Privacy statement

Arity Privacy Statement

Effective date: June 24, 2024

At Arity, we take data privacy seriously. We aim to be transparent and upfront about our privacy practices, including how we collect, use and share your personal information. This Privacy Statement is provided on behalf of Arity LLC and Arity 875 (“Arity”, “we” or “us”). While this Privacy Statement addresses data privacy requirements from across the globe, some parts of this Privacy Statement apply to certain countries only. We urge all visitors to our site to read this Privacy Statement in its entirety.

Use this Table of Contents to link directly to a specific section of the Privacy Statement.

About Arity

Arity is a global technology company focused on making transportation smarter, safer, and more useful for everyone. Arity transforms large amounts of data into actionable insights to help better predict risk and make smarter decisions in real time. Arity provides services directly to consumers and indirectly through companies such as mobile application providers and insurance companies to capture and understand driving behavior. Arity also provides some products, only to business customers, referred to as business clients, for their own purposes. Arity designs its products and services with privacy and data protection in mind.

Arity works with many different business clients such as mobile application providers, website publishers, vehicle manufacturers, and insurance companies. When working with these business clients, Arity may collect information directly from consumers or the business client may collect the information and share it with Arity.

Personal information we collect

Arity collects both personal and other information about you. Personal information (also referred to as personal data in some jurisdictions) is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you. In contrast, non-personal information does not and cannot reveal an individual’s identity such as information that has been deidentified or aggregated.

Please note that the type and amount of personal information collected from or about you will differ based on the products, features, and services you use, your relationship with Arity, and the country in which the products, features and services are provided. In certain circumstances, Arity may collect personal information about you in its role as a service provider on behalf of its business clients. When Arity acts as a service provider, the collection and use of personal information is subject to the privacy policies of the business clients and not this Privacy Statement.

We collect the following categories of personal information:

  • Geolocation data: Includes geolocation coordinates, including latitude, longitude, and altitude, your direction of travel, Wi-Fi access points, and the time the information was recorded.
  • Personal identifiers: Includes name, alias, postal address, phone number, fax number, date of birth, partial social security number, vehicle identification number (VIN), unique device or personal identifier, online identifier – such as Mobile Ad ID, internet protocol (IP) address, and email address.
  • Personal characteristics: Age, marital status, gender, education, occupation employment status, household income, household size, household children, community type, and other demographic information. For transparency, we collect some demographic information for research purposes including race and ethnicity.
  • Commercial and service related information: Services purchased, obtained, considered, or other purchasing or consuming histories or tendancies. If Arity’s services are provided in connection with an insurance product (provided by an insurance company or employer), we may also receive the following information: Insurance policyholder demographic information and policy information, insurance claims data, motor vehicle records and consumer report data, including credit score.
  • Internet or other electronic network activity information (including mobile app information): Includes browsing history, search history, information regarding your interaction with our website, mobile apps, and advertisements we facilitate, links you use, referral pages or web pages you visit while visiting our websites, browser type, internet service provider (ISP), and cookies. It also includes mobile app and device usage information (e.g., frequency of use, application marketplace from where you downloaded the mobile app, operating system, device model and time zone) and driving behavior (e.g., phone handling, miles, speed, and if a mobile app detects a collision, information about the collision).
  • Multimedia information: Audio, electronic or similar information
  • Inferences: Inferences drawn from personal information collected to create a profile reflecting preferences, characteristics, predispositions, and driving habits and behavior. For example, Arity may derive miles traveled, acceleration, deceleration, braking behavior, cornering, speed, and trip routing from information coming from your mobile device or vehicle, including location data.
  • Sensitive personal information: Some personal information we collect is defined under the law as sensitive personal information. The sensitive personal information we collect includes precise geolocation information. When engaging in market research surveys, we may also collect race and ethnicity.

