hexagon hexagon hexagon hexagon hexagon

DATA MANAGEMENT POLICY

Academy of Robotics operates within an environment that is inherently complex and data-orientated. Data is gathered in various ways including and not limited to, through live road surveying, engagement with the Academy of Robotics website and interfaces related to Academy of Robotics activities and services. Data gathered is considered a key asset and as such, must be managed to a high standard that can ensure that the Academy of Robotics functions effectively. It is required that those responsible for the collection, management and dissemination of data, to do so in a systematic, planned and managed way that abides by the framework set out within this policy.

download Download Print Frienly PDF PDF 11.5mb

In certain cases, it is required by the Academy of Robotics to obtain particular information about individuals. These individuals can include customers, suppliers, business contacts, employees, members of the public and other people that the Academy of Robotics has a relationship with or may be required to contact.

This Policy sets out how this personal data must be collected, handled and stored to the Academy of Robotics’ data protection standards and ensure compliance with law. It further provides an exhaustive management framework for data which is consistent across all of Academy of Robotics activities that involve the collection of data.

thumb thumb

Purpose

This data management policy ensures Academy of Robotics:

  • Complies with data protection law and follows good practice
  • Protects the rights of customers, staff and partners
  • Is transparent about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach
Policy Statement

Those responsible for the various activities undertaken by the Academy of Robotics are also responsible for the data collected relative to these activities. High level uses of data collected pertain to the training of autonomous vehicles and navigation/perception software, as well as developing a responsive interface for providing autonomous delivery. As such, maintaining the quality of this data, whilst ensuring the protection of privacy towards all individuals to which the data pertains and remaining consistently compliant in data protection law is fundamental to the operational capabilities of Academy of Robotics, and ensuring that internal and external decision makers are given trust and confidence in the outputs of the data collected.

Scope

This policy applies to all data collection and managed by Academy of Robotics and its employees.

Management of Data collected from Surveying and during Operation of the Kar-Go Vehicle

As detailed in the ‘Academy of Robotics Data Collection and Recording Policy’ data is collected through both surveying and the live operation of the Kar-Go autonomous vehicle on public roads. This initial raw data includes personal information about individuals in the form of images (live and still.) The purpose of this data collection is to train autonomous vehicles and navigation/perception software and as such, there is a dedicated responsible role assigned to anonymizing all personal information collected during surveying. This includes the blurring of faces, sensitive property, license plates and registrations.

This is done in compliance with privacy protection law and under no circumstances would the Academy of Robotics not utilise anonymization procedures when collecting road surveying data without explicit consent of those whose personal information would be collected.

Safe and Compliant Storage of Data

Academy of Robotics is committed to the safe and compliant storage of data, with secure server storage systems and a hierarchy of access authorisation that protects the security of stored data.

Data Management Principles

As a requirement, all Academy of Robotics employees responsible for the management and handling of data, must be aware of the following principles of data management. The following outline high level best practices within the Academy of Robotics and these principles guide all procedures concerning data management.

  1. Each and every data source must be governed by a responsible data handler in a leadership role, who consistently monitors and reviews all datamanagement procedures to ensure the accuracy, security and integrity of their governed data;
  2. Data collected by Academy of Robotics falls under the responsibility of Academy of Robotics to ensure its security and;
  3. Data provided to Academy of Robotics by third-party organisations and partners must be accommodated by appropriate non-disclosure agreements and security procedures, after which once the data is held by Academy of Robotics it falls under the responsibility of Academy of Robotics in its entirety;
  4. Collection of data should only be for a specific and documented purpose;
  5. Capture, processing and validation of data should be automated where possible, with only the senior responsible employee for the data sourceprovided authority to manage these procedures;
  6. Use of data must be accurately presented by any users of processed data;
  7. Duplication of data must not occur unless the duplication is considered absolutely essential. In such cases, this must be done by the senior responsible data handler and the original data must be recorded and identified as the master. Robust procedures and data structuring must be maintained to manage copies of data;
  8. Certain data sources must use anonymization procedures to protect the personal information of individuals whose information may be presentwithin the data.
Data Protection Law:

The General Data Protection Regulation (GDPR) applies in the UK and across the EU and has done so since May 2018. It requires personal data shall be:

  1. Processed lawfully, fairly and in a transparent manner in relation to individual;
  2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatiblewith the initial purposes;
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which that are processed;
  4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purpose for which the personal data are processed;personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest,  scientificor historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by GDPR in order to safeguard the rights and freedoms of individuals;
  6. Processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing or organisational measures;
  7. The controller shall be responsible for, and be able to demonstrate, compliance with the principles.
Scope of Personal Information and Data to be Processed

Academy of Robotics gathers data from a number of separate sources. The types of data source are as follows:

Source 1: (Video data recorded from surveying and the operation of the Kar-Go vehicle)

The data collected from this source is considered video footage. Initially data captured during these processes includes the personal information of individuals, property and conduct which is captured in images both live and still. This information is processed through anonymization software which blurs all personal information before the data can be released. Further details on this process and how this data is protected can be found in the ‘Academy of Robotics Data Collection and Recording Policy.’

