Privacy is a cornerstone of our business. Based in Europe, our operations are subject to European privacy laws: the GDPR (General Data Protection Regulation). GDPR privacy rules are considered to be the most demanding set of regulations in the world, offering a high level of data protection. Our global policies on privacy and the processing of your personal data reflect these standards, and in some cases are regulations are more stringent.
To read who has access to your information, get information about your rights and where we store your data, jump to more information.
Big data drives our business, but your privacy comes first. We collect data from our websites, products and services. Overall, there are four different types of data that we use:
This is personal data that you directly supply to TomTom, such as your name and email address when you create a TomTom account, your home address and favorite locations that you synchronize between devices, reported feedback about speed cameras or map errors, your age and phone number.
Many TomTom products are equipped with sensors or use device sensors such as GPS receivers, Wi-Fi or Bluetooth, camera, microphone, G-force and heart-rate sensors and touch screens. These sensors automatically collect data when activated. Depending on the purpose, this data may be initially linked to other data that identifies you or your device.
While you use our websites, products and services, metadata gets automatically collected or generated as a result of you using a device, transmitting your data over a network or requesting a specific service such as TomTom Traffic. This data could contain information about your technical configuration, device settings, user interface and other events related to your usage, and can be linked to other details such as IP-addresses, unique identifiers, cookies and other records of your activities.
Our clients, such as car manufacturers, could share data with TomTom that they have collected under their responsibility and in accordance with their privacy policies. We only use that data within the limits instructed by these parties, while adhering to contractual arrangements.
You can help TomTom keep our products and services secure, have them perform as expected and improve the quality and user experience by sharing data on how and when you use our apps, products and services. This includes information about your device, operating software and information we receive when you use certain features such as locations, route planning, destinations and search.
We categorize our users based on aggregated information such as frequency of use, specific features, region information (e.g. country and city), product and device information. Our analysis does not contain individual location information or information that you have entered but may include information that identifies your device, such as a hashed identifier. You can stop sending this information at any time by adjusting the product settings to withdraw your permission. Some TomTom products such as AmiGo ask your approval to collect your journey information for a longer period to analyze patterns and behavior. More details are available in the product privacy settings and in the DRIVE section.
TomTom applies security methods based on industry standards to protect your data against unauthorized access. We will not give anyone else other than our service providers access to the information subject to contractual safeguards and we don’t use it for any other purpose than communicated to you unless we have been lawfully ordered to do so.
You can create your TomTom account when using our navigation devices or apps. For this we need some minimum details about you:
When you set up a TomTom navigation device, download one of our apps or create a TomTom account, we need minimum information to enable you to use features safely and properly. The first time we need access to your location information, you will see a notification asking for your permission to share this data with TomTom for specific purposes. We also ask your permission before we use your journey information to improve the user experience. We only synchronize certain information between apps and devices after we have your authorization. You can easily change your permissions in the settings of your device, app or via your TomTom account. Withdrawing your consent could mean that some services are no longer available.
In some cases, we process your data beyond legitimate interests to better manage our products and services – helping keep them working as expected, keep them secure, and improve the customer experience by looking at how and when you use them. This processing is subject to appropriate measures to protect your identity in accordance with industry practices, taking into consideration the risk represented by the processing and the nature of the data being protected. We have taken appropriate steps to address security, risk of data loss and other risks taking into consideration the nature of the data, the kind of processing activities and assigned responsibilities to address security and privacy related matters.
You can access your personal data, obtain a copy, have incomplete, incorrect, unnecessary or outdated data updated or request that your data will be deleted. You have the right to object to or restrict processing in certain circumstances, such as when you believe the data is inaccurate or the processing activity is unlawful. To execute your access and deletion rights, you can contact TomTom via our dedicated GDPR support page on tomtom.com or your TomTom account. For other requests, you can contact us directly using the contact details on our website. Some TomTom product accounts give you the option to directly access or delete your data, for instance it’s possible to download and delete road trip information that we hold via MyDrive.tomtom.com.
We don’t sell or disclose your personal data to other parties unless otherwise stated below.
TomTom only shares your information with TomTom affiliates that are responsible for services and products and with other parties when necessary, such as our IT cloud service providers (for example Microsoft and AWS) and other service providers such as logistics partners, payment service providers and repair centers that keep your data secure. We have contracts in place with third parties to process your data only for authorized purposes to deliver certain services that require them to act consistently with these arrangements and to use appropriate security measures to protect your personal data.
Be aware that your device’s operating system, other apps running on your device or the communication networks collect, transmit and store your personal and location information. TomTom has no influence over this. For more details you can check the statement and settings from your mobile operator, device manufacturer and other app developers. When you share your information directly with a third party, for example posting details on social media, the third party will process that information in accordance with its own privacy policies. Our product privacy settings contain more information on embedded third-party services, you can check these for more details.
We promise not to give anyone else access to your information unless we have a compulsory legal obligation to do so, for example when we are obliged by applicable law to disclose your information to governments, competent authorities and law enforcement agencies or to defend TomTom’s legitimate interests in legal proceedings.
By default, we store your information in the European Economic Area (EEA). In limited cases, your personal data may be transferred to countries outside the EEA with different regulations on data protection. In those cases, we assess that your privacy is protected in the best way possible and that an adequate level of data protection is met, for example through an official adequacy decision or appropriate safeguards with standard contractual clauses subject to additional risks assessments. You may contact TomTom for more information about data transfers and safeguards.
We don’t save and use your information longer than necessary. We delete all data related to you afterwards. In some cases, we continue to use anonymous or de-identified information, when specific data is needed for further analyses, product improvements and reports. The length of time that we retain personal data and criteria for determining that time, are dependent on the nature of the personal data, our legal obligations and the purpose for which it was provided.
You can contact TomTom’s Data Protection Officer at:
TomTom International B.V.
Privacy Office / DPO
De Ruijterkade 154
1011 AC Amsterdam
If you’re not satisfied, you can also contact the Dutch Privacy Authority.
TomTom International B.V., De Ruijterkade 154, 1011 AC Amsterdam, the Netherlands is responsible for your personal data in relation to TomTom products and services. TomTom affiliates providing specific products or services may be (joint) controller or (sub) data processor of your data. You can find more information about these affiliates in the product legal terms and conditions available through the product settings or our website.