Privacy Policy on Video Data Recording in the Context of Test Drives

 With this privacy policy, we inform you about the processing of your personal data in connection with test drives carried out by the following joint controllers within the meaning of Art. 26 of the General Data Protection Regulation (GDPR):

Volkswagen AG
Berliner Ring 2, 38440 Wolfsburg, registered in the commercial register of the Braunschweig District Court under the number HRB 100484 ("Volkswagen AG")

and

Volkswagen ADMT Hannover GmbH
74, c/o Volkswagen Commercial Vehicles, 30419 Hannover, registered in the commercial register of the Hanover District Court under the registration number HRB 222201 ("ADMT")

and

Mobileye Vision Technologies Ltd
13 Hartom St. Har Hotzvim, Jerusalem, 9777513 Israel ("Mobileye").

In accordance with Art. 26 of the General Data Protection Regulation (GDPR), the controllers have concluded a contractual agreement in which rights and obligations are regulated (so-called "Joint Controller Agreement").

Regardless of the joint processing described below, Mobileye processes the recorded video data for its own purposes, as described in Mobileye's Privacy Notice, which is available on the following website: https://www.mobileye.com/privacy-roadclips/

a) Description of data processing

Certain experimental vehicles, operated individually or collectively by the parties, are equipped with cameras and sensors and other measurement technology in and on the vehicle which, when these vehicles are driven on public roads, make a video recording of the vehicle's surroundings. Occasionally, the recording also includes the ambient sound. Both video and audio data can be personal data (i.e. information relating to an identified or identifiable natural person). Personal data usually includes: facial images and vehicle license plates. It should be noted that although video data may contain "special categories of personal data", the collection of such data is random and neither party will carry out any processing or other analysis on or in relation to it.

The collected data is securely transferred to a backend, stored in a database and used for the (further) development and validation of driver assistance and driver information systems as well as automated driving and comfort functions.

Based on this data, the safety, handling and comfort of vehicles in particular are improved in the context of real traffic and environmental situations, and autonomous vehicles and the associated systems for rule-compliant and safe road use are developed, tested and validated.

In addition, the recorded video data is used to ensure the functionality of the vehicle. The preparation of the existing traffic infrastructure and the detection of the vehicle environment, obstacles and environmental conditions (e.g. road grip or restriction of visibility due to air pollutants) as well as the road users including their direction of movement are necessary in order to derive the correct vehicle reaction.

Phases of data processing:

• Data collection
  The data is recorded with the help of sensors, cameras and other measurement technology in and on the vehicle. All data is stored on encrypted data carriers and securely transferred to the IT systems of those responsible for further processing at the end of a test drive.
• Data storage
  The data is stored by those responsible in the cloud systems of hosting service providers and retrieved from there for later use. Those responsible exchange data between their respective cloud systems and local servers in order to achieve the common goal of developing autonomous vehicles.
• Data Usage
  The stored data is used for the further development and validation of driver assistance systems and automated driving functions.

b) Data subjects, categories of data and processing purposes

The following data is collected and processed for the purposes of (further) development, testing and validation as well as the implementation of quality assurance measures for driver assistance and driver information systems as well as automated driving and comfort functions as well as other services:

• Video recordings of other road users (vehicles and people)
• license plates and lettering on vehicles;
• Audio recordings inside the vehicle

c) Receiver

Only those persons who need it for the purposes mentioned above will have access to your data.

If the controllers share the above-mentioned data with service providers and/or other third parties (e.g. cooperation partners), this is done in compliance with the applicable data protection law. In the case of service providers, this is done on the basis of agreements on order processing within the meaning of Art. 28 GDPR.

Service providers used by Volkswagen AG and ADMT GmbH that receive data include:

• Companies of the VW Group that provide services (e.g. development services) for VW AG and ADMT GmbH
• Commissioned development service providers outside the VW Group
• Hosting Service Providers
• IT service providers

Service providers used by Mobileye that receive data include:

• Mobileye Group companies that provide services to Mobileye
• Commissioned development service providers
• Hosting Service Providers
• IT service providers

These companies are involved in product development and the evaluation of trials. Further information on the recipients for specific test drives will be provided to you by the responsible persons on request. Please use the contact details below.

If recipients are located in a country outside the European Union or the European Economic Area (so-called third country), the data may be transferred to a country where there may not be an adequate level of data protection, i.e. one comparable to that in the EU. For data transfers to third countries where there is no adequate level of data protection, controllers have taken appropriate measures, such as concluding so-called EU standard data protection clauses, to protect your personal data.

d) Legal basis for data processing

Your personal data will only be collected, processed and transmitted for a specific purpose and only if there is a relevant legal basis for this.

The following legal basis is the basis for the purposes described above:

The processing of your personal data is carried out on the basis of a balancing of interests in accordance with Art. 6 (1) (f) GDPR.

The controllers have a legitimate interest in processing your data for the purposes described in section B. This applies in particular to the development and validation of driver assistance systems and partially or fully automated driving functions in order to increase road safety on public roads.

For information about your rights, including the right to object to the processing of your personal data, please see Section C of this Statement.

e) Duration of processing and deletion of data

The processing is not limited in time. The necessary data from real traffic situations must be used for the reliable development and validation of the automated driving functions in order to be able to derive and ensure the correct and intended reaction of the vehicle functions.