Sources of personal information

We collect personal information and other information about you in several ways and from several sources. Personal information and other information are collected from the following sources:

  • Directly from consumers via our websites, emails, phone conversations, third-party mobile apps, Arity’s mobile app (Routely®) or devices installed in vehicles. For some products, Arity embeds its technology in its business clients’ mobile app, allowing Arity to collect geolocation and related driving behavior information directly from consumers.
  • From Arity business clients via their mobile app or other device or directly from the business client (not via the mobile app) in connection with services you’ve requested from the business client such as vehicle manufacturers. For example, a business client may provide Arity with information not collected from an app that would help Arity better develop its models.
  • From other parties such as our corporate affiliates, data brokers, service providers, and marketing companies.
  • Directly from consumers during or in connection with an interview, survey or similar interaction.
  • From third parties when Arity is acting as a service provider. Arity often acts as a service provider to business clients and collects and uses certain additional personal information only in connection with performing services on behalf of those business clients. The use of this information is subject to the privacy practices of those business clients and not this Privacy Statement.

Use of information

Arity’s use of your information differs based on your services, features and products and your country of origin. See Specific Information Related to Users in the EU, UK, EEA and Switzerland below for details about the collection and use of data from data subjects in the European Union, United Kingdom, European Economic Area or Switzerland. See also Privacy Practices for Select Arity Products below for more details about the differences in data usage for certain products.

Personal and other information may be used for business purposes including to:

  • Create, deliver or improve our services, features and products. We may use your personal and other information to create, deliver or improve our services, features or products. We use personal and other information to perform actuarial studies, model development, and statistical analysis to create and refine our risk, deriving behavior, and advertising models and analytics that allows us to create, deliver or improve our products and services, including providing services to our business clients. Our services, features and products, such as telematics features within a mobile app (Routely® or a business client’s app, for example), may be provided directly to you in connection with your relationship with one of our business clients or may be provided to you by or through the business client. We also use personal and other information to improve or repair our services, features and products, including addressing bugs or other issues.
  • Facilitate a business client’s services, features and products: Arity’s services, features and products are provided to you, directly or indirectly, in connection with a relationship you have with one of our business clients and facilitate the business clients’ services or products. These services, features and products, that rely on Arity’s use of your information and sharing of information with a business client, may include:
    • Creating insights on driving behavior based on geolocation and other driving related data, which is provided to our business clients for purposes of the business client providing you a service or product such as insurance, family or friendship groups or weather and traffic information, which may include providing some of those insights to you;
    • Providing functionality in Routely® or a business client mobile application, such as providing you with navigation services or information on how to improve the safety of your driving;
    • Providing you with towing and repair options or contacting emergency personnel;
    • Providing you offers for products and services that may interest you based on your location and driving habits.
  • Conduct analytics and research. We also use personal and other information to conduct research and analysis for purposes of product development, enhancement or improvement to products and services or for other reasons in the public interest. Where possible, we use deidentified information for model development and analytics and have implemented practices to limit the use of personal information for analytics purposes.
  • Targeted advertising. We may use personal and device identifiers to create segments of similar individuals to help advertisers serve you interest-based advertising based on geolocation information, insights derived from driving behavior, and demographic information. We use this data to serve ads through our advertising platform and measure the effectiveness of advertising campaigns. Note that Arity does not collect or use personal information from the Routely® app, insurance provider apps or from individuals in certain jurisdictions to serve targeted ads; however, Arity may collect personal and device identifiers, demographic information, or inferences from other non-insurance related business clients or other data providers for this purpose.
  • Improve, develop and analyze our websites. We use personal information and other information to analyze, improve, develop or deliver our website using algorithms, analytics software and other similar methods and analyze how visitors use our website to improve the website and enhance and personalize your experience. We collect some information used for these purposes using analytics software, cookies and other tracking technologies. For more information about the collection and use of this information, see Your Privacy Choices.
  • Communicate with you about your service, feature or product. We may use your personal information to communicate with you about a service, feature or product, respond to customer service requests, or to investigate, respond to, and resolve issues or complaints or other inquiries. We may also provide you confirmations or other service or product related messages. Communication may be via text, email or other available methods such as push notifications.
  • Provide marketing communications. We may use your personal information to serve you ads or customized content on the internet, send you promotional communications about products, services, features, and options we believe may be of interest to you. We may send communications via email or other methods.
  • Comply with legal requirements and protect the safety and security of our business, services, and sites. We may use your personal information to comply with laws, regulations or other legal obligations, to assist in an investigation, to protect and defend our rights and property or the rights of third parties or enforce terms and conditions. We may also use your personal information to prevent suspected fraud, threats to our network or other illegal activities, prevent misuse or for any other reason permitted by law. We may use your personal information to protect our company, our affiliates, our customers, our network and our websites and mobile apps.
  • Update or correct our records. We may use personal information collected about you from you or other sources, including publicly available databases or third parties from whom we have purchased data to update our records.