Source 2 (Data collected on website)

Data collected on the website includes;

Personnel Data:
  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Usage Data
refillable vape

Usage Data:

Usage Data may include information such as a users Device Internet Protocol address (e.g. IP address), their browser type, browser version, the pages of the website that are visited, the time and date of the visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking Technology and Cookies:

Cookies and similar tracking technologies may be used to track the activity on the Academy of Robotics Website and store certain information. The tracking technologies that may be used are beacons, tags, and scripts to collect and track information and to improve and analyze the website.

Source 3 (Data collected via delivery interface):

Data collected through any of our developed delivery interfaces will collect data such as the delivery times request, the location of the delivery including the address used to register the delivery, geo-id’s, customer numbers and GPS data relevant to the delivery.

Data Collection Process and Responsibilities

Data Collection Process

As the Academy of Robotics collects data from a variety of sources, this Policy includes a visualisation on the data collection process and related responsibilities.

Understading the collection process

thumb

Data is collected from three primary sources and Academy of Robotics has assigned the roles of Data Handlers to that of the Senior Developer and Software Development Team (SDT) to be responsible for video data collected during surveying and operation of the Kar-Go autonomous vehicle. Whilst a designated Data Protection Officer is responsible for overseeing the use of data collected by users of both the Academy of Robotics website and its affiliated Delivery Interfaces.

Responsibilities

Everyone at Academy of Robotics contributes to compliance with GDPR. Key decision makers understand accountability and the requirements of Academy of Robotics to sufficiently prioritize and support the implementation of compliance with privacy protection and correct data management procedures.

Data Handlers: This definition covers the person(s) responsible for handling the data collected. It is their responsibility for the correct and appropriate management, processing and dissemination of the data in their respective fields. Training in data handling is undergone and their actions are in compliance with GDPR and data protection law. It is further the responsibility of designated data handlers to ensure that all systems, services and equipment relevant to their operations that are used for the storing of data meet the acceptable security standards required. Data handlers have a further duty to perform regular checks and scans to ensure security hardware and software is functioning properly, and that they deal with subject access requests, deletion requests and queries from clients, stakeholders and data subjects about data protection related matters. Data handlers are responsible for the dissemination of this Policy across Academy of Robotics and arranging the training and advice required for staff.

Senior Developer (Software Development Team):

The person responsible for fulfilling the tasks of the Senior Develop in respect of Academy of Robotics is Dr Narayan Aparajit, Senior Developer.

The Senior Develop is the responsible agent for the handling, processing and dissemination of data collected during the surveying and live operation of the Kar-Go vehicle processes. The software development team, are trained and authorised where required by the Senior Developer to assist with the processing and management of their respective data. All members of the Software Development Team are the responsibility of the Senior Developer and must perform regular checks and reviews of this Policy to ensure that their practices remain compliant.

It is the responsibility of the Senior Developer to manage their respective data within acceptable security standards and to ensure they regularly perform testing to ensure that there is no capacity for security breaches. In an instance of a security breach, it is the responsibility of the Senior Develop to report this immediately and follow protocol compliant with law and security regulations surrounding data breaches and the preservation of personal information.

Data Protection Officer: The person responsible for fulfilling the tasks of the Data Protection Officer (DOP) in respect of Academy of Robotics is (employee name, employee job title.)

The Data Protection Officer (DOP) is responsible for ensuring that Academy of Robotics processes the personal data of its staff, customers, providers or any other individuals in compliance with data protection rules. This role further extends within Academy of Robotics to the management of all data obtained through website and delivery interface usage. It is their responsibility to disseminate this data in compliance whilst ensuring that the data can be securely stored and the manner in which it is done so that it abides by acceptable security standards.

It is further the duty of the DOP to inform and advise Academy of Robotics and its employees about their obligations to comply with the GDPR and other data protection laws. The DOP must monitor this compliance with the GDPR and other data protection laws also. This includes the management of internal data protection activities, to advise on data protection impact assessments and to train staff and complete internal audits.

The DOP understands their obligation to be the first point of contact for supervisory authorities and for individuals whose data is processed.

HOW KAR-GO WORKS
GET IN TOUCH
OUR TEAM

CONTACT DETAILS

Tel. 01639 544 996

IamAlive@academyofrobotics.co.uk

TRADING ADDRESS

Academy of Robotics
33 Cathedral Road,
Cardiff,
Wales, CF11 9HB

Site navigation

PRODUCTION ADDRESS

Academy of Robotics
Pilgrim Motorsports
5 Mackley Industrial Estate,
Small Dole, BN5 2HG

FOLLOW US

REGULATION

Privacy Policy

Terms and Conditions

Copyright 2018 C Academy of Robotics