ZF considers protecting the personal data of all natural persons to be an important priority. This includes all traffic participants. That is why we want to inform you here about how we handle personal data from camera recordings of ZF test vehicles in public spaces. We use these recordings to develop reliable algorithms for automated and autonomous driving. All activities of ZF Friedrichshafen AG in connection with this data processing are exclusively carried out in compliance with the GDPR and the BDSG (Federal Data Protection Act). This means that our employees and data processors are contractually obliged to observe these privacy law regulations.
For any comments or questions you may have regarding this statement, please contact the ZF Group's Coordinator for Data Protection, who is also the DPO for ZF Friedrichshafen AG:
ZF Friedrichshafen AG
Corporate Headquarters / ZF Forum
Löwentaler Straße 20
You can also contact the ZF Group's Coordinator for Data Protection via e-mail at firstname.lastname@example.org as well as by using the contact form below.
Our automated driving functions are designed to relieve the strain on the driver so that he can concentrate fully on the road traffic, thereby improving road safety. Functions such as cruise control, Park Distance Control or lateral support system were the first developments in this area and many drivers already use them as a matter of course. We constantly build on this basis to expand vehicle functionality.
To ensure safe and correct operation of our test vehicles, cameras for environment recognition are also installed in them. This means that vehicle systems detect e.g. obstacles in the path of the vehicle to keep the vehicle in a safe condition.
The number, range and level of detail of the cameras are restricted to the degree necessary for ensuring traffic safety and do not go beyond this.
Recorded images are only used for the purposes of road safety, product safety and technical trialling as well as further development of automated driving functions. ZF Friedrichshafen AG has no interest in identifying persons or vehicle registration plates recorded incidentally. We process personal data in compliance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The legal basis for the data processing is the legitimate interest of ZF Friedrichshafen AG for the purposes stated above (Article 6 para. 1f. GDPR).
A broadest-possible range of different traffic situations is necessary for verification tests of automated driving functions.
Project-specific recordings based on customer requests are in general globally possible.
ZF will not retain your personal data for longer than is allowed under the applicable data protection laws and regulations or for longer than is justified for the purposes for which it was originally collected. As a basic principle, the data collected will be stored for the duration of the research and/or development projects.
ZF has implemented appropriate technical and organizational measures to ensure an appropriate security level for the risk.
The corresponding risk analysis contains an analysis of the risk of infringing against the rights of individuals concerned, the costs for implementation as well as the type, extent, context and purposes of the data processing.
The measures include:
ZF Friedrichshafen AG is the corporate headquarter of the ZF Group. Due to shared corporate IT systems within the ZF Group and because of the international nature of our business, Personal Data collected and processed by ZF Friedrichshafen AG and its subsidiaries (“ZF legal entities”) can be shared with or accessed by other ZF legal entities of the ZF Group for the purposes above. A data transfer to ZF legal entities outside of the EU and the UK will only occur under the provisions for international data transfers laid out in Section VIII of this Notice (see below). An overview of the ZF legal entities that are part of the ZF Group can be found at:
Further, ZF may share your Personal Data with:
ZF will also disclose your Personal Data to third parties:
When disclosing your Personal Data to third parties that will process your Personal Data on ZF’s behalf,
your Personal Data will only be disclosed to carefully selected data processors acting on the basis of
ZF’s instructions to comply with the applicable legal and contractual obligations.
International data transfers refer to transfers of Personal Data outside of the European Economic Area (“EEA”) and the UK. The international footprint of ZF involves the transfer of Personal Data to and from other group companies or third parties, which may be located outside the EEA and the UK, including the United States of America.
In case your Personal Data is transferred outside of the EEA and the UK, ZF will make sure that your Personal Data is protected by the following safeguards:
If you wish to receive more information relating to the transfers of your Personal Data outside the EEA and the UK and/or the safeguards that have been implemented (including on how to receive a copy of these), you can contact the ZF Group Coordinator for Data Protection.
Under applicable data privacy laws, you can invoke the following rights. You can exercise these rights at any time by contacting the ZF Group's Coordinator for Data Protection:
You can use the following contact form to submit a corresponding request. Please specify both the time of the recording and the precise location as well as the vehicle as accurately as possible. This will ensure we can find the correct recording.