B2B – means Business to Business.
B2C – means Business to Consumer/Customer.
Data Controller – means the person or entity which alone or jointly with
others determines the purposes and means of the processing of personal
data.
Data Processor – means the person or entity which processes personal
data on behalf of the controller.
Data Protection Law – means the Data Protection Act 2018 and the
General Data Protection Regulation ((EU) 2016/679) and any successor
laws, regulations and secondary legislation, as amended or updated from
time to time, in the UK.
DVS2025.co.uk – details of the Group can be found
at www.dvs2025.co.uk/about.
Our Platform – means either the DVS2025 platform accessible from our
website.
Sensitive Information – this is also known as Special Category Data and
includes information revealing, or about a person’s racial or ethnic origin,
political opinions or trade union membership, religious or philosophical
beliefs, health, sex life or sexual orientation, or genetic data and biometric
data for the purpose of uniquely identifying a natural person. Information
about criminal convictions is often included in this definition.
Data Processor and Data
Controllers
In respect to our B2B customers, we are a data processor. The companies
who have contracted with us to provide the goods and services will be the
data controller. Where our services are provided through a reseller, the

companies who have contracted with the reseller for us to provide the
goods and services will be the data controller.
We will not usually engage directly with the driver of the vehicle;
information is provided to us (usually through Our Platform) by the Insurer,
telematics service providers lease company, the reseller, or the Fleet
Manager.
In respect of our B2C customers, we will be the Data Controller for the
information we collect at the time of purchase. Once you have purchased a
device from us you are responsible for how you use, store, and publish the
recordings taken on the device; we are not a data processor for our B2C
customers.
Where a third-party data controller is involved in the provision of goods and
services to you, we recommend that you also review their privacy policy as
this will tell you how they will process your information.
Depending upon the types of services you have decided to receive from us
(or your company/insurer has elected to provide to you), other companies
may also be considered a data controller in respect of those ancillary
services. More information about third parties can be found in your data
controller’s privacy policy or the ‘Who do we share the information we
collect about you with?’ section below.
We are registered with the ICO, registration number [00019837585]
Data Protection Officer
We have appointed a Data Protection Officer to oversee our handling of
personal information. Our Data Protection Officer can be reached at
dataprotection@dvs2025.co.uk.
Please click on the relevant section below for detailed information
regarding how we process your information.
Who do we collect information
about?

B2C – Previous, current and prospective customers.
B2B – Previous, current and prospective customers, Drivers who are
authorised to drive the vehicle equipped with the telematics/CCTV device,
Fleet Managers, Business Partners (Insurers, and other telematics
companies), Resellers & Users of our Platform.
When do we collect
information about you?
B2C – When you register to use our website and/or our Platform, subscribe
to our services, search for a product, place an order on our website for our
products or services, participate in discussion boards or other social media
functions on our website, leave any query or correspondence on our
website or enter a competition when you contact us to make a complaint, a
promotion or survey or when you report a problem with our website, our
Platform or any other activity undertaken by DVS2025.
B2B – At the time a product is connected to the Platform (for example
driver details will be added to the customer’s account on our platform by
the data controller) when a new driver is allocated to a vehicle and is added
to the Platform, when the vehicle ignition is on although some devices also
capture information for a period of time after the ignition is switched off,
when our business partners or customers contact us (by phone, email,
through our website or otherwise) to update their driver’s details, when a
business partner contacts us to make a complaint, a promotion, or survey,
or when you report a problem with our website, platform or any other
activity undertaken by DVS2025.
What information do we collect
about you?
The personal information that we collect will depend on your relationship
with us. We will collect different information depending upon whether this is
a B2C or B2Brelationship.
In a B2B contract, the type of information will also depend upon the type of
service selected and the type of devices installed in the vehicles. The data

