Purpose of this Privacy and Security Notice
This Privacy and Security Notice aims to provide our business customers or potential business customers (our “Clients”), and their authorised users (“you”), with information about how we collect and process personal information in connection with the provision of our Platform Services to our Clients (in the case of our potential business customers being the access to a demonstration version of our Platform for demonstration purposes).Members of the public
On occasion our Clients may share their own real world driving footage with us so that we may process this data and prepare and produce scenes and simulation environments on their behalf. This footage may contain information relating to members of the public. We explain how we process this footage in our general privacy notice
, which considers our broader use of real-world driving footage in greater detail.
In order to provide you with access to our Platform, we need to collect minimal amounts of personal information about you. Aside from our collection of Platform Analytics (see below), we will only process the personal information you provide, strictly on behalf of our Clients (your employer) and in accordance with their instructions. This means, for the most part and for the purposes of applicable data protection laws, our role will be limited to that of a data processor. Your organisation, our Client, will be the party responsible for making decisions about how your personal information is processed (the data controller).
Platform Analytics and User Feedback
We collect data about your use of the Platform and use platform analytics to understand how our Services are used so that we may improve them. From time to time we may also ask you to give feedback on the Platform and our Services on a voluntary basis. To the extent possible all of this information will be aggregated and anonymised to ensure you cannot be identified by such information. We will be the party responsible for making decisions about how your personal information is processed (the data controller) in respect of this information.
If you have any questions about your personal information, how we look after it or if there are any changes to your personal information, please contact us using our contact details below:Email address: firstname.lastname@example.orgPostal address:
FAO General Counsel, Five AI Limited, Suite G4 Bristol & Exeter House, Lower Approach Road, Temple Meads, Bristol, England, BS1 6QS
Authorised users - information you give us
- Account and contact details: When you create an account, you provide us with at least your login credentials, as well as some basic details necessary for the service to work, such as your name, email address, phone number and/or Slack ID.
- Customer service: If you contact our customer service team, we collect the information you give us during the interaction. Sometimes, we monitor or record these interactions for training purposes and to ensure a high quality of service.
- User feedback: From time to time, we may ask you to give feedback on your experience and thoughts on our Platform or our Services on a voluntary basis.
Authorised users - information we receive from others
In addition to the information you provide us directly, we receive information about you from others, including:
- Your organisation, our Client: your organisation, our Client, may provide us with your name and contact information to facilitate the account creation process;
- Sign-in Authentication providers: We use third party authentication providers to secure our Platform. We ask when you sign into the Platform to do so through these providers. When you do so we will receive additional information linked to your profile, this can include your name, nickname, email address, phone number, business address, picture and profile URLs, date of birth, country and timezone.
Authorised users - information collected when you use our services
- Device information: We collect information from and about the device(s) you use to access our services, including:
- hardware and software information such as IP address, device ID and type, device-specific and apps settings and characteristics, app crashes, browser type, version and language, operating system, time zones, identifiers associated with cookies or other technologies that may uniquely identify your device or browser (e.g., IMEI/UDID and MAC address).
- Usage Information: We collect information about your activity on our services, for instance how you use them (e.g., date and time you logged in, features you’ve been using, and searches, clicks and pages which have been shown to you) and how you interact with other users (e.g., interaction with admin accounts, time and date of your exchanges, number of messages you send and receive).
- Location data: will be collected in order to manage your sign in to the Platform and to the extent necessary, to provide our services,
Please see section 11 (Cookies and similar technologies) below for more information on why we use cookie derived information and how you can better control this use, through your browser settings and other tools.
Data protection laws require the parties responsible for personal information processing to disclose to individuals the purposes they use their personal information for and their legal basis for processing that information.
Our processing of your information is limited to:
- processing necessary for the provision of our Platform Services to you and your organisation, our Client.
This includes, registration and account management, customer support and communicating with you about the services
- our use of data analytics,
which we use to monitor and improve the Platform.
- our use of voluntary user feedback,
which we use to improve our Platform and Services.
As a data processor we rely on your organisation’s legal basis to process your personal information. Our Clients legal basis in these circumstances tend to be (i) contract necessity (depending on the nature of your role); or (ii) their legitimate interests to provide you access to our Platform to assist in the performance of your role.
We may also process your personal information if we are required to do so to ensure legal compliance. This includes processing necessary to comply with legal requirements, assist law enforcement and enforce or exercise our rights, for example the terms of our Agreements with Clients.
We may share your personal information with the parties set out below, for the purposes set out in section 4 above.
Your organisation may receive personal information relating to your use of the Platform for billing purposes, and to manage their authorised users.
With our service providers and partners
We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including customer support, personal information hosting and maintenance, sign-in authentication, software development, data labelling, analytics, and security operations.
