Academy of Robotics operates within an environment that is inherently complex and data-orientated. Data is gathered in various ways including and not limited to, through live road surveying, engagement with the Academy of Robotics website and interfaces related to Academy of Robotics activities and services. Data gathered is considered a key asset and as such, must be managed to a high standard that can ensure that the Academy of Robotics functions effectively. It is required that those responsible for the collection, management and dissemination of data, to do so in a systematic, planned and managed way that abides by the framework set out within this policy.
In certain cases, it is required by the Academy of Robotics to obtain particular information about individuals. These individuals can include customers, suppliers, business contacts, employees, members of the public and other people that the Academy of Robotics has a relationship with or may be required to contact.
This Policy sets out how this personal data must be collected, handled and stored to the Academy of Robotics’ data protection standards and ensure compliance with law. It further provides an exhaustive management framework for data which is consistent across all of Academy of Robotics activities that involve the collection of data.
This data management policy ensures Academy of Robotics:
Those responsible for the various activities undertaken by the Academy of Robotics are also responsible for the data collected relative to these activities. High level uses of data collected pertain to the training of autonomous vehicles and navigation/perception software, as well as developing a responsive interface for providing autonomous delivery. As such, maintaining the quality of this data, whilst ensuring the protection of privacy towards all individuals to which the data pertains and remaining consistently compliant in data protection law is fundamental to the operational capabilities of Academy of Robotics, and ensuring that internal and external decision makers are given trust and confidence in the outputs of the data collected.
This policy applies to all data collection and managed by Academy of Robotics and its employees.
As detailed in the ‘Academy of Robotics Data Collection and Recording Policy’ data is collected through both surveying and the live operation of the Kar-Go autonomous vehicle on public roads. This initial raw data includes personal information about individuals in the form of images (live and still.) The purpose of this data collection is to train autonomous vehicles and navigation/perception software and as such, there is a dedicated responsible role assigned to anonymizing all personal information collected during surveying. This includes the blurring of faces, sensitive property, license plates and registrations.
This is done in compliance with privacy protection law and under no circumstances would the Academy of Robotics not utilise anonymization procedures when collecting road surveying data without explicit consent of those whose personal information would be collected.
Academy of Robotics is committed to the safe and compliant storage of data, with secure server storage systems and a hierarchy of access authorisation that protects the security of stored data.
As a requirement, all Academy of Robotics employees responsible for the management and handling of data, must be aware of the following principles of data management. The following outline high level best practices within the Academy of Robotics and these principles guide all procedures concerning data management.
The General Data Protection Regulation (GDPR) applies in the UK and across the EU and has done so since May 2018. It requires personal data shall be:
Academy of Robotics gathers data from a number of separate sources. The types of data source are as follows:
The data collected from this source is considered video footage. Initially data captured during these processes includes the personal information of individuals, property and conduct which is captured in images both live and still. This information is processed through anonymization software which blurs all personal information before the data can be released. Further details on this process and how this data is protected can be found in the ‘Academy of Robotics Data Collection and Recording Policy.’
Data collected on the website includes;
Usage Data:
Usage Data may include information such as a users Device Internet Protocol address (e.g. IP address), their browser type, browser version, the pages of the website that are visited, the time and date of the visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking Technology and Cookies:
Cookies and similar tracking technologies may be used to track the activity on the Academy of Robotics Website and store certain information. The tracking technologies that may be used are beacons, tags, and scripts to collect and track information and to improve and analyze the website.
Data collected through any of our developed delivery interfaces will collect data such as the delivery times request, the location of the delivery including the address used to register the delivery, geo-id’s, customer numbers and GPS data relevant to the delivery.
As the Academy of Robotics collects data from a variety of sources, this Policy includes a visualisation on the data collection process and related responsibilities.
Data is collected from three primary sources and Academy of Robotics has assigned the roles of Data Handlers to that of the Senior Developer and Software Development Team (SDT) to be responsible for video data collected during surveying and operation of the Kar-Go autonomous vehicle. Whilst a designated Data Protection Officer is responsible for overseeing the use of data collected by users of both the Academy of Robotics website and its affiliated Delivery Interfaces.
Everyone at Academy of Robotics contributes to compliance with GDPR. Key decision makers understand accountability and the requirements of Academy of Robotics to sufficiently prioritize and support the implementation of compliance with privacy protection and correct data management procedures.
Data Handlers: This definition covers the person(s) responsible for handling the data collected. It is their responsibility for the correct and appropriate management, processing and dissemination of the data in their respective fields. Training in data handling is undergone and their actions are in compliance with GDPR and data protection law. It is further the responsibility of designated data handlers to ensure that all systems, services and equipment relevant to their operations that are used for the storing of data meet the acceptable security standards required. Data handlers have a further duty to perform regular checks and scans to ensure security hardware and software is functioning properly, and that they deal with subject access requests, deletion requests and queries from clients, stakeholders and data subjects about data protection related matters. Data handlers are responsible for the dissemination of this Policy across Academy of Robotics and arranging the training and advice required for staff.
The person responsible for fulfilling the tasks of the Senior Develop in respect of Academy of Robotics is Dr Narayan Aparajit, Senior Developer.
The Senior Develop is the responsible agent for the handling, processing and dissemination of data collected during the surveying and live operation of the Kar-Go vehicle processes. The software development team, are trained and authorised where required by the Senior Developer to assist with the processing and management of their respective data. All members of the Software Development Team are the responsibility of the Senior Developer and must perform regular checks and reviews of this Policy to ensure that their practices remain compliant.
It is the responsibility of the Senior Developer to manage their respective data within acceptable security standards and to ensure they regularly perform testing to ensure that there is no capacity for security breaches. In an instance of a security breach, it is the responsibility of the Senior Develop to report this immediately and follow protocol compliant with law and security regulations surrounding data breaches and the preservation of personal information.
Data Protection Officer: The person responsible for fulfilling the tasks of the Data Protection Officer (DOP) in respect of Academy of Robotics is (employee name, employee job title.)
The Data Protection Officer (DOP) is responsible for ensuring that Academy of Robotics processes the personal data of its staff, customers, providers or any other individuals in compliance with data protection rules. This role further extends within Academy of Robotics to the management of all data obtained through website and delivery interface usage. It is their responsibility to disseminate this data in compliance whilst ensuring that the data can be securely stored and the manner in which it is done so that it abides by acceptable security standards.
It is further the duty of the DOP to inform and advise Academy of Robotics and its employees about their obligations to comply with the GDPR and other data protection laws. The DOP must monitor this compliance with the GDPR and other data protection laws also. This includes the management of internal data protection activities, to advise on data protection impact assessments and to train staff and complete internal audits.
The DOP understands their obligation to be the first point of contact for supervisory authorities and for individuals whose data is processed.