KINTO Go Privacy Policy
(art. 13 of EU Regulation 679/16)

Dear Customer,
The companies Toyota Financial Services Italia S.p.A. (TFSI) and Toyota Financial Services Corporation (TFSC) wish to inform you that they have entered into a specific arrangement (Joint Controllership Agreement) in order to define the respective roles and responsibilities for the provision of the services accessible through the mobile application called KINTO Go ("KINTO Go" or "App").
The essence of the Joint Controllership Agreement shall be made available to you, by sending a request to the contacts provided below.
In the present document (Privacy Policy), Toyota Financial Services Italia S.p.A (TFSI) and Toyota Financial Services Corporation (TFSC) intend to provide you with all information required by Art. 13 of the General Data Protection Regulation 679/2016 ("EU Regulation" or "GDPR") regarding the processing of personal data (like your name, your e-mail address) on KINTO Go.
This Privacy Policy concerns the processing of personal data directly provided by you using the services accessible through KINTO Go and does not concern any information collected through other methods and sources, unless expressly specified.

A. Contact details of the Data Controllers.

According to Art. 26 of the GDPR, the purposes and the means of the processing hereinafter described, are jointly determined by the following companies (together, "Joint Controllers"):

1. Toyota Financial Services Italia S.p.A. (TFSI);
2. Toyota Financial Services Corporation (TFSC).

The Joint Controllers have agreed that the public contact point for the use of KINTO Go in the Italian territory shall be Toyota Financial Services Italia S.p.A (TFSI).
For any clarification or request regarding the processing of your Personal Data it is possible to contact TFSI to the following numbers, e-mail addresses and address

• Telephone: +39 06 548981
• E-mail: assistenzaclienti@it.toyota-fs.com
• PEC: tfsitaliaspa@legalmail.it
• Address: Toyota Financial Services Italia S.p.A.; Via Kiiciro Toyoda, 2, 00148, Roma, RM, Italia

TFSI has nominated a Data Protection Officer ("DPO"), that can be contacted for any clarification or request regarding the processing of your Personal Data. You can request the DPO contact details sending an e-mail to the above-mentioned contacts.

B. Nature and source of collected data.

Some information which allows, directly or indirectly, your identification ("Personal Data"), shall be collected in order to allow you to register and use KINTO Go.
Particularly, KINTO Go shall require the following categories of Personal Data which are necessary to the registration (Necessary Data):

• Biographical Data: name, surname.
• Contact details: e-mail address and phone number.

Moreover, other Personal Data may be required in order to allow you to personalise your profile (Optional Data):

• Home Address.
• Date of birth.
• Tax code.
• Profile image.
• Car numberplate.

The provision of the Personal Data listed above is optional, however, in case of failure to provide the Necessary Data the Joint Controllers shall not be able to create your account and provide the services.
The failure to provide the Optional Data shall not preclude the creation of the account and the use of the services, but in some cases the insertion of further information may be required in order to access additional services. Car numberplate, for example, shall be required in order to access and use parking payment services. Without the provision of it, the access to parking payment features shall be precluded.

C. Purposes and legal basis for the data processing.

The Personal Data provided shall be processed to achieve the following purposes:

1. In order to create your account and to provide the service described in the Terms & Conditions.The legal basis for this processing is, according to Art. 6, par. 1, letter b) of GDPR, the correct performance of all the pre-contractual and contractual activities in order to provide the services. For this processing only the failure to provide the Necessary Data shall lead to the impossibility to create an account and provide the contracted service.
2. In order to respect any legal requirement to which the Joint Controllers are subjected as well as to respond to possible and legally binding requirements of Public Authorities. The legal basis for this processing is, according to Art. 6, par. 1, letter c) of GDPR, the need to comply with the legal obligation to which the Joint Controllers are subjected.
3. With the purpose to contact you by electronic means (telephone, e-mail), in order to send you promotional communications about products and services of TFSI, similar or different from those required by you. The legal basis for this processing is, according to Art. 6, par. 1, letter a) of GDPR, your express consent.
4. Your Personal Data may be communicated to companies of the Toyota Group (Toyota Motor Italia S.p.A.; KINTO Italia S.p.A.; Toyota Insurance Management SE/Aioi Nissay Dowa Insurance Company of Europe SE) in order to send you commercial communications about Toyota, Lexus and KINTO products and services. The legal basis for this processing is, according to Art. 6, par. 1, letter a) of GDPR, your express consent.

For the processing under lett. c and d above, if you decide not to provide your consent, no process of personal data will be carried out. The refusal to provide the consent will have no consequence on the subscription and execution of the contract between you and the Joint Controllers, nor will there be any negative consequence against you.
Moreover, the consent provided may be withdrawn at any time as easily as it was given. The withdrawal of consent shall not affect, in any case, the lawfulness of the processing carried out until that moment.