Business client’s use of information

Arity shares your information with its business clients as part of your purchase, or use, of services from those business clients. Those business clients include, but are not limited to, insurance companies as well as mobile app providers who track the location of members of a defined group or who provide weather related information. If you have purchased an insurance product offered by an Arity business client, then your information may also be used by that business client to calculate insurance rates or rewards provided under the product or service. Our insurance company business clients may also use your information to update their pricing and underwriting models. All such use of your personal information by our business clients is subject to their privacy policies and not this Privacy Statement.

Sharing your information

We may share personal information about you for several reasons and with different parties including with service providers and other third parties whenever you consent to or direct such sharing. We may also share your personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement.

For all personal information that can reasonably be aggregated or deidentified, Arity will take steps to do so before sharing with unaffiliated third parties. This means that we will take steps to alter that personal information such that it cannot reasonably be used to identify you or relate the information back to you. For any personal information that cannot be completely aggregated or deidentified, we take steps to modify the information before sharing to remove information such as name, account number, address, or unique vehicle identifiers when possible. Before sharing such deidentified or modified information with unaffiliated third parties, Arity contractually prohibits third parties from taking any steps to reidentify the data or relate any deidentified personal information back to you and also contractually limits the purposes for which they can use the information. In some cases, we may share personal information such as your name, address, and contact information with third parties at your direction for the purposes of obtaining insurance quotes. When we share information, we strive to work with companies that share our commitment to privacy.

We may share your personal information for business purposes or as required or permitted by law with:

  • Business clients: We share your personal information with our business clients through which you receive Arity’s features, products or services. For example, when using our Routely® mobile app or a business client’s mobile app that has Arity’s technology embedded, information is shared with our business client for purposes of servicing the product or service you have requested from that business client. If you are using our Routely® mobile app as a driver relative to your employer’s usage-based commercial insurance policy, information may be shared with your employer. With your consent, we may also share your contact information provided via one of our websites with our business clients so that they may contact you to offer their products and services.
  • Service providers to Arity: Personal information may be shared with service providers who perform services on our behalf for a business purpose including service providers that:
    • provide marketing and advertising, email or other communication services;
    • provide services that support our online activities including providing tracking technologies, web hosting and analytics;
    • provide tax and accounting, legal services, delivery, and data enhancement services;
    • provide technology services and enhance security, privacy and fraud protections;
    • provide analytics services or conduct research or actuarial studies; and
    • provide support to our operations.
  • Marketing and advertising partners: Arity permits third party online and other marketing and advertising partners to collect information from you directly on our websites to facilitate online advertising of Arity’s services. See the “Cookies and other tracking technologies and settings” section below for more details about these activities.
  • Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or related or similar proceedings.
  • Law enforcement, regulators and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:
    • comply with the law and the reasonable requests of regulators, law enforcement or other public authorities;
    • protect our or others safety, rights or property; and
    • investigate fraud or to protect the security or integrity of our websites and mobile apps or any product or services.

We share the following categories of personal information with the following parties:

  • Geolocation data: Business clients; Service providers to Arity; Law enforcement or regulators; Third parties in connection with a business transaction.
  • Personal identifiers: Business clients; Service providers to Arity; Marketing and advertising partners; Law enforcement or regulators; Third parties in connection with a business transaction.
  • Personal characteristics: Law enforcement or regulators; Third parties in connection with a business transaction.
  • Commercial and service related information: Business clients; Service providers to Arity; Law enforcement or regulators; Third parties in connection with a business transaction.
  • Internet or other electronic network activity information (including mobile app information): Business clients; Service providers to Arity; Marketing and advertising partners; Law enforcement or regulators; Third parties in connection with a business transaction.
  • Inferences: Business clients; Service providers to Arity; Marketing and advertising partners; Law enforcement or regulators; Third parties in connection with a business transaction.

