Table of contents
Privacy is a cornerstone of our business. Based in Europe, our operations are subject to European privacy laws: the GDPR (General Data Protection Regulation). GDPR privacy rules are considered to be the most demanding set of regulations in the world, offering a high level of data protection. Our global policies on privacy and the processing of your personal data reflect these standards, and in some cases are regulations are more stringent.
To read who has access to your information, get information about your rights and where we store your data, jump to more information.
Big data drives our business, but your privacy comes first. We collect data from our websites, products and services. Overall, there are four different types of data that we use:
This is personal data that you directly supply to TomTom, such as your name and email address when you create a TomTom account, your home address and favorite locations that you synchronize between devices, reported feedback about speed cameras or map errors, your age and phone number.
Many TomTom products are equipped with sensors or use device sensors such as GPS receivers, Wi-Fi or Bluetooth, camera, microphone, G-force and heart-rate sensors and touch screens. These sensors automatically collect data when activated. Depending on the purpose, this data may be initially linked to other data that identifies you or your device.
While you use our websites, products and services, metadata gets automatically collected or generated as a result of you using a device, transmitting your data over a network or requesting a specific service such as TomTom Traffic. This data could contain information about your technical configuration, device settings, user interface and other events related to your usage, and can be linked to other details such as IP-addresses, unique identifiers, cookies and other records of your activities.
Our clients, such as car manufacturers, could share data with TomTom that they have collected under their responsibility and in accordance with their privacy policies. We only use that data within the limits instructed by these parties, while adhering to contractual arrangements.
You can help TomTom keep our products and services secure, have them perform as expected and improve the quality and user experience by sharing data on how and when you use our apps, products and services. This includes information about your device, operating software and information we receive when you use certain features such as locations, route planning, destinations and search.
We categorize our users based on aggregated information such as frequency of use, specific features, region information (e.g. country and city), product and device information. Our analysis does not contain individual location information or information that you have entered but may include information that identifies your device, such as a hashed identifier. You can stop sending this information at any time by adjusting the product settings to withdraw your permission. Some TomTom products such as AmiGo ask your approval to collect your journey information for a longer period to analyze patterns and behavior. More details are available in the product privacy settings and in the DRIVE section.
TomTom applies security methods based on industry standards to protect your data against unauthorized access. We will not give anyone else other than our service providers access to the information subject to contractual safeguards and we don’t use it for any other purpose than communicated to you unless we have been lawfully ordered to do so.
You can create your TomTom account when using our navigation devices or apps. For this we need some minimum details about you:
If your personal data is protected by the California Consumer Privacy Act (CCPA), TomTom International B.V., on behalf of TomTom business, wishes to inform you about the data categories we collect from you (including the past 12 months) and how we process your data. This privacy statement was last edited on 31 December 2019 and subject to change at any time with or without further notice. We recommend that you re-visit this information from time to time to see if anything has been updated.
This statement supplements our other privacy notifications. Each TomTom product and service collects certain categories of personal information, you can check the in-product privacy notification or relevant sections in our general online privacy statement for more information. In case another party is using our products, for example a car manufacturer, as part of a service offered to you, you can read their privacy statement for more information.
Overall, we collect the following categories of personal information:
TomTom software uses your location data to function correctly and to enable certain features. With your permission, we use your location data to send information to your device that is relevant to where you are or enabling you to use a specific feature such as our traffic services. We also use your location data to improve the quality of our products and services after making sure it can no longer be linked back to you directly. TomTom deidentifies your location data within 24 hours after you have stopped using the TomTom product or service by automatically and irreversibly destroying the data that would allow you or your device to be identified from the location data we have received. You can choose to send your location data or stop sending this information to TomTom at any time via TomTom’s product settings. If location data is stored on your TomTom device, it will be deleted when you stop sending this information to TomTom. We don’t know where you have been or who you are.
Your personal information mentioned in categories 2 – 6 will be solely used for TomTom’s business purposes, such as auditing, detecting security incidents, registration and management of user accounts, providing customer support, processing or fulfilling orders and transactions, repair and warranty services, verifying customer information, processing payments, performing analytics and research to improve the quality, safety and content of TomTom products and services.
When necessary to fulfill certain of these business purposes, TomTom shares your information with other parties such as IT hosting providers, third-party cookie providers, social media and marketing partners and other service providers that keep our products secure and performing well or manage and analyze usage of our products. We have contracts in place with these parties to process your data only for authorized purposes to deliver certain services that require them to act consistently with this statement and to use appropriate security measures to protect your personal data.
Be aware that your device operating system, your service provider using TomTom software components, or communication networks may also collect, transmit and store your personal and location information. TomTom has no influence over this. For more details you can check the statement and settings from your mobile operator, device manufacturer, supplier and other app developers. When you share certain information on social media, the social media provider will process that information in accordance with its own privacy policies. You can check these policies for more details.
