ABRP Integrity Policy
ABetterRouteplanner.com is owned and operated by Iternio Planning AB (“Iternio”), a company based in Sweden, founded and operated by the developers of ABetterRouteplanner.com. Iternio also offers planning-as-a-service to third party websites and apps via its Route Planner API. This document describes our use and storage of personal data for both services.
The following policy reflects how Iternio collects and processes data in connection with its services. This document will be updated continuously with the development of our services. This version is updated as per April 2021.
Our role when it comes to personal data
Iternio Planning AB is a Swedish limited company, company registration number 556911-5487, Scheelevägen 15, SE-22370 Lund, Sweden. The easiest way to contact us is by e-mail to our CEO, Dr Bo Lincoln at firstname.lastname@example.org.
Iternio is “Data Controller” for the personal data that we process, which means that we determine why and how personal data is collected and processed by us. As Data Controllers we are legally responsible for our processing.
Our approach to (not) collecting personal data
The European General Data Protection Regulation “GDPR” and its equivalents around the world encourage us to avoid processing personal data and to limit the processing to what is necessary in order to fulfil legitimate purposes. We are also encouraged to be open (transparent) about it, so that people know why and how data about them is being used.
Our business is based on data, the analysis and presentation of which is the core of our services. But Iternio has actively designed its software and services in order to collect and store necessary data without processing personal data. As interested as we are in data related to the use and performance of different electric vehicles in different environments and under different circumstances, we are correspondingly un-interested in the identity of our users. By submitting vehicle telemetry (car live data, such as “state-of-charge”) to us through any available method, you agree that we may store and process anonymized parts of that data to learn more about vehicles, traffic, chargers and similar to improve our service. We may also share anonymized data (data which cannot be linked to you or your vehicle) to other parties for the purpose of improving their knowledge of electric vehicles, charging, traffic or similar.
It is completely optional to use telemetry in the service. Please note that anonymized data means information which cannot be linked to an individual, so it is actually not “personal data”.
We do not sell or transfer any personal data about our users or any other individuals. However, we reserve the right to publish content-based ads in our services, such as Tesla related ads to Tesla route planners.
Why we collect data about you
User account and login data
A user may register an account for using our web- or app-based services and can then access the service from different devices with the same settings and user data. In order to provide user accounts, we store the username of the user, e-mail address and password (all provided/chosen by the user). We also store the personal settings chosen by the user and the last destination searches. Such data is stored only in order to provide the service to you.
Payment and order information
If you should sign up for a subscription for our premium features, or rent or purchase something from us, such as a hardware OBD-dongle in order to use live data, we will process your billing information for as long as you remain a paying customer/subscriber. Ordinary payments are received and administered by a company called “ChargeBee”. (We will not have access to any payment details, but we will get address information which we need to file tax reports). If you have chosen to buy a subscription from within our iPhone app or to pay for it with Apple Pay, PayPal or similar services, we will typically not receive any personal information about you – just a confirmation that a certain purchase has been paid for. Depending on how you chose to pay for these things, there will probably be some kind of processing of your data by the company that you use for the payment (not on our behalf).
When applicable, we may also store order information and details about products that you purchase from us, in order to handle shipping, support, complaints, returns, to provide information about updates etc. To the extent required by law (typically tax- and auditing) we will also collect and process information related to purchases, which may include for example the address or country of residence of a paying customer since we must file VAT declarations in the countries were our customers reside.
Vehicle, driving and charging related data
The quality of our services is dependent on gathering and analyzing data about how vehicles are being driven and charged under different conditions. Some users chose to provide us with more detailed data from their vehicle (“vehicle telemetry”), such as charging status, temperature, speed etc. We may in such cases store a unique identifier of the vehicle in order to identify the brand, model, battery, power consuming options, and other vehicle specific data.
Live data and premium features
With a subscription for our premium features, you will have increased possibilities to evaluate your driving and your vehicles through various personal statistics, logs or comparisons, to analyze your driving and charging patterns and so on. This means we must collect, store and process data from you and your vehicle.
