Privacy Notice for DENSO’s European ADAS Road Test

Last updated on 28 June 2021

As Data Subjects, DENSO is committed to respecting and protecting your privacy and your personal data.
If you have any questions about this Privacy Notice, or the personal data related to the European Road Test for ADAS (explained below), please contact us at , or our Data Protection Officer at .


This Privacy Notice sets out how and why DENSO processes your personal data, via our European Road Test for ADAS.
Please read this Privacy Notice carefully to understand our views and practices regarding your personal data and how we will treat it.

2. WHAT IS DENSO’s European Road Test for ADAS

In our DENSO European Road Test for ADAS, cameras mounted on test vehicles will record live footage of surrounding roads.
This video footage may therefore capture data about road users, including images of objects, pedestrians, other vehicles and license plates.

Test vehicles are equipped with Advanced Driving Assistance Systems (“ADAS”).
As part of DENSO’s development and improvement of our ADAS, we will use these test vehicles to review ADAS performance and functionality.
Because ADAS systems carry out and rely on external scanning of the vehicle’s external surroundings, it is therefore necessary that we process the camera images as part of our development and improvement project.

DENSO will be what is known as the ‘Controller’ of your personal data.

Please note that the processing of your personal data is subject to our stated or otherwise reasonable retention period (in section 8 below), and subject at all times to the full rights of Data Subjects (covered in section 9 below).


We will restrict the collection of personal data to what is absolutely necessary and never collect unnecessary personal data.
We process your personal data for the following purposes:

  • We, together with our customers, are trying to develop systems which increase road safety, and improve and enhance the public use of vehicles, by reducing the risk of traffic accidents.

  • To achieve this, we are currently researching and developing ADAS. ADAS technology acts as a driving aid and ensures that road signs, traffic lights and vehicle lights (e.g. headlights and taillights) are recognized, and the ADAS reacts accordingly.
    ADAS has programs that make the decisions in the vehicle and help to control the vehicle, enabling (partly) autonomous driving. It contains algorithms for image recognition (AI).

  • To develop and improve the ADAS application based on the image recognition algorithms.

  • To evaluate the ADAS technology vehicle integration.


We will only process personal data when the law allows us to (legal bases), which is mainly covered by the following situations:

  • Where it is necessary for our legitimate business interests if your interests and fundamental rights do not override those interests - this means that the interests and fundamental rights of Data Subjects come first.
    The legal basis for processing your personal data is our legitimate interests in validating and improving the ADAS functionality.
    Our primary goals include avoiding traffic accidents and any harmful incidents to persons or property, by recognizing traffic participants.
    More information on the balancing of your interests is also available upon request.

  • Where we need to Comply with a Legal or Regulatory obligation

  • Where this is in the public health or public interest (e.g. during pandemics or emergencies)

We require all of our third parties to respect the security of your personal data and to treat it in accordance with the law.
We do not allow our third-party service providers to use your personal data for their own purposes, and we only permit them to process your personal data for the specified purposes which we provide in this Privacy Notice, and in accordance with our instructions.
Our instructions are always linked to the legal bases covered above.

We do not share your personal data with any parties outside the DENSO Group, except where we are legally obliged to do so, or may legally do so due to one of the other legal reasons mentioned above in this section.
In doing so, we always use a suitable legal data transfer mechanism and take appropriate precautions, which provide an adequate level of data protection required by law.

Notwithstanding the foregoing, while we may share your personal data with our customers in our technical report for our development activity, the image that can identify individual (e.g. your face, license plates etc.) will be blurred and only blurred data will be shared with our customers.

Please consider that we may sometimes sell, transfer, or merge parts of our business or our assets.
Alternatively, we may seek to acquire other businesses or merge with them.
If such changes occur in our business, then the new participants may use your personal data in the same way that we do, as set out in this Privacy Notice.


We have engaged the following external service providers to provide certain services to us in connection with the Project:

  • DENSO AUTOMOTIVE Deutschland GmbH, Freisinger Straße 21-23, D-85386 Eching, Germany, one of our Group Companies (also the Controller’s European Representative),which will coordinate collecting your personal data on our behalf as well as analyse the images captured during the Project;

  • J-QuAD DYNAMICS, Inc., one of our Group Companies located in Japan, which will analyse the images captured during the Project:

  • DENSO TECHNO Co., Ltd., one of our Group Companies located in Japan, which will analyse the images captured during the Project.

These service providers have access to and otherwise process your personal data (i.e. they act as processors on our behalf).
They have access to blurred data only.

We will enter into contracts (called Data Processing Agreement) with all external service providers that will require them to safeguard your personal data and to process such data only as instructed.

Our internal applications may sometimes include links to third-party websites, plug-ins and contain other third party applications that operate in the background (such as cookies or tags).
We do not control these third-party sites, plug-ins or applications, and are not responsible for their privacy statements but we do enter int contractual relations with them which oblige them to follow the laws relating to protecting your personal data.


Any personal data that we collect from you for the European Road Test for ADAS is temporarily stored within Germany, before being securely encoded, and transferred to DENSO in Japan.
From there, it is decoded and securely stored on servers located within DENSO Japan, or approved sub-processors, and your personal data is not accessed from outside Japan.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. DENSO has also concluded strict agreements with all parties processing personal information on its behalf.

Japan has been designated by the EU as a country which provides adequate level of personal data protection.


All information that you provide to DENSO is stored on our secure servers, with regular back-ups and supported by adequate recovery plans.
The following measures are used to protect your personal data during the European Road Test for ADAS:

  • All data is blurred in Japan so that individual is not identified

  • All data is securely stored on servers in Japan using cryptography

  • All data access has an audit trail

Although the transmission of information via the internet is never completely secure, we will do our best to protect your personal data if shared electronically.
We will use strict procedures and security features to try to prevent unauthorised access, including available encoding and encryption.


Your personal data will be kept for up to 3 years, subject to your rights referred to in section 9 below.

In all cases, we will never keep your personal data longer than necessary under (national or EU) law.


As a Data Subject, you have certain rights under Articles 12-23 of the General Data Protection Regulation, which you may freely exercise at any time by contacting us through our external web form.

If you contact us to exercise a right, we will notify you as soon as possible, and collaborate with you to complete it within the usual 1 month time frame legally required, unless the request is exceptional.

Please consider that we will be able to satisfy deletion requests only if and when we are not obliged to keep that information under national or EU legislation, or reason of public interest.

For any queries on how we have handled personal data, you can contact us to have the matter investigated: .

At all times, you have an absolute right to refer matters about how we process your personal data to your local Data Protection Authority, also known as a Supervisory Authority. A list of Supervisory Authorities for countries within the EU can the found here.