Retention of personal information

We retain personal information in accordance with applicable laws or regulatory requirements and also for as long as necessary to fulfill the purposes for which it was collected and to fulfill the business or commercial purposes that are explained in this Privacy Statement. Refining and developing statistical models relies on information collected over a long period of time, and this information is stored until it is no longer needed to provide products or services to you and to develop and refine our models. Where possible, we keep this information in a pseudonymized format. We retain Mobile Ad IDs and geolocation information used to serve targeted advertising for up to 3 years from the date of collection. When no longer needed, we delete or deidentify the personal information. We review our data retention policies periodically and comply with local legal requirements.

Privacy practices for select Arity products

Targeted advertising service:  Arity collects geolocation and driving behavior data, and we may use that information to link driving behavior information to device identifiers,demographic information or other personal information to help serve targeted advertising and measure advertising effectiveness. Arity does not disclose precise geolocation data to third parties for advertising purposes. Learn how to opt out of targeted advertising including by opting out of the sharing or selling your personal information by visiting Your Privacy Choices .

Arity is a member of the Network Advertising Initiative (NAI) and we adhere to the NAI Codes of Conduct. To learn more about the NAI and the Code of Conduct please visit The NAI Code of Conduct.

Arity IQ network: Arity Services LLC, is a consumer reporting agency regulated by the Fair Credit Reporting Act (FCRA) that delivers an Arity driving score or driving behaviors to an insurance company for its use in providing you with insurance quotes, rating, and underwriting. We furnish personal information to Arity Services, LLC, which uses the data to create a consumer report. With your consent and upon your request, Arity Services LLC will share this consumer report with an insurance company.  For information on your rights under FCRA relating to this product including how to submit a consumer request, visit the Arity Services Data Support Center.

Cookies and other tracking technologies and settings

Tracking Technologies used online: When you visit our websites or use our mobile apps, we, our third party marketing and analytics providers operating, may automatically collect information about your use of and access to these websites and mobile apps using a variety of tracking technologies, including cookies, Flash objects, web beacons (also called “clear GIFs” or pixel tags), embedded scripts, location-identifying technologies, analytics, remarketing and similar technology (collectively, “tracking technologies”).

We and our third-party marketing and analytics providers (such as Google Analytics, Adobe Analytics, Meta, Microsoft and DemandBase) use these tracking technologies to help us provide users with an enhanced and more customized web experience. Additionally, we and our marketing and analytics providers use tracking technologies, analytics, and other technologies to monitor visits to our websites. This information may also be combined or linked with personal information we collect directly from you. The information collected in this manner includes:

  • The websites which linked you to, or away from, our websites, how frequently you visit the websites, your interaction with emails we send, pages you visit on our websites, and the ads you view, or your location when you access our websites, recordings of mouse clicks, mouse movements, keystrokes, and other communications you make on our sites;
  • Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, unique device identifiers or advertiser ID, and other similar information, and
  • Analytics information collected by us or via third-party analytics tools, to help us measure traffic and usage trends for the websites and to understand more about the demographics and behaviors of our users.

For additional details about how we use cookies and other tracking technologies, including how not to accept cookies, see Your Privacy Choices.

Use of the information: The information collected through tracking technologies allows us to provide you with an improved, enhanced and personalized customer experience, to monitor and improve our website and for other internal purposes such as:

  • Provide custom, personalized content and information, including targeted content, communications and advertising,
  • Identify and contact you across multiple devices,
  • Provide and monitor the effectiveness of our sites,
  • Perform analytics and detect usage patterns on our sites,
  • Diagnose or fix technology problems,
  • Detect or prevent fraud or other harmful activities, and
  • Otherwise to plan for and enhance our sites.

Your choices regarding cookies: If you prefer not to accept cookies, you may update your cookie preferences for this site by accessing the “Cookie Settings” link within Your Privacy ChoicesYou may also opt-out by enabling a universal tool that automatically communicates your opt-out preferences through browser settings such as the Global Privacy Control (“GPC”). All website visitors, regardless of residency, can opt-out of this sharing. Most browsers will also allow you to manage cookies in your browser settings to disable or block cookies, remove existing cookies, automatically accept cookies or to notify you when you receive a cookie. These settings are browser or device specific, and options available may vary by browser. However, if you disable, modify, or reject cookies, some parts or functionalities of our site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services or promotions. Also, if you clear your cookies on your browser or make selections using a different device or browser, you may need to redo your cookie settings.

Some browsers offer a setting called “Do Not Track.” Although we do our best to honor the privacy preferences of our visitors, we may not be able to respond to all “Do Not Track” signals from your browser. Collection of information from mobile devices: Geolocation and other driving behavior information is collected via mobile apps only when Location Services is enabled on your device. Other permissions through the operating system of your device may also be required for our services or products to function properly. If enabled, our Routely® mobile app or our business client’s mobile app may collect location data in the background of your device in order to understand your driving behaviors even while you are not engaging with the Routely® app or our client’s mobile application. Disabling the location services functionality on your mobile device may impact your app’s services.

Privacy rights and choices

You have specific rights under certain state privacy laws.  These rights differ by state and by the type of products and services you have with Arity. For example, rights under certain state laws do not apply to personal information that is regulated by the Fair Credit Reporting Act.

California, Connecticut, New Hampshire, Texas, Oregon, and Virginia Residents

California residents have rights to access, correct, and delete their personal information as well as other rights described below. Similar rights exist for Connecticut, New Hampshire, Texas, Oregon, and Virginia residents.

Right to know and access your personal information: You have the right to request the specific pieces of personal information we have collected about you and the right to know:

  • the categories of personal information collected;
  • the categories of sources from which personal information was collected;
  • the business purpose for collecting the personal information, and
  • the categories of third parties with whom we disclose or share personal information.

Right to deletion of personal information: You have the right to request we delete the personal information collected about you, subject to certain exceptions including that we need the personal information to:

  • Complete a transaction or provide a good or service you requested, or take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify or repair errors that impair functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Comply with a legal obligation, or
  • Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Right to correct personal information: You have the right to request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.

Non-discrimination rights: We don’t discriminate against you if your exercise any of the privacy rights described in this privacy statement.

Submitting a request: To submit a request, visit our online webform or call us at 1-800-654-1412. Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period.

Connecticut, New Hampshire, Texas, Oregon, and Virginia residents: If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal for additional review of our inability to fulfill your request, visit our appeals webform.

Sharing or sale of personal information: We do not sell personal information for monetary value. For our Targeted Advertising Service, we utilize personal information such as device identifiers to provide you with relevant, targeted advertising, build advertising models and monitor the effectiveness of advertising campaigns. We do not disclose personal information to third parties as a part of this service without your consent. On our website, we allow third-party pixels and other tracking technology which enables the sharing of personal information about website users with third parties for the purpose of serving you interest-based advertising. This sort of online advertising is called cross-context behavioral advertising under the California Consumer Privacy Act (CCPA) or targeted advertising under other state laws.

CCPA provides California residents the right to opt-out of the “sharing” of your information for cross-context behavioral advertising.  Connecticut, New Hampshire, Oregon, Texas, and Virginia residents have the right to opt out of the processing of personal data for the purposes of targeted online advertising. Regardless of where you live, you can learn how to opt out of this “sharing” for targeted advertising by visiting Your Privacy Choices.

Use and sharing of sensitive personal information: Arity uses sensitive personal information (precise geolocation data) and shares insights derived from that information for targeted online advertising. California residents have the right to limit this use of your sensitive personal information. Regardless of where you live, you can learn how to limit this use by visiting Your Privacy Choices.

Consumer request metrics: The following lists the number of access, deletion, correction and data sale/share opt out requests Arity received, complied with and denied from residents of California in 2023 and the average number of days it took to complete a request. Please note that these metrics do not include requests made to our Business Clients.

2023 Data Access Requests
Number of requests received 6
Number of requests complied with in whole or in part 0
Number of requests denied 6
Average days to complete a request 2
 

2023 Data Deletion Requests

Number of requests received 30
Number of requests complied with in whole or in part 5
Number of requests denied 25
Average days to complete a request 3
 

2023 Data Correction Requests

Number of requests received 0
Number of requests complied with in whole or in part 0
Number of requests denied 0
Average days to complete a request 0
 

2023 Data Sale/Share Opt Out Requests*

Number of requests received 20,104
Number of requests complied with in whole or in part 20,104
Number of requests denied 0
Average days to complete a request 7

*Number includes all “CCPA Opt Out Tool” global opt out requests received by the DAA’s AppChoices tool.

Social media, links, and external sites

Links to other companies’ websites may be provided on the Arity website as a convenience to you. If you choose to go to these external websites, you will be subject to the privacy practices of those external websites; Arity is not responsible for the privacy practices of those websites. We encourage you to be aware when you leave our website to read the privacy policies or statements of every website you visit, as those privacy policies or statements may differ from ours.

Our website includes Social Media Features, such as the Facebook “Like” button and Widgets, the Share This button or interactive mini-programs that run on our website. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

Security

Protecting your personal information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your personal information. However, no website, mobile application, database or system is completely secure or “hacker proof”. So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your personal information against unauthorized disclosure or misuse.

We limit access to your personal information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.

Children’s personal information

We do not knowingly gather personal information or market products or services to children under the age of sixteen. If we become aware that we have collected personal information from a child without the required parental consent, we will make reasonable efforts to delete such data from our records.

Specific information for users in the EU, UK, EEA, and Switzerland

This section applies to personal information (referred to in this section as personal data) collected from users in the European Union (EU), the European Economic Area (EEA), United Kingdom (UK) or Switzerland or otherwise subject to the General Data Protection Regulation (GDPR).

Our legal basis for processing: For personal data that we process in connection with any products or services we offer to you or our business clients, we will generally process that personal data (i) based on consent, (ii) in order to take steps at your request, or (iii) for our legitimate interests in providing our services to you or otherwise in supporting the business needs.

Your Access and Choices: You may have the following rights in relation to your personal data:

  • Rectify any inaccurate personal data that we hold about you;
  • Have your personal data erased under certain circumstances;
  • Have the processing of your personal data restricted where you dispute its accuracy, if you think its processing is unlawful, if you otherwise object to its processing, or when we no longer need your personal data and you need it in relation to a legal claim;
  • Have access to your personal data, and the right to receive copies of your personal data in a structured, commonly used and machine-readable format and transfer those copies to another data controller, under certain circumstances;
  • Complain to your national data protection regulator if you feel that any of your personal information is not being processed in accordance with the GDPR.

To exercise your rights to access, rectify or erase your personal data, you can submit a request to privacy@arity.com.

Use of your personal data for analytics and profiling: We use your personal data to assist in our development of predictive driving models. We may profile your personal data only for the purposes of creating a driving score (“Driving Score”), which is used for our analytics purposes to develop and validate our predictive driving models.  To develop our predictive driving models we gather information about your driving behaviors, such as speed, change in speed, and other aspects of how much, where and when you drive to predict driving risk.  These driving behaviors may be combined with other demographic or geographic information about driving risk for certain locations, which incorporate relative risks.

However, we take steps to remove all personal data that is not necessary to the predictive driving models. So, while your Driving Score incorporates your GPS location data, it will not be directly connected to your name, contact information, or vehicle information unless we have obtained your explicit consent to do so in advance.

In addition, we do not do any of the following without obtaining your prior explicit consent to do so:

  • Use personal data or Driving Scores to make automated decisions that have significant effects for individuals, because individuals are not identifiable within the data set;
  • Use any insights, model output, or Driving Scores with personal data for any purpose other than internal analytics or our predictive driving models; or
  • Use your profile or Driving Score to advertise to you.

After pseudonymizing the Driving Scores, we may share the pseudonymized Driving Scores with business clients. Please refer to the business client’s privacy notices for the products and services you have elected to use for details about their privacy practices.  Other than sharing pseudonymized Driving Scores with business clients, we do not share Driving Scores with third parties, unless we are required pursuant to lawful legal process.