Categories of personal data	Personal Data	Processing purpose	Legal Basis for the processing purpose
User Data (Necessary Data)	Name	To register to KINTO Go and provide the services.	Art. 6, par. 2, let. B) Performance of a contract
	Surname
	Email Address
	Phone Number
User Data (Optional Data)	Home Address	To personalise the User's KINTO Go profile.	Art. 6, par. 2, let. B) Performance of a contract
	Date of birth
	Profile image
	Tax code
	Car numberplate	To provide parking services.
User Data (Contact details)	Email Address	- Marketing purposes. - Communication to companies of the Toyota Group for marketing purposes.	Art. 6, par. 2, let. A) Consent
	Phone Number

D. Global KINTO ID.

The Joint Controllers allow you to access the KINTO Go Services also from foreign Countries*.
In order to achieve the above purpose, the Personal Data provided shall be stored in the KINTO Italy User Pool, owned by the Joint Controllers and dedicated to the storage of users' Personal Data.
In addition, for the correct provision of the KINTO Go Services, your Personal Data shall be duplicated and stored, along with service usage data, in the KINTO Go Italy database. Optional Data required to personalise the profile, as explained in Section B above, shall only be stored in the KINTO Go Italy database.
Your account shall be automatically authenticated through the Global KINTO ID Platform - which is an authorisation system for account verification - and shall not require any further action from you.
In case you do not wish to proceed with the authentication through the Global KINTO ID Platform, you will not be able to register and access the KINTO Go services.
For further information on the use of the KINTO Go services from foreign Countries, you may consult the KINTO Go Terms and Conditions, available in the app.

*The list of Countries from which the KINTO Go services will be accessible, shall be kept up to date from time to time by the Joint Controllers.
You may always have the right to request a copy of this list to the contacts provided in Section A.

E. KINTO Go Services List.

After the registration to KINTO Go, you will be able to use following services (KINTO Go Services):

• Privative e-wallet for easy payments.
• Searching travel solutions and purchasing travel tickets.
• Parking area identification and hourly rate payment.
• Searching and paying for Taxis.
• Searching and reaching events.

The provision of all the services listed above is subject to the acceptance of this Privacy Policy and to the acceptance of the Terms & Conditions.

F. Data Processing and Retention.

In relation to the above-mentioned processing purposes, the collection, processing, and storage of your Personal Data will be performed through telematic, manual and computer tools, suitable for storing, organising and selecting data and to allow consultation, extraction and comparison, with logic strictly related to the aims – and in any case with the aim - to ensure the security and confidentiality of data, in accordance with the applicable privacy laws.
Your Personal Data shall be retained in computer archives, as long as it is necessary to achieve the purpose for which personal data was collected and until your request for account closure.
After the account closure request, Personal Data shall be cancelled within 30 days from the request for the accounts that did not make any purchases in KINTO Go, whereas Personal Data will be stored for tax and accounting purposes in accordance with the terms provided by law for accounts that have made purchases in the aforementioned platform.
With regard to your contact details used for commercial purposes, as stated in point c and d, data storage will be limited in any case to a period of 24 months from the collection or until the withdrawal of your consent, unless a different retention period is required by applicable legislative or regulatory requirements.
After this period data will be used only anonymously and for purely statistical, analytical and historical purposes.
Lastly, your Personal Data will be processed by authorised and properly instructed subjects in the field of privacy protection, with the use of security measures, inter alia, to ensure: (i) the confidentiality of your personal data; (ii) the security of your Personal Data, for example preventing access to unauthorised parties.
The Joint Controllers adopt physical, electronic and organisational measures to ensure the security and accuracy of the Personal Data collected, including the limitation of the number of persons who physically can access the servers that contain the Company's database, as well as electronic security systems and password protection that defend against unauthorised access.

G. Communication and transfer of data to third parties.

The Personal Data provided by you for the purposes indicated in this Privacy Policy may be, where necessary, communicated to:

