Data sharing - Privacy policy

Information of the processing of personal data

Identification of the data controller

The personal data collected is subject to processing for which the data controllers are: 

• The fleet management company (which may be the employer of the persons concerned) for the management of its fleet of heavy goods vehicles. (hereinafter referred to as the "Client")

• The Manufacture Française des Pneumatiques Michelin for the improvement of the Michelin Group's products and services. (Hereinafter referred to as "MFPM")

Purposes and legal bases of processing

The processing of this data aims to improve the products and services offered to customers, in particular by optimising the use of tyres, developing new ranges and innovating through artificial intelligence. The aim is also to prevent maintenance, optimise the product life cycle, extend tyre life and reduce fuel consumption, helping to reduce CO2 emissions. The processing is based on the legitimate interest of the data controller.

An analysis to assess the legitimate interest of the data controller was carried out according to criteria of purpose, necessity and balancing of the interests of the data subject.

Additional information in the context of personal data not collected directly by MFPM

Category of data that may be transmitted to MFPM:

• Identification data (VIN or vehicle registration number)

• Tyre data (CAI, serial number, tyre fitting according to vehicle position, tyre event (date of fitting, dismounting, regrooving), tyre wear level (sidewall condition, damage, pressure reading))

• Vehicle journey data (odometrical information, distance travelled in an aggregated manner on the scale of a journey, fuel consumption, GPS location and timestamp to identify the route taken and calculate indicators on this route, particularly according to the weather)

Source from which the personal data is obtained:

• The Client

• Michelin Group companies having a commercial relationship with the Client

Recipients or categories of recipients

The data may be communicated as necessary and with regard to the purposes mentioned above, to the entities of the Michelin Group as well as to subcontractors and service providers, within the limits necessary of the tasks incumbent upon them or entrusted to them. In addition, in order to comply with legal and regulatory obligations, the MFPM may communicate personal data to legally authorised administrative and judicial authorities only upon request under the conditions provided for by the applicable regulations.

Security measures 

To ensure the protection of personal data, the MFPM has implemented a set of rigorously developed security measures. Among these, strong pseudonymization. This method consists of substituting personally identifiable data with pseudonyms, thus making the information incomprehensible without the use of an additional key. In addition to pseudonymization, advanced encryption protocols are applied to data in transit and at rest, while robust firewalls protect systems from unauthorized access. Regular audits and continuous training programs for employees reinforce these measures, thus ensuring an optimal level of security for the personal data processed.

Location of your data processing

The MFPM's data centers are in the Netherlands and Ireland. External processing by partners is closely monitored for location, security, and personal data protection to ensure optimal safeguards.

Processing outside the European Economic Area involves infrastructure supervision activities such as monitoring IT platforms, ensuring solution operability, and managing backups. These activities are primarily conducted by MFPM's IT partners and software providers. Processing from third countries follows a legal framework, including Standard Contractual Clauses and Binding Corporate Rules. Requests for these documents can be made in writing to MFPM's Protection Officer at privacy[.]fr[@]michelin[.]com.

The MFPM may share personal data with service providers, subcontractors, business partners, and other Michelin Group entities, as needed for their tasks and in accordance with regulations.

Retention period

Personal data is retained for the time required to fulfill the contract, considering legal limitation periods and compliance with legal and regulatory retention requirements. Upon conclusion of the contract between Michelin Group companies and the Customer, the data will be anonymized, making individual identification impossible.

Exercising rights

Data subjects have the following rights under the regulations:

• Right of access: Review and request full communication of their personal data.

• Right to rectification: Request correction of personal data, especially after a change in situation.

• Right to erasure: Request deletion of personal data when no longer necessary, unless there is another legal basis for processing.

• Right to restriction of processing: Request restriction of processing of personal data under regulatory conditions.

• Right to object: Object to the processing of personal data by emailing mobilityasset_support[@]michelin[.]com with vehicle registration details if the person is or was the driver.

The exercise of these rights will be subject to the personal data held by the data controller. To exercise your rights with the MFPM, you will have to send an electronic request to:

mobilityasset_support[@]michelin[.]com

Right to lodge a complaint

Data subjects can also file a complaint with their country's personal data protection authority.

Contact details of the personal data protection officer

For data processing requests by the MFPM, contact the Personal Data Protection Officer. 

By post:

Data Protection Officer

French Manufacture of Michelin Tyres

HORIZONS Tower - Floor 11

30 Cours de l'Île Seguin

92100 Boulogne Billancourt - France

By e-mail:

Privacy[.]fr [@]michelin[.]com