Your Driving Score will in no way impact the availability or your use of our products or services.

Your right to withdraw consent: If you withdraw your consent, we will stop processing the relevant personal data except to the extent we have other grounds for processing under applicable laws. We will respond to your request within a reasonable timeframe. You may withdraw your consent at any time; however, Arity will not be able to provide or continue to provide products or services to you.

There may be cases where restrictions on the amount of data that can be disclosed to data subjects under applicable law (for example, if that would necessarily involve disclosing data about another person). Arity is permitted to withhold some types of personal data in certain circumstances, subject to applicable local law requirements. If there is a dispute, please contact us using the information in the “Contact Us” section. In addition, data subjects have the right to lodge a complaint with a supervisory authority. The name and contact details of the supervisory authorities in the European Union can be found at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

Contact us: For questions about the collection of personal data by Arity, or to exercise the right to access, correct, update, or delete such data or object, for legitimate purposes, to the processing of personal data, as provided under applicable law, please contact us at:

For users in the UK:
Arity
Attn: Data Protection Representative
10 Mays Meadow
Belfast, Country Antrim, BT1 3PH
Northern Ireland

For users in the EU, EEA, and Switzerland:
Email: eurep@arity.com

Please note: When sending inquiries to us, we may need additional information such as the business client you have engaged for which we collected data to better assist you.

Personal data transfers: Transfers of personal data outside of the EU, UK or EEA must meet certain legal requirements. Arity relies on Standard Contractual Clauses that have been approved by the European Commission to comply with these requirements. Under the GDPR, Arity acts as data controller with respect to such transfers. Arity also ensures it uses corresponding Standard Contractual Clauses with any vendor that it engages in connection with the processing of any of your personal data that is subject to these transfer requirements.

EU-U.S., Swiss-U.S. Privacy Shield, and UK Extension Data Privacy Framework: Arity complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Arity has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Arity has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Accountability for onward transfer: Where Arity transfers personal data as provided above to a third party, we will do so consistent with the notice provided to you and any consent provided (if applicable), and contractually require the third party to process the personal data for limited and specified purposes consistent with the lawful basis for processing, and provide us notice of any concerns with its ability to comply with these promises. We will also contractually require the third party to stop processing personal data or take other reasonable and appropriate steps to in the event it cannot meet its data protection obligations. Arity remains liable under the DPF Principles where any third-party service provider processes personal data subject to its DPF certification in a manner inconsistent with the Principles, except where Arity is otherwise not responsible for the event giving rise to the damage.

Recourse, enforcement and liability: Arity’s participation in the DPF Frameworks is subject to investigation and enforcement by the Federal Trade Commission. Arity commits to address inquiries, requests to exercise your rights under applicable law, or resolve complaints about our collection or use of your personal information. In compliance with the DPF Principles, after you have contacted us at the email below, if we are unable to resolve your concerns, Arity has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Further, under certain circumstances, data subjects may also be able to involve binding arbitration before the DPF Panel to be created by the U.S. Department of Commerce and the European Commission. Arity may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Contact us

If you should have questions or concerns about our privacy practices, please contact us through the below methods.

Please note: When sending inquiries to us, we may need additional information such as the business client you have engaged for which we collected data to better assist you.

For users in the U.S. and other users (outside of Switzerland, the UK, European Union, and EEA):

Email: privacy@arity.com

Mail: Arity
Attn: Data Protection Officer
PO Box 227238
Dallas, TX 75222-7238
United States of America

For users in the United Kingdom:

Arity
Attn: Data Protection Representative
10 Mays Meadow
Belfast, Country Antrim, BT1 3PH
Northern Ireland

For users in the European Union, EEA, and Switzerland:

Email: eurep@arity.com

To request that you no longer receive business-related promotional e-mails from Arity, please email us at info@arity.com.

If you opt out from receiving marketing emails, we may still send you transactional, non-marketing emails such as emails about your products or services, responses to your requests and inquiries, or notices of updates to terms and conditions or our privacy practices.

Changes to this Privacy Statement

We may periodically update or revise this Privacy Statement. The effective date at the top of the document shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means.