Data protection
Introduction
We do not aim to receive personal data and do not require our clients to provide it. By default, API “SDK user registration” is used with an empty body. Apart from that, we provide full access to data at any stage of the data management cycle.
Overall architecture
The Damoov architecture contains two main blocks that are separated on a server level and communicate with each other via VPN and using user DeviceToken - a unique user ID and JWT with a limited lifetime. Each service is located on its own server and infrastructure provider.
UserService - the service to generate DeviceToken, run user Authentication, and refresh JWT access token.
Hosting: AWS
Telematics Platform - a data management platform that processes data collected by the Telematics SDK and verified with valid DeviceToken of JWT access token
Hosting: OVH
Access to Data
Our clients have access to data at any stage of the data management cycle:
- Real-time data from SDK
- Raw data
- Cleaned data
- Processed data
- Analyze data
Subject Matter and Duration of the Processing
Subject matter
- Collect smartphone data and transfer to telematics platform:
- Sensors data - (GPS, Accelerometer, Gyroscope, Screen on/off, phone lock/unlock)
- Permissions status (GPS, Motion, Bluetooth, WiFi, Mobile data)
- Device details
- Process collected data
- Filter and exclude non vehicle data from data set
- Filter and exclude non-incidents events
- Clean and normalize data
- Interpret smartphone data into vehicle data
- Enhance data
- Enrich data using metadata from 3rd party
- Analyze data
- Driving patterns
- Claims monitoring
- Safe-driving
- Eco-driving
- GEO-Analytics
- Store data
Data retention schedule
Default schedule:
- Processed data -> up to 24 month
- Raw data -> up to 14 days
Manage data
However, we also support on-demand data destruction. There is an API Delete a user and DataHub that can be used to delete data. These interfaces can be used to destruct data on an individual user level as well as to delete a specific trip.
| User access level | Admin access level | |
|---|---|---|
| Trips data | X | X |
| User record | X | X |
Use-cases
There are two available cases:
- Telematics SDK inside your mobile app:
We confirm that SDK doesn’t collect any Sensitive data, moreover it is fully managed by the host app and you can define what you want to track and how you want to do that.
Read more about Tracking modes
Apart from that, our back-end integration doesn’t require any details about the app users. We will generate for you a unique SDK DeviceToken (UUID) for each app user and will use this DeviceToken as a unique user ID across all our services.
For your convenience, you can associate your internal customer ID with DeviceToken and use it in DataHub as a searchable field.
Read more about User Management API
- ZenRoad app for the trial period
ZenRoad uses our backend and for the Authentication process asks either a phone number or email (you can select it during the registration process).
Also, the app has a profile page, however, we don’t require users to complete it. It doesn’t impact the app performance.
Apart from that, Auth details (phone or email) are hosted on AWS region Ohio and will be deleted by your request.
Updated almost 2 years ago