Audi treats data protection as a high priority. Audi fully complies with the respective national laws governing personal data, data protection and privacy rights. The brand follows clear principles when handling the personal data of its customers:
Audi collects, saves, transfers and uses personal data exclusively in accordance with the statutory regulations. If the use of personal data will extend beyond a specific contractual arrangement or other statutory permission, the consent of the customer for the purpose in question is obtained. Personal data is fundamentally only used for the specific purposes for which it was originally collected and within the scope of the use or usage requirement specified by the customer. Services are not contingent upon consent by the customer to use data for purposes such as advertising, for example.
All data used with the consent of the customer are anonymized prior to transfer to the Audi IT server and analysis. The customer can delete infotainment data at any time.
Audi uses anonymized or pseudonymized data whenever possible unless the collection, processing and use of personal data is required in the pursuit of a legitimate objective. [Example?]
Audi informs customers in a suitable manner of how their personal data is used. This includes in particular which data are collected and processed, for what purpose the data is used and whether data is sent to third parties.
Transparency also includes informing the customer what personal data about them is held by Audi. The German Data Secrecy Act covers personal data.
Audi uses state-of-the-art technical and administrative protective measures, and today makes targeted use of recognized and tested embedded security mechanisms and standards to protect data against, in particular, unauthorized access, processing or transmission, loss, modification or destruction. Security mechanisms undergo continuous development as part of the development of new functions in order to both comply with the latest data protection requirements and to ensure the associated security of data in the vehicle by means of state-of-the-art technical and administrative measures.
Transmission of data with Audi connect safety & service
Vehicles equipped with Audi connect safety & service send the following vehicle data to the Audi Emergency Call Center in the event of an accident or a manually initiated emergency call: GPS coordinates, the direction of travel and the number of occupants. In the case of an online roadside assistance call or when making an online appointment for service, the car sends service-relevant technical condition data to the service partner chosen by the customer. Should the customer no longer wish to use the emergency call service, he or she can have the function deactivated by the service partner.
The transmission of a car’s GPS-based position data by Audi to the online traffic data service provider is performed anonymously if the driver of the vehicle has activated online traffic information in his or her navigation system and is receiving this information. If the driver turns off the service, however, the car no longer sends any position data to the service provider. The position data are encrypted and absolutely cannot be associated with a specific car or user.
Encryption between vehicle and cloud
The protection of the vehicle- and back-end infrastructure as well as secure transmission are essential to Audi. Audi uses encryption methods such as those used in online banking for the connection between both the car and the smartphone to the Audi back-end. The data are also encrypted for storage on the Audi servers. Accessing of the data for administrative purposes is traceably documented. For the customer account on the myAudi platform, password guidelines that meet the current security standard are used. The online connection to the myAudi platform is always encrypted.
For remote control via the Audi connect services, Audi attaches maximum importance to data security. Communication never passes directly between the smartphone and the car; there is always the firewall of a secure Audi server in between. For the vehicle status report, the car sends the latest data to the Audi server, where the customer can access it at any time by encrypted transfer to their smartphone. An extra PIN must be input via the smartphone to enable the remote actions to be carried out.