controller is responsible for ensuring they have a valid legal ground for the
processing that they ask us to carry out on their behalf.
Personal Information:
B2C – General Information such as name, email, phone number. Fleet
Manager / Business Partner Contacts / Insurers – General Information such
as name, business address, business email, phone number, Vehicle
Registration Number (for fleet vehicles).
Insurer policyholders – (Insurance customers only) the level of
information collected is determined by the data controller or the customer
and the type of device installed but can include: General Information such
as policy number, policyholder name, policyholder address, policyholder
email, policyholder phone number, policyholder’s Vehicle Registration
Number, Vehicle tracking information (GPS) recording the location of the
vehicle (live tracking and recording time and date), speed, incidents or
accidents and mileage, date of birth, driving history and driving behaviour,
policy details, photograph, video footage or CCTV audio recording (not all
devices and is disabled by default unless the customer completes and
submits the DVS2025 Audio Recording Disclaimer).
B2B Drivers of Vehicles – the level of information collected is determined
by the data controller and the type of device installed but can include:
General Information such as name, residential address (on the basis the
vehicle is stored at the drivers home address), business email, phone
number, place of work, Vehicle Registration Number, vehicle tracking
information (GPS) recording the location of the vehicle (live tracking and
recording time and date), speed, incidents or accidents and mileage, date
of birth, driving licence details, driving history and driving behaviour and
could include on the basis the customer has deployed AD Kit (ADAS &
DSM) incidents of driver distraction and fatigue, external photograph, video
footage or CCTV in-vehicle photograph, video footage or CCTV Audio
recording (not all devices).
Both – We may collect information when you use our website and/or
Platform including data that allows us to monitor your preferences and how
you use our website/Platform. This helps us to organise our
website/Platform content to improve your experience. The information we
collect includes: details of transactions you carry out through our
website/Platform, information that you provide by filling in forms on our

website/Platform even if those forms are not submitted, technical
information, including the Internet protocol (IP) address used to connect
your device to the Internet, your login information, browser type, and
version, time zone setting, browser plug-in types and versions, operating
system and our Platform, information about your visit, including the full
Uniform Resource Locators (URL) clickstream to, through and from our
website (including date and time), products you viewed or searched for,
page response times, download errors, length of visits to certain pages,
page interaction information (such as scrolling, clicks, and mouse-overs),
and methods used to browse away from the page. We may use cookies to
collect information about how our website is used. Please see our Cookies
Policy for more information about our use of cookies.
Special Category (sensitive)
Personal Information and
Criminal Personal Information:
B2C – We do not actively request details about sensitive personal
information including criminal personal information. However, it may be
recorded if it is provided by you as part of your engagement with us
whether through phone, email, letter, or via a website, social media, or
online chat.
B2B – Information relating to your criminal history (including offences and
alleged offences and any caution, court sentence or criminal conviction) but
only motoring convictions other than as noted above, we do not actively
request details about sensitive personal information. However, it may be
recorded if it is provided by you (or a third party) as part of the service
provision whether through phone, email, letter, or via a website, social
media, or online chat.
How do we collect your
information?
B2C – Directly from you or from someone else on your behalf by website,
Platform, phone, email, SMS, online chat, paper documents.

B2B – Fleet Managers / Insurers / Business Partner Contacts Directly from
you or from someone else on your behalf by website, Platform, phone,
email, SMS, online chat, paper documents.
Drivers of Vehicles – from your Insurer, Fleet Manager, reseller or one of
our business partners, from the device installed in the vehicle, from
government agencies such as DVLA.
What are the purposes for
which information about you is
used?
We may process your information for a few different purposes. For each
purpose, we must have a legal ground for such processing. When the
information that we process is classed as a special category or sensitive
personal information, we must have an additional legal ground for such
processing.
Whether you provide us with the information, or we collect information from
You, or we are provided with information from other sources, we may use
this information:
B2C
a) To complete the purchase of the device. Legal grounds: To carry out
our obligations arising from the contract entered through which we provide
our products or services to you.
b) Communicating with you and resolving any complaints that you
might have. Legal grounds: Our having an appropriate business need to
use your information to manage and respond to complaints which does not
overly prejudice you.
c) Complying with our legal or regulatory obligations. Legal
grounds: The use is necessary for us to comply with our legal obligations.

d) Recover outstanding payments. Legal grounds: Our having an
appropriate business need to use your information to recover debts which
does not overly prejudice you.
e) To improve our customer service. Legal grounds: Our having an
appropriate business need to use your information in the improvement of
our customer service which does not overly prejudice you.
f) To measure the effectiveness of our advertising. Legal grounds: Our
having an appropriate business need to use your information to ensure our
advertising is effective which does not overly prejudice you.
g) To provide data analysis to assist us with the pricing of our
products and detect market trends. Legal grounds: Our having an
appropriate business need to use your information which does not overly
prejudice you.
h) To personalise your repeat visits to our website/Platform and to
improve our website/Platform, including as part of our efforts to keep
our website/Platform safe and secure. Legal grounds: Our having an
appropriate business need to use your information which does not overly
prejudice you.
i) To notify you about changes to our services or products. Legal
grounds: Our having an appropriate business need to use your information
to keep our customers up to date with changes to our products or services
which does not overly prejudice you.
j) To administer our websites/Platform and for internal operations,
including troubleshooting, data analysis, testing, research, statistical
and survey purposes. Legal grounds: Our having an appropriate
business need to use your information to maintain our websites which does
not overly prejudice you.
k) To allow you to participate in interactive features of our services/
website/Platform. Legal grounds: Our having an appropriate business
need to use your information to offer an interactive website for customers
which does not overly prejudice you.
l) To transfer within the DVS2025 Group or to third parties for the
purpose of conducting internet analytics. Legal grounds: Our having
an appropriate business need to use your information to maintain our

websites and undertake website analytics which does not overly prejudice
you.
m) Providing improved quality, training and security (for example,
with respect to recorded or monitored phone calls to our contact
numbers); technology may include voice analytics. Legal
grounds: We have a legitimate business need to provide secure and
quality services.
B2B
a) To implement the service. Legal grounds: Our having an appropriate
business need to use your information to provide the contracted services.
b) To provide and manage your contracted services. Additional legal
ground for sensitive personal information: If collected, because the
data controller has an appropriate legal ground for processing sensitive
personal information.
c) Communicating with you and resolving any complaints that you
might have. Legal grounds: Our having an appropriate business need to
use your information to manage and respond to complaints which does not
overly prejudice you.
d) To transfer to our business partners for the purpose of providing
them with the services required under the contract. Legal
grounds: Our providing the contracted services. Additional legal ground for
sensitive personal information: If collected, because the data controller has
an appropriate legal ground for processing sensitive personal information.
e) Complying with our legal or regulatory obligations. Legal
grounds: The use is necessary for us to comply with our legal obligations.
f) To improve our customer service. Legal grounds: Our having an
appropriate business need to use your information in the improvement of
our customer service which does not overly prejudice you.
g) To measure the effectiveness of our advertising. Legal
grounds: Our having an appropriate business need to use your information
to ensure our advertising is effective which does not overly prejudice you.