We promise not to give anyone else access to your information unless we have a legal obligation to do so, for example when we are obliged by applicable law to disclose your information to governments, competent authorities and law enforcement agencies or to defend TomTom’s legitimate interests in legal proceedings. We don’t sell your personal information to anyone or otherwise disclose your personal information in exchange for money or something else of value.
You can file a verifiable request with TomTom to specifically disclose or delete your personal information. More details can be found on our privacy support page or within your TomTom account. You can also contact our customer service team for more information, contact details can be found here. In case you have appointed an authorized agent to make privacy requests on your behalf, this agent should follow the same process to provide your account details for verification. When you request TomTom to disclose your personal information, TomTom is not obliged to reidentify or link any data that is not maintained in a manner that would be considered personal information and will not do so as such. TomTom will not discriminate you for exercising these rights.
When you set up a TomTom navigation device, download one of our apps or create a TomTom account, we need minimum information to enable you to use features safely and properly. The first time we need access to your location information, you will see a notification asking for your permission to share this data with TomTom for specific purposes. We also ask your permission before we use your journey information to improve the user experience. We only synchronize certain information between apps and devices after we have your authorization. You can easily change your permissions in the settings of your device, app or via your TomTom account. Withdrawing your consent could mean that some services are no longer available.
In some cases, we process your data beyond legitimate interests to better manage our products and services – helping keep them working as expected, keep them secure, and improve the customer experience by looking at how and when you use them. This processing is subject to appropriate measures to protect your identity in accordance with industry practices, taking into consideration the risk represented by the processing and the nature of the data being protected. We have taken appropriate steps to address security, risk of data loss and other risks taking into consideration the nature of the data, the kind of processing activities and assigned responsibilities to address security and privacy related matters.
You can access your personal data, obtain a copy, have incomplete, incorrect, unnecessary or outdated data updated or request that your data will be deleted. You have the right to object to or restrict processing in certain circumstances, such as when you believe the data is inaccurate or the processing activity is unlawful. To execute your access and deletion rights, you can contact TomTom via our dedicated GDPR support page on tomtom.com or your TomTom account. For other requests, you can contact us directly using the contact details on our website. Some TomTom product accounts give you the option to directly access or delete your data, for instance it’s possible to download and delete road trip information that we hold via MyDrive.tomtom.com.
We don’t sell or disclose your personal data to other parties unless otherwise stated below.
TomTom only shares your information with TomTom affiliates that are responsible for services and products and with other parties when necessary, such as our IT cloud service providers (for example Microsoft and AWS) and other service providers such as logistics partners, payment service providers and repair centers that keep your data secure. We have contracts in place with third parties to process your data only for authorized purposes to deliver certain services that require them to act consistently with these arrangements and to use appropriate security measures to protect your personal data.
Be aware that your device’s operating system, other apps running on your device or the communication networks collect, transmit and store your personal and location information. TomTom has no influence over this. For more details you can check the statement and settings from your mobile operator, device manufacturer and other app developers. When you share your information directly with a third party, for example posting details on social media, the third party will process that information in accordance with its own privacy policies. Our product privacy settings contain more information on embedded third-party services, you can check these for more details.
We promise not to give anyone else access to your information unless we have a compulsory legal obligation to do so, for example when we are obliged by applicable law to disclose your information to governments, competent authorities and law enforcement agencies or to defend TomTom’s legitimate interests in legal proceedings.
By default, we store your information in the European Economic Area (EEA). In limited cases, your personal data may be transferred to countries outside the EEA with different regulations on data protection. In those cases, we assess that your privacy is protected in the best way possible and that an adequate level of data protection is met, for example through an official adequacy decision or appropriate safeguards with standard contractual clauses subject to additional risks assessments. You may contact TomTom for more information about data transfers and safeguards.
We don’t save and use your information longer than necessary. We delete all data related to you afterwards. In some cases, we continue to use anonymous or de-identified information, when specific data is needed for further analyses, product improvements and reports. The length of time that we retain personal data and criteria for determining that time, are dependent on the nature of the personal data, our legal obligations and the purpose for which it was provided.
You can contact TomTom’s Data Protection Officer at:
TomTom International B.V.
Privacy Office / DPO
De Ruijterkade 154
1011 AC Amsterdam
If you’re not satisfied, you can also contact the Dutch Privacy Authority.
TomTom International B.V., De Ruijterkade 154, 1011 AC Amsterdam, the Netherlands is responsible for your personal data in relation to TomTom products and services. TomTom affiliates providing specific products or services may be (joint) controller or (sub) data processor of your data. You can find more information about these affiliates in the product legal terms and conditions available through the product settings or our website.