When and how we collect data
Our basic service is free of charge and can be used without any kind of registration if you do not want to access your plans from different devices. We collect user account data when you open a user account (optional), when you sign up for premium features or purchase goods from us (optional), when you change the user settings or by collecting information provided by you, such as actual (stated) name, user name, e-mail address and password. We also gather information generated by your use of our services while logged in, including starting point, destination and current GPS position. The previous 15 searches (destinations) made from your user account are stored with your account for easy access. If you choose to provide us with live data from your vehicle (optional), we will collect such data either from an account or app through which you provide us data about your vehicle, or through an OBD dongle (sold separately) which is plugged into your car and registered with your account. The dongle can then send live vehicle data to us and your plan can be continuously adjusted based on your current data while you are driving. In addition, the entire last/current route plan may be stored in further detail, to be accessible from the user’s different devices.
The types of data we collect
We collect user data, such as stated name, username, e-mail address and password, for administration of user accounts (optional). We may also collect information about how different vehicle models are driven and charged.
For our (optional) premium features, we store and process various data provided by you, your car account/app or your vehicle in order to provide your planning tool with up-to-date data, to improve our car models in general and to present detailed data and statistics about your driving to you. We may provide means for you to share such data with friends. For our paid services or in connection with sale of goods (such as OBD dongles), we will also collect and process your billing information.
We do NOT collect or store any “special categories of data” as defined in the GDPR (e.g. related to biometrics, health, sexuality, political- or religious views etc). However, we may store GPS- and search related data that some people could consider to be sensitive information about their travel destinations. This data is only available for the logged in user – we will not share it with anyone. We encourage you NOT to provide any confidential, personal or sensitive information in any communication with us, especially in user forums or through other channels where other people may access it.
Your choices and rights
As an individual you have certain rights under the GDPR. You can exercise your rights by sending us an email at email@example.com.
You have the right to access information we hold about you, including:
the categories of data we’re processing
the purposes of our data processing
the categories of third parties to whom the data may be disclosed
how long the data will be stored (or the criteria used to determine that period)
your other rights regarding our use of your data
We will provide you with the information as soon as we can but always within one month of your request. There could theoretically be situations where we cannot provide certain information, for example if doing so would adversely affect the rights and freedoms of somebody else. If so, we will tell you about it. If you have a user account, you can at any time access and change the user data or preferences.
For you as user, ABRP and our other services are tools that must be used responsibly by you and only for legal purposes. This includes personal data and YOU are responsible for your processing and use of such data. For instance, you may not in any way use our services for purposes of monitoring other individuals (such as other users of your vehicle, your computer or mobile device) unless you have a legally valid consent or other valid legal grounds to do so.
How we store and secure your personal data
First, we try as far as possible to avoid storing and other processing of “personal data” (information that could, directly or indirectly, be connected to an individual). Therefore, we anonymize the data, when possible.
Very sensitive data such as vehicle API tokens (like MyTesla tokens) and certain billing information is stored encrypted with the decryption key completely outside of the server. This is so that even if a hacker gets a hold of a complete backup or disk from a server, it is still not possible to retrieve the data. Even with full access to the running server, it will be very hard to read out that information. We never store your password for such API services anywhere. We do our utmost to make it hard for a hacker or someone else with potential access to our servers to read and decrypt this data.
How long we keep your data stored
Your user account and data related to it will be stored as long as you chose to maintain the account. Data deleted by the user will immediately be deleted from our main systems and within 90 days from all backups.
If you would like your account to be actively deleted together with all your identifiable data, you can do so in the ABRP app or contact firstname.lastname@example.org.
Anonymous (thus not personal) data derived e.g. from the use of our services or otherwise provided to us will be stored and used as long as it is useful information, without any specific limitations.
International aspects – where your data is stored
Our data is stored on servers located in Sweden, including backups. We will not transfer personal data to countries outside of the EU (but we will of course give our logged-in users access to their own account data).