• Companies connected, controlled, controlling, affiliated or in any way related to the Joint Controllers.
• Companies providing services, including IT service providers (computer systems, cloud platforms, etc.), which the Joint Controllers has instructed for the correct provision of the KINTO Go Services.
  • The companies Pluservice Srl and myCicero Srl (the "Providers") shall act as Data Processors for all the activities necessary for the management of KINTO Go and the KINTO Go Italy database (based in Italy), for the resolution of problems requiring the specific know-how of that Providers and a specific IT infrastructure that cannot be internally repeated. The hosting of the platform and the elaboration of the related processes to the supply, the operation, and the update of the technology software in order to support the platform and to detect the performances of the service shall also be outsourced to the Providers.
    In addition, the Providers supply the functionalities that allow charging the electronic wallet and the payment of services purchased (i.e. tickets and parking), through the payment platform Stripe, and provide a customer service to support the use of KINTO Go. Stripe Inc. acts as independent Data Controller for the processing of payments and the Personal Data it processes shall not be accessible to the Joint Controllers, nor to the Providers, in any way and for any purpose. For more information on the processing carried out by the Providers and Stripe, please refer to the Privacy Policies corresponding to the services offered.
  • In order to allow the use of the Global KINTO ID Platform, your Personal Data shall be stored into the KINTO Italy User Pool which is a dedicated database, provided and managed by Amazon Web Services Inc. ("AWS"), and based in Frankfurt. The services of the Global KINTO ID Platform are provided through AWS Cognito, which entails a system for authentication, verification and access control for all users' accounts.
• Possible subjects outside the organisation of the Joint Controllers (external consultants; national and supranational authorities and public bodies) with which precise agreements have been reached on the measures to be taken to ensure the security of the data entrusted to them. In any case, the data will be processed exclusively for the purposes indicated above.

The subjects listed above may process your Personal Data both as Data Processors, as independent Data Controllers, and as Joint Controllers, as appropriate.
The Data Processors to whom the Joint Controllers delegate further processing operations have been carefully selected in order to ensure the protection of your rights and the protection of your Personal Data.
A complete list of the subjects to which, for various reasons and for the purposes indicated above, the Joint Controllers may communicate your Personal Data, may in any case be requested by you without formalities to TFSI.

H. Data transfer to a third country or international organisation.

The Joint Controllers will not transfer your Personal Data to a third country or an international organisation.
For the purpose of allowing you to use the KINTO Go services from foreign Countries, the Joint Controllers inform you that the processing activities shall be carried out within the European Union (EU) and/or the European Economic Area (EEA).
In cases in which a Personal Data transfer should be required, the Joint Controllers shall ensure that any transfer of your Personal Data to third countries or international organisation is carried out in accordance with the provisions of Chapter V of the GDPR and, particularly shall guarantee that one of the appropriate safeguards listed in art. 45 to 49 of the GDPR is in place

I. Your rights.

The rights exercisable by you in relation to the processing of your Personal Data are those provided by art. 15 to 22 of GDPR:

1. the right to obtain from the Joint Controllers confirmation whether or not your Personal Data is being processed, as well as information on the processing operations actually carried out ("Right of access");
2. the right to obtain from the Joint Controllers the rectification of inaccurate Personal Data ("Right of rectification");
3. the right to obtain from the Joint Controllers the deletion of Personal Data that are no longer necessary for the purposes pursued, those for which you have withdrawn your consent to the processing, those for which you have exercised the right to object, of those wrongly treated, or of those that must be deleted in order to fulfil a legal obligation ("Right to cancellation");
4. the right to obtain from the Joint Controllers the restriction of processing with reference to Personal Data whose accuracy is contested; to Personal Data processed unlawfully for which you oppose the cancellation; to Personal Data no longer necessary in relation to the purposes of the collection, but necessary for you to ascertain, exercise or defend a right in court; to Personal Data in relation to which you have exercised the right of opposition, pending the verification regarding the possible prevalence of the legitimate interest of the Joint Controllers ("Right to restriction of processing");
5. the right to obtain from the Joint Controllers, where technically feasible, communication to you or directly to another data controller of your Personal Data, in a commonly used IT format, limited to the Personal Data processed on the basis of consent or the execution of a contract ("Right to data portability");
6. the right to object to the processing of Personal Data by the Joint Controllers whose processing is based on the legal foundation of the Data Controllers' legitimate interest, as well as to the processing of Personal Data for direct marketing purposes ("Right to object"). The above rights may be exercised by sending a written request or by e-mail to TFSI, using the contacts provided in point A of this statement. The Joint Controllers, in compliance with current legislation, will respond without undue delay. Without prejudice to any other administrative or judicial remedy, if you consider that the processing of personal data concerning you infringes the Regulation, you have the right to lodge a complaint with the supervisory authority of the Member State in which you are habitually resident or working, or the State in which the alleged infringement occurred. For Italy the competent authority is the Guarantor for the Protection of Personal Data (in Italian: Garante per la Protezione dei Dati Personali), at which can be lodged complaint following the instructions available at the following address (in Italian): www.garanteprivacy.it.
   
   

   J. Data deletion.

   In the event that you request the definitive deletion of your Personal Data, for the reasons described in the previous point, the Joint Controllers have provided, in accordance with internal procedures, that the deadline for cancellation is 30 days from the receipt of the request of the interested party. This right cannot be exercised in the event of conflicting legal obligations.
   
   

   K. Modification of the present Privacy Policy.

   Any changes to the content of this information will be disclosed to you, alternatively, through individual communications, through updates on the KINTO Go website www.kinto-mobility.it/kinto-go or directly in the App.