h) To provide data analysis in order to assist us with the pricing of
our products and detect market trends. Legal grounds: Our having an
appropriate business need to use your information which does not overly
prejudice you.
i) To personalise your repeat visits to our website/Platform and to
improve our website/Platform, including as part of our efforts to keep
our website/Platform safe and secure. Legal grounds: Our having an
appropriate business need to use your information which does not overly
prejudice you.
j) To notify you about changes to our services or products. Legal
grounds: Our having
an appropriate business need to use your information to keep our
customers up to
date with changes to our products or services which does not overly
prejudice you.
k) To administer our websites/Platform and for internal operations,
including troubleshooting, data analysis, testing, research, statistical
and survey purposes. Legal grounds: Our having an appropriate
business need to use your information to maintain our websites/Platform
which does not overly prejudice you.
l) To allow you to participate in interactive features of our
services/website/Platform. Legal grounds: Our having an appropriate
business need to use your information to offer an interactive
website/Platform for customers which does not overly prejudice you.
m) To transfer within the DVS2025 Group or to third parties for the
purpose of conducting internet analytics. Legal grounds: Our having
an appropriate business need to use your information to maintain our
websites/Platform and undertake website analytics which does not overly
prejudice you.
n) Providing improved quality, training and security (for example, with
respect to recorded or monitored phone calls to our contact
numbers); technology may include voice analytics. Legal
grounds: We have a legitimate business need to provide secure and
quality services.

Who do we share the
information we collect about
you with?
Sharing within our DVS2025 Group (B2C
and B2B)
We may share your information within the DVS2025 Group for the following
reasons:

• To administer our websites/Platform and for internal operations, including
troubleshooting, data analysis, testing, research, statistical and survey purposes.
• To improve our website/Platform, including as part of our efforts to keep our website safe
and secure.
• To allow invoicing and to recover any outstanding payments.
• For legal, data protection, financial reporting and regulatory purposes.
Sharing with third parties (B2C)
We do not share your information with third parties. At the time of
purchase, you will provide a third party with your payment card details and
or your PayPal account details but we do receive these.
Sharing with third parties (B2B)
We may also share your information with selected third parties, in order to
offer services to you or to perform any necessary functions on our behalf.
This may include:

• Our business partners or Reseller Partners, such as your insurer, your employer (or their
contracted fleet management company) or a third-party telematics company to whom we

provide devices and/or monitoring and reporting services. Access can be via our Platform
or in some cases API.
Other third parties our business partner has asked us to engage with:

• Finance Providers
• Credit reference agencies
• Debt Collectors
• Survey companies
• Data analytics advisors
• Query search engine operators
• Product Installation contractors
• Mapping companies
• Product distribution companies
• Resellers
Disclosure of your personal information to a third party outside of the
DVS2025 Group will only be made where the third party has agreed to
keep your information strictly confidential and shall only be used for the
specific purpose for which we provide it to them.
We may also share your
information with:

• Search engine operators who can assist us in the improvement of our website/platform.
• Prospective buyers, if we sell any business or assets.
• Regulators and other authorised bodies, whenever we are required to do so by law.
• We believe that such disclosure is necessary to assist in the prevention or detection of
any criminal action (including fraud) or is otherwise in the overriding public interest.

What is our approach to
sending information overseas?
We do not send your data outside of the UK or the EEA.
How long do we keep personal
information for?
We will only keep your personal information for as long as reasonably
necessary to fulfil the relevant purposes set out in this Privacy Policy and to
comply with our contractual, legal and regulatory obligations.
We have implemented a Document Retention Policy which specifies how
long various types of information should be retained. The Policy is reviewed
on a regular basis to ensure that it aligns to current legal and regulatory
requirements. The retention periods vary depending upon the
circumstances of an individual matter but in general our retention periods
for customer facing documentation can be set out as follows:

• Purchase Information (B2C) – 3 years
• Service records (B2B) – 7 years from the end of the service contract
• Complaints – 3 years from the complaint being resolved
If you would like further information regarding the periods for which your
personal information will be stored, please see the contact details outlined
in the “How to Contact Us” section below.
Automated decision making
We do not use automated decision making.
What marketing activities do
we carry out?