For this reason, general anonymisation or pseudonymisation, for example through the use of software that obscures specific characteristics of external road users, is not in principle expedient without complicating, falsifying or even making impossible the absolutely necessary, unambiguous analysis of the traffic situation to be assessed.

If, for example, people were "pixelated", blackened or otherwise edited as part of the recordings, the recognition algorithms to be developed would be trained on these changed patterns. Conversely, this leads to the fact that "unpixelated" or real people in the series system would not be recognized as persons in everyday life. Any change in this image data reduces the amount of information and thus the success of continuous optimization of perception by training the underlying algorithms. In particular, features in the face/head area are valuable in

order to enable reliable detection of pedestrians and cyclists even in difficult situations, e.g. when the person is partially obscured or in the dark, and in particular intention recognition.

For the purposes set out in section B, the data will only be stored for a maximum period of 15 years. There is no provision for further storage of your data, unless the storage of certain data is necessary for the purpose of obtaining evidence for the assertion of or defence against legal claims. This data will be deleted at the latest upon expiry of the applicable limitation periods.

You can assert your following rights against any controller at any time free of charge. The relevant contact details for exercising your rights can be found in Section E.

Note: Please note that the exercise of your rights as a data subject is necessarily limited, as none of the controllers collects or indexes personal data (there is no mechanism that allows, for example, to search the database for one or more images containing a specific vehicle or person). Therefore, it is highly unlikely that a party would be able to identify a specific person in their database unless that person could provide additional information, such as the place and time at which they believe the data was collected, license plate, road involvement/role, formative personal characteristics, and, if applicable, a photograph (not biometric). In principle, all inquiries are examined and answered on a case-by-case basis.

Should an individual submit an appeal in real time or near real-time to the driver of a corresponding test vehicle operated by a party, drivers will be instructed to record these objections and forward them for review. An immediate assertion of the right to erasure in accordance with Art. 17 GDPR directly by the driver cannot be carried out/implemented for technical reasons.

Right of access: You have the right to obtain information from us about the processing of your personal data.

Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data concerning you.

Right to erasure: You have the right to request the deletion of your data if the conditions specified in Art. 17 GDPR are met. After that, you can, for example, request the deletion of your data if it is no longer necessary for the purposes for which it was collected. You can also request erasure if we process your data on the basis of your consent and you withdraw this consent.

Right to restriction of processing: You have the right to request the restriction of the processing of your data if the requirements of Art. 18 GDPR are met. This is the case, for example, if you dispute the accuracy of your data. For the duration of the verification of the accuracy of the data, you can then demand the restriction of processing.

Right to object: You have the right to object to the processing of your personal data in the following cases:

• When the processing is carried out for direct marketing purposes (including profiling for direct marketing purposes).
• Where the processing (including profiling) is based on one of the following legal bases:
  – The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
  – The processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.

In the event of such an objection, we ask you to inform us of your reasons for objecting to the data processing. We will no longer process your data in the event of your objection, unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to data portability: If the data processing is based on consent or the performance of a contract and is also carried out using automated processing, you have the right to receive your data in a structured, commonly used and machine-readable format and to transmit it to another data processor.

Right of revocation: If the data processing is based on consent, you have the right to revoke the data processing at any time free of charge within the framework of consent with effect for the future.

Right to lodge a complaint: You also have the right to complain to a supervisory authority (e.g. the State Commissioner for Data Protection of Lower Saxony) about our processing of your data.

With regard to the collection of data in the context of the test drives (Section B), which we carry out under joint responsibility, you also have these rights vis-à-vis the joint controllers mentioned in Section A. In this regard, you are free to assert your rights as a data subject against each of the controllers in accordance with Art. 26 (3) GDPR. However, inquiries may be forwarded to us and processed by us.

The test vehicles are marked with signs that provide information about the data controllers listed in section A.

Contact person for assert your rights as a data subject

The contact persons of ADMT GmbH for the assert your rights as a data subject and further information can be found on the following website https://www.volkswagen-nutzfahrzeuge.de/admt

You can also assert your rights against Volkswagen AG. Further information can be found at: https://datenschutz.volkswagen.de.

You can also assert your rights against Mobileye. Further information can be found at: https://www.mobileye.com/privacy-roadclips/.

Data protection officers

The data protection officers are available to you as a contact person for data protection-related concerns:

Data Protection Officer of Volkswagen ADMT Hannover GmbH
Berliner Ring 2, 38440 Wolfsburg
dataprivacy@volkswagen.de

Data Protection Officer of Volkswagen AG
Berliner Ring 2, 38440 Wolfsburg
dataprivacy@volkswagen.de

You can contact Mobileye's Data Protection Officer at:

Mobileye Vision Technologies Ltd.
Hartom 13, Jerusalem 9777513, Israel
E-mail: privacy@mobileye.com

In the European Economic Area, please contact Mobileye's European DataProtection Officer at the following address:

Mobileye Germany GmbH
European Data Protection Officer
Liège Str. 13240547 Düsseldorf
privacy@mobileye.com

Stand: October 24