DATA PRIVACY

The protection of your personal data has a high priority at Delft University of Technology. Personal data includes any information relating to an identified or identifiable natural person. With this data protection information, we inform you about the type, scope and purpose of collected personal data at Delft University of Technology in connection with the EuroCity Persons (ECP) dataset and how we deal with this data. In addition, you will learn about your rights regarding the processing of your personal data. The following information applies to all natural persons whose personal data are saved and processed in connection with the ECP dataset.

 

1. Who is responsible for processing my data and who can I contact with regards to data protection?

Responsible for the processing of personal data related to the ECP dataset is the following:
Department of Cognitive Robotics

Faculty of Mechanical, Maritime and Materials Engineering (3mE)
Delft University of Technology

Mekelweg 2, 2628 CD Delft, The Netherlands

 

The contact information of the Data Protection Officer at Delft University of Technology is the following:

Data Protection Officer

Delft University of Technology

2628 CD Delft, The Netherlands

2. Where is my data derived from and which data is processed?

In accordance with the data protection principles, personal data ("data") is only to be processed to the extent the data is required and allowed due to applicable legal requirements or due to legal obligations.  Unless otherwise specified by the following, the terms "process" and "processing" comprise particularly the collection, the usage, storage, disclosure and transfer of personal data (see Article 4 Nr. 2 of the EU Data Protection Regulation).

 

We process data recorded from a vehicle driven through traffic in various European cities as described in the publication: “The EuroCity Persons Dataset: A Novel Benchmark for Object Detection”, IEEE Transactions on Pattern Analysis and Machine Intelligence, 2019 (available from https://ieeexplore.ieee.org/document/8634919). This data is derived from various sensors aboard the vehicle: video, radar, LiDAR, GNSS/INS and proprioceptive vehicle sensors.  It furthermore consists of human annotations added in a post-process (e.g. the location of road users in sensor data and with respect to the recording vehicle). This data is referred to as “sensor-related ECP data” in the remainder. The sensor-related ECP data does not contain identified individuals (names, addresses, or similar) but it does contain identifiable individuals as far as image data is concerned showing identifiable faces and license plates.  

 

Furthermore, we process data such as full name, affiliation, email address, affiliation, meta-data, analytical, diagnostic and technical data, and usage statistics concerning or arising from your use of the ECP Dataset. This data is referred to as “administration-related ECP data” in the remainder.

Sensor-related and administration-related ECP data is jointly referred to as “ECP data” or “ECP dataset” in the remainder.  

 

 

3. What is my data used for (purpose of processing) and what is the legal basis?

The sensor-related ECP data was collected and is processed in order to perform and facilitate research in the area of environment perception for self-driving vehicles, mobile robotics and intelligent transportation systems. Specifically, the purpose is to advance the development of methods for

 

·       establishing the spatiotemporal structure of the traffic environment,

·       detecting the various road users (e.g. pedestrians, cyclists, mopeds, motorcycles, cars, busses, trucks) and elements of the traffic infrastructure (e.g. lanes, road markings, lights, signs, poles),

·       extracting attribute information that is indicative of how a traffic situation will evolve (e.g. phase of traffic light, the pose of a pedestrian), and

·       traffic situation assessment, in particular estimating collision risk

 

using the vehicle-based sensors and possible prior knowledge (e.g. map information). As part of this research, no individual in the traffic scene shall be identified (by name, address, or similar).

 

It should be noted that typical privacy enhancing (anonymization) measures such as blurring or masking of the relevant image regions are not feasible, as it would introduce a bias in the image data, which would unduly and negatively affect the performance of machine learning methods used in the purpose of processing, when faced with the case of observing a real physical scene, where such image bias would not be present.  

 

The legal basis for sensor-related ECP data processing is to perform a research task in the legitimate interest of the Delft University of Technology: to advance science and technology, especially with respect to safety, comfort and efficiency of transportation.

 

The administration-related ECP data is collected in order to provide the functionality of and improvement of the ECP Dataset, for product development and marketing purposes, to protect against spam and malware, and for verifying License compliance. The legal basis for administration-related ECP data processing is provided by user consent.  

 

4. Is my data forwarded?

The sensor-related ECP data is made available to qualified researchers at established academic and non-profit scientific organizations for non-commercial, research use (e.g. benchmarking). The permission to access and process the data is made contingent on, among others, adherence to the EU General Data Protection Regulation (GDPR), as specified in a license agreement whose signing is required prior to the use of the sensor-related ECP dataset.   

The administration-related ECP data is not forwarded to other parties and remains with the Delft University of Technology; it is also governed by the EU GDPR.  

5. How long are my data stored?

 

The Dutch Code of Conduct for Academic Practice requires that all research data are stored for at least ten years.

The sensor-related ECP data is stored for an initial period of ten years at Delft University of Technology. After this initial period, an assessment will be made whether the sensor-related ECP data is still being useful for the before-mentioned purpose of processing. The usefulness will be assessed by the number of publications that cite the ECP dataset and/or by the number of submissions to the ECP evaluation server. In case the assessment shows the ECP data is still useful for the before-mentioned purpose of processing, the storage period will be extended by another ten years, at point which the usefulness assessment and extension cycle can be repeated. In case the assessment shows that ECP data is not useful anymore for the before-mentioned purpose of processing, all outstanding licenses will immediately be terminated, and the ECP dataset will be deleted from storage at Delft University of Technology.

The personal data of a certain user in the administration-related ECP data is stored for a maximum of ten years, or until the user revokes consent by contacting the entity responsible for the processing of personal ECP data (see section1), whatever time period is shorter.

6. How is my data stored?

 

The ECP Dataset is stored on webservers of the Delft University of Technology. Appropriate measures for physical and electronical (e.g. password protection, encryption) access control for the ECP Dataset have been implemented.

 

7. What rights do I have vis-à-vis Delft University of Technology?

 

With respect to your personal data you have following rights to claim:

·       Right on information: You have the right on information on your stored data with us, especially for what purpose, and how long the data is stored (Article 15 GDPR).

·       Right to correct incorrect data: You have the right to ask for immediate correction of your incorrectly stored personal data (Article 16 GDPR).

·       Right to delete: You have the right to ask for the deletion of your personal data. These requirements foresee that you may ask for deletion of your personal data in case we do not need the data anymore for the purpose the data has been collected or processed in the first place. You may also ask for deletion in case we have processed your data unlawfully or in case you have legitimately contradicted to the storage and process of your data or in case there is a legal obligation for the deletion of your data (Article 17 GDPR).

·       Right to restrict processing: You have the right to ask for a restriction on the processing of your data. This right is particularly valid for the duration of the assessment in case of your claimed doubt of the correctness of your data and in case you wish a restricted processing of your data when you have the right on deletion of your data. Furthermore, a restriction of the processing of your data takes place, although the data is no longer required for the pursued purposes, in the case that you require the data to assert, exercise or defend legal rights as well as when the successful exercise of objection between you and us is in dispute (Article 18 GDPR).

·       Right to data portability: You have the right to receive the personal data provided by you to us in a structured, common, machine-readable format (Article 20 GDPR), if they have not yet been deleted.

·       Right to oppose: You have the right to object to the processing of personal data for reasons derived from your particular situation at any time (Article 21 GDPR). We will stop the processing of your personal data, unless we can prove compelling reasons for further processing which outweigh your interests, rights and freedoms, or if the processing pursues the assertion, exercise or defence of legal rights.

 

If you want to object to the use of your personal ECP data, please contact the entity responsible for the processing of personal data related to the ECP dataset, as specified under section1.