Where our legitimate interest means it is reasonable or justifiable for us to
do so (known as legitimate interest) we may contact you about products or
services we feel may be of interest to you.
When we engage with you (by phone, email or website), we will give you
the opportunity to choose the method of communication (e.g. mail,
telephone or SMS) or to not to receive such communications in future.
Should you wish to change your marketing preferences you can contact us
at dataprotection@DVS2025.co.uk.
Your rights
Under data protection law you have certain rights in relation to the personal
information that we hold about you. You may exercise these rights at any
time by contacting us using the details set out in the “How to Contact Us
“section of this Privacy Policy.
Please note:
B2C – In some cases, we may not be able to comply with your request
(e.g., we might not be able to delete your data) for reasons such as our
own obligations to comply with contractual, legal or regulatory
requirements. However, we will always respond to any request you make
and if we can’t comply with your request, we will tell you why.
B2B – As a data processor we manage the data we hold on behalf of your
data controller and act only in accordance with their instructions.
Accordingly, you should raise your request with your data controller.
The right to access your
personal information
You have the right to access a copy of the personal information we hold
about you and certain details of how we use it. There will not usually be a
charge for dealing with these requests.

The right to rectification
We take reasonable steps to ensure that the personal information we hold
about you is accurate and up to date. However, if you do not believe this is
the case, you can ask us to update or amend it.
The right to erasure
In certain circumstances, you may ask us to erase your personal
information.
The right to restriction of
processing
In certain circumstances, you are entitled to ask us to stop using your
personal information.
The right to object to marketing
You can ask us to stop sending you marketing messages at any time.
The right not to be subject to
automated decision-making
(including profiling)
We do not use automated decision-making.
The right to withdraw consent
For certain uses of your personal information, we will ask for your consent.

Where we do this, you have the right to withdraw your consent to further
use of your personal information.
The right to lodge a complaint
with the ICO
You have a right to complain to the Information Commissioner’s Office
(ICO) if you believe that any use of your personal information by us is in
breach of applicable data protection laws and regulations.
More information can be found on the ICO’s website
at: www.ico.org.uk/concerns.
Making a complaint will not affect any other legal rights or remedies that
you have.
How we protect your
information
We want you to have confidence in how we use and hold your data. We
know that to achieve this we must preserve the security and confidentiality
of your personal information. We have therefore developed a range of
organisational, procedural, and technical security measures designed to
protect your personal information from unauthorized use or disclosure.
Examples of some of these measures include:

• User and privileged account management including appropriate policies for password
complexity, length and history.
• Auditing of system users and administrators.
• Regular backup schedules and disaster recovery environment for key systems and
services.
• Secure file transfer methods are used to encrypt data.
• Usage of data loss prevention tools within the Group.

• Data breach detection: Security tools in place to detect unusual or abnormal activity.
• Data breach investigation: Audit and logging tools used to investigate any potential or
reported breaches.
• Data breach response: A plan that pulls together our compliance, data protection, legal
and IT security teams to ensure rapid assessment and mitigation of data breaches.
Changes to our Privacy Policy
We keep our Privacy Policy under review, and it is updated periodically. For
example, those changes may be due to government regulation, new
technologies, or other developments in data protection laws or privacy

generally. You should check our website periodically to view the most up-
to-date Privacy Policy.

This Privacy Policy was last updated on 28th April 2024
How to Contact Us
Please contact us if you have any questions about our Privacy Policy or to
exercise any of your rights:
Data Protection Officer,
2 Burnham Road,
Chelmsford,
Essex,
CM1 6LZ.
Or by email to dataprotection@dvs2025.co.uk.
Where you have made the request by electronic means, the information will
be provided to you by electronic means where possible.
Contractual conflicts with this
Privacy Policy

Our website may contain links to other websites. This Privacy Policy only
applies to our own website so when you link to other websites you should
read their own privacy policies. If this policy conflicts with any written
contract that we have with you then the written contract shall take
precedence.
Complaints
If you have a complaint about how we use your information, then please
contact us at:
Data Protection Officer,
2 Burnham Road,
Chelmsford,
Essex,
CM1 6LZ.
If you have a complaint about the way in which your data has been
processed, you can contact the ICO at: www.ico.org.uk/concerns.