With other Five AI Group businesses
As we grow, we may share your personal information with other Five AI Group entities for them to assist us in processing your personal information, as service providers, upon our Client’s instructions and on their behalf. Where we process information as a data controller, or in response to a legal requirement, we may also share information with other Five AI Group entities for legitimate business purposes such as corporate audit, analysis and consolidated reporting as well as compliance with applicable laws. A list of these Five AI Group entities is available on request.
In corporate transactions
We may transfer your personal information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
When required by law
We may disclose your personal information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person.
To enforce legal rights
We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you or our Clients; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
We work with several trusted third party vendors who operate globally, meaning it can be necessary to send your personal information outside of your country. In doing so we ensure that we have in place adequate safeguards to do so as required by applicable data protection laws. This includes standard contract clauses approved by the European Commission and/or the UK, or other suitable safeguards to permit personal information transfers from the European Economic Area (“EEA”) and the UK to other countries.
In certain circumstances, for example if you live in the UK and the European Economic Area, you may exercise the rights available to you under applicable data protection laws as follows:
- If you wish to access, correct, update or request deletion of your personal information.
- You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
- If we have collected, and process, your personal information with your consent, then you can withdraw your consent at any time. This may mean your access to certain services is restricted or denied as a result. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
You can exercise your rights at any time by contacting us using our contact details above, or contacting your organisation directly.
We respond to all requests we receive from users in accordance with instructions from our Clients and applicable data protection laws. We may ask you to provide proof of identity before we can answer the above requests, or ask you to engage with your organisation directly. In some cases, we may reject requests for certain reasons (for example, if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user).
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, officers, consultants, agents, contractors and other third parties who have a need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your personal information will be stored in accordance with applicable laws and kept for as long as needed to carry out the purposes described in this Privacy and Security Notice or as otherwise required by applicable law. As a minimum, information is likely to be retained at least for as long as your organisation, Our client, is a client of ours.
This section of the Privacy and Security Notice explains what cookies are, what types of cookies are placed on your device when you use our Services.What are cookies?
Cookies are small text files that are sent to or accessed from your web browser or your device’s memory. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e. when it expires) and a randomly generated unique number or other identifier. A cookie also may contain information about your device, such as user settings, browsing history and activities conducted while using our Website.Who can drop cookies?
First-party cookies are placed on your device directly by Five. For example, Five use first-party cookies to secure our Services and better understand your use of our website.
Third-party cookies are placed on your device by our partners and service providers. For example, third-party cookies are used on our Platform to facilitate the sign-in authentication process. Please see the privacy policies of Okta or Google (depending on the authentication provider used) for more information about what cookies they place. How long does a cookie stay on my device?
There are session cookies and persistent cookies. Session cookies only last until you close your browser. We use session cookies for a variety of reasons, including to learn more about your use of our Platform during a single browser session. Persistent cookies have a longer lifespan and aren’t automatically deleted when you close your browser.
Does Five use other tracking technologies?
Other technologies (which Five also calls cookies) that Five could use include web beacons (also called pixel tags or clear gifs), tracking URLs or software development kits (SDKs). Web beacons are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Platform or opened an e-mail that we have sent them. Tracking URLs are custom generated links that help us understand where the traffic to our webpages comes from. SDKs are small pieces of code included in apps, which function like cookies and web beacons.
Like most providers of online services, Five may usecookies to provide, secure and improve our Platform, including by remembering your preferences and recognizing you when you visit the Platform. To accomplish these purposes, Five also may link information from cookies with other personal information we hold about you.
Essential website cookies
What does it do?
These cookies are strictly necessary to provide you with services available through our Platform and to use some of its features, such as signing in to the Platform. The legal basis for the use of essential cookies is our legitimate interest (Article 6(1)(f) GDPR).
What do they do?
These cookies allow us to recognise users during their time on the Platform and perform essential security functions such as request forgery prevention. These cookies only remain in place for the user’s session and at most a period of 10 hours following a user’s session.
-How can you control cookies?
Some web browsers provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer. The procedure for managing cookies is slightly different for each internet browser. You can check the specific steps in your particular browser help menu. You also may be able to reset device identifiers by activating the appropriate setting on your mobile device. The procedure for managing device identifiers is slightly different for each device. You can check the specific steps in the help or settings menu of your particular device.
What happens if I disable all cookies?
The changes you make to your cookie preferences may make browsing our Platform a less satisfying experience. In some cases, for example in relation to sign-in authentication, you may even find yourself unable to use all or part of the Platform.
To find out more about
how cookies work, how to manage and delete them and to see which ones have been set please visit www.aboutcookies.org
This Privacy and Security Notice may be amended from time to time. We will post any changes we may make on this page and, where appropriate, may notify you via e-mail or through the Platform. When amendments are made, we will update the "last updated" date at the top of this Privacy and Security Notice.