This Vehicle Data Privacy Policy describes how Tensor Auto FZE ("Tensor," "we," "us," or "our") collects, uses, stores, and shares data generated by or collected through your Tensor Robocar autonomous electric vehicle ("Vehicle"). This policy supplements our general Privacy Policy (available at https://tensor.auto/privacy) and provides specific detail about the data practices associated with the Vehicle's onboard systems, sensors, cameras, and connectivity features.

The Tensor Robocar is designed as an autonomous electric vehicle equipped with a comprehensive array of cameras, radar units, LiDAR sensors, ultrasonic sensors, and other advanced hardware that enable autonomous driving, active safety, and connected vehicle services. Because of the nature of autonomous driving technology, your Vehicle collects and processes significant amounts of data from its environment and operations. We are committed to being transparent about what data we collect, why we collect it, and how you can exercise control over your data.

This policy applies to all owners, lessees, and authorized drivers of Tensor Robocar vehicles, as well as passengers who interact with in-vehicle systems. It covers data processing in compliance with the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection ("UAE PDPL") and all other applicable data protection laws.

We collect and process vehicle data for the following purposes:

2.1 Safety and Emergency Services

The primary purpose of vehicle data collection is to ensure the safe operation of the Vehicle and the protection of its occupants, other road users, and the public. Specific safety applications include:

• Autonomous driving decisions: Real-time sensor and camera data is continuously processed by the onboard autonomous driving computer to perceive the environment, predict the behavior of other road users, plan safe trajectories, and execute driving maneuvers. This processing occurs locally on the Vehicle and is essential for safe autonomous operation.
• Emergency Call (eCall): In the event of a serious collision, the Vehicle may automatically transmit its location, vehicle identification, and crash severity data to emergency services. This functionality may be legally mandated and cannot be disabled.
• Safety event recording: The event data recorder captures data surrounding safety-critical events for post-incident investigation, regulatory reporting, and safety improvement.
• Driver monitoring: Interior camera and sensor data is used to detect driver inattention, drowsiness, or incapacitation and to issue timely warnings or initiate safe stop maneuvers.

2.2 Autonomous Driving Improvement

Tensor is committed to continuously improving the safety and capability of the Robocar's autonomous driving system. With your consent, we use vehicle data to:

• Train and validate autonomous driving models: Camera imagery, LiDAR point clouds, radar data, and driving telemetry from the fleet are used to train machine learning models that improve object detection, prediction, and decision-making. Data used for model training is de-identified to the extent practicable.
• Identify edge cases: We analyze events where the autonomous driving system performed suboptimally, issued warnings, or required driver intervention to identify areas for improvement.
• Validate software updates: Before deploying autonomous driving software updates to the fleet, we use collected data to simulate and validate performance improvements in a wide range of driving scenarios.
• Map updates: Aggregated driving data from the fleet is used to detect changes in road infrastructure, construction zones, and traffic patterns to keep high-definition maps current.

You may opt out of contributing data for autonomous driving improvement by disabling the "Fleet Learning" setting in your Vehicle's privacy settings. Opting out will not affect the safety or basic functionality of your Vehicle's autonomous driving system.

2.3 Over-the-Air (OTA) Updates

The Vehicle receives software updates over the air to improve performance, add new features, enhance safety, and fix bugs. Vehicle data is used to:

• Determine which software version is currently installed on your Vehicle.
• Assess compatibility and readiness for pending updates (e.g., sufficient battery charge, network connectivity, vehicle parked).
• Monitor update installation progress and verify successful completion.
• Diagnose and remediate failed update installations.

OTA update functionality is a core component of the Vehicle's connected services and is necessary for ongoing vehicle safety and compliance. Certain safety-critical updates may be installed automatically and cannot be deferred.

2.4 Connected Vehicle Services

Vehicle data enables a range of connected services that enhance your ownership experience:

• Remote vehicle monitoring: View your Vehicle's location, battery status, charging progress, and climate state through the Tensor mobile application.
• Remote commands: Lock or unlock doors, pre-condition the cabin temperature, activate the horn or lights, and summon the Vehicle from a parking space using the mobile application.
• Navigation services: Cloud-connected navigation with real-time traffic, point-of-interest search, route optimization, and automatic charging stop planning for long trips.
• Maintenance alerