assist the Controller in fulfilling the actions that such requests from a data subject may require.
Helpten is responsible for notifying the Controller of personal data breaches.
Helpten shall assist customer (Controller) in fulfilling the obligations of the Controller. In case the assistance requires actions beyond normal, Helpten may collect a reasonable fee.
The person register that is a part of Helpten’s services is located in data centers within EU or European Economic Area.
Helpten does not guarantee that some parts of the functionality of the system or some system development or maintenance processes would not be carried out by sub-processors that are located outside of EU or European Economic Area.
By written request by Helpten’s customer, Helpten has obligation to provide information about all transfers of personal data outside of EU or European Economic Area or about sub-processors that are involved in such transfers.
The customer has right to either agree or disagree on use of such transfers or sub-processors.
The personal data is erased when the customer (Controller) so requires or when the service contract ends, according to legislation and the terms of the contract.
Data Protection agreements, terms and Conditions
The terms for the processing of personal data on behalf of the customer (Controller) are agreed between the customer and Helpten either by a separate data protection agreement, by a Date protection addendum to the service agreement, or by customer’s acceptance of Helpten’s Data Protection Terms and Conditions.
Customer communication and direct marketing
Customer communication means the contacting and correspondence due to management and enhancement of the relationship between the customer and Helpten. Helpten may send information about products and services without any specific consent.
If the customer does not wish to receive direct marketing or product or service information from Helpten, customer shall inform about this by contacting Helpten’s customer service, helpten(at)helpten.fi, phone +358 (0)10 423 7080.
Helpten may collect information by using cookies or similar technologies. Cookie is a small text file which is saved to user’s device by the internet browser. This text file contains information that is used for example for making use of web pages or applications easier.
Helpten’s websites and SaaS applications utilize cookies and similar technologies for developing the pages and applications, for improving the user experience and for targeting of marketing activities.
Helpten takes care of the information security of Helpten’s applications by implementing appropriate information security processes that are in proportion to severity of the threats and risks, to technical maturity and to costs. Data protection and information security are taken care of specifically assigned personnel. Internal Helpten processes and instructions are executed for example with proactive risk management, by designing our products and services so that data protection is a fundamental requirement and by training of our personnel.
We inform about Information security related actions or events in appropriate way, either in our website or using other means of communication.
In order to prevent data breaches or other information security disturbances, we will take required actions, which may include preventing the use of our services.
Finally, we ask you to pay attention to that no organization or company is able to guarantee or offer perfect information security. Also, each Helpten’s customer need to take care of their own information security, for example by taking care of using up to date versions of virus protection, firewall services or operating systems.