This personal data processing agreement (“Agreement”) contains personal data processing terms between Mapon and any company, organization, institution or any legal person (“Client”) that uses Mapon vehicle fleet management services (“Service”) to monitor and process personal data of their employees or other individuals within their Mapon account while using the Service.
The processor of personal data is the Mapon group entity to which the Client has a contractual relationship or whose Services the Client uses. See our contacts in the Contact information section.
1.1. Client as the data controller instructs Mapon to process personal data in order to provide Service to the Client pursuant to the Service agreement concluded between the Client and Mapon. In respect of personal data obtained from the Client or Mapon system during the provision of Services, Client acts as data controller and Mapon as data processor.
1.2. For the avoidance of doubt, this Agreement contains complete and final instructions of the Client to Mapon in relation to processing of personal data of Client’s data subjects, and therefore constitutes a binding data processing agreement in accordance with the applicable data protection laws and regulations.
1.3. When Mapon processes personal data on behalf of the Client as data controller, any enquiry, request, objection or complaint that a data subject (for example, an employee of the Client) may have in connection with the processing of personal data regarding the Service should be addressed to and resolved by the Client.
2.1. Mapon processes personal data in order to provide the Service, improve it, solve any Service related issues the Client may have and ensure that the Client receives the best customer experience possible.
2.2. Mapon collects and processes personal data for the following, but not limited, purposes:
3.4.1. name/ company name;
3.4.2. e-mail address;
3.4.3. payment information;
3.4.4. phone number;
3.4.5. shipping/billing address;
3.4.6. any other information provided to Mapon for this purpose.
3.5.1. vehicle data (for example, make, type and brand of the vehicle, mileage, technical information, etc.);
3.5.2. driver’s data (location, routes, driving habits, speed, direction, etc.);
3.5.3. digital tachograph and driver’s data and activities (for example, driver’s license number, name, time spent on breaks, start, stop and end time of driving, driving duration, tachograph calibration, tachograph manufacturer, information on tachograph control, absence calendar, etc.);
3.5.4. data subject’s web browser data (for example, IP address, browser type, version, etc.);
3.5.5. other data, which Mapon can receive during the use of the Service and which, in connection with other information may contain personal data (for example, temperature data, fuel sensor data, etc.).
3.6.1. Client’s employee’s (driver’s) data (for example, name, e-mail address, phone number, birth date, the used vehicle fleet and used vehicle, driver’s license number, digital tachograph card number and other data, which has been provided);
3.6.2. vehicle fleet data, according to the use and configuration of Mapon Service;
3.6.3. communication history with the Client and data subject;
3.6.4. other information, which the Client may provide to Mapon and which, in connection with other information may contain personal data (for example, vehicle fleet control sheets, location, time zone, photo etc.).
4.1. Mapon will process the aforementioned data for as long as Mapon provides the Service to the Client and the Client has an active Mapon account. However, personal data can be deleted at any time upon Client’s request.
4.2. Unless the applicable law requires, Mapon has no obligation to store Client’s personal data after the termination of contract with the Client. After terminating the contract, Mapon may continue to store some personal data, limited to the minimum amount required, for Mapon to comply with legal obligations, to ensure reliable back-up systems, resolve dispute between the Client and Mapon, if any, prevent fraud and abuse, enforce Mapon agreements, and/or to pursue legitimate interests of Mapon or third parties.
6.4.1. any requests from the Client’s data subjects in respect of access to or the rectification, erasure, restriction, portability, blocking or deletion of their personal data that Mapon processes on behalf of the Client. In the event that a data subject sends such a request directly to Mapon, Mapon will promptly forward such request to the Client;
6.4.2. the investigation of personal data breach and the notification to the supervisory authority and Client’s data subjects regarding such personal data breach;
6.4.3. where appropriate, the preparation of data protection impact assessments and, where necessary, carrying out consultations with any supervisory authority.
7.1. Upon Client’s request Mapon agrees to provide sufficient information to demonstrate compliance with the obligations laid down in this Agreement and applicable data protection laws. This information should be provided to the extent that such information is within Mapon’s control and Mapon is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party.
7.2. If the provided information, in Client’s reasonable judgment, is not sufficient to confirm Mapon’s compliance with this Agreement, then Mapon agrees to allow and contribute to data processing audit.
7.3. Such audit will be carried out by independent third party with good market reputation, which has experience and competence to carry out data processing audits and confirmed by both Mapon and the Client.
7.4. Such audit will be carried out at the time agreed between the Client and Mapon within 2 (two) months from the moment the Client has requested the audit in writing. The auditor will have to sign a confidentiality agreement which includes obligation not to disclose business information in its audit report which will also be provided to Mapon. The audit will be carried out during normal working hours of Mapon, without interfering with Mapon’s business activities. The Client has the right to request the audit once every 2 years. All expenses regarding to the audit shall be borne by the Client.
8.1. Mapon may occasionally change this Agreement, for example, in cases new services or features are introduced. In case of amendments or any changes, Mapon will inform the Client in due time by sending an electronic notification to the Client’s representative and indicating the nature and scope of the amendments. The amendments to this Agreement are applied from the moment, which is indicated in this section of the webpage.
8.2. By continuing to use Mapon Service or otherwise providing personal data to Mapon, after the amendments to this Agreement have been implemented, the Client agrees to the updated terms of the Agreement.
9.1. This Agreement shall be governed by the laws of the Republic of Latvia, and any action or proceeding related to this Agreement (including those arising from non-contractual disputes or claims) will be brought in the courts of the Republic of Latvia.
If you have any questions about personal data processing or these Data Processing Terms, please contact us by using the contact details below:
Address: Krasta iela 44, Riga, LV-1003, Latvia
Address: Carrer d'Àlaba, 56B - 2nd floor 08005, Barcelona, Spain
Address: Juhtatie 2, 00750, Helsinki, Finland
Address: Peterburi 90F, 41-1, 11415, Tallinn, Estonia
These Data Processing Terms are effective as of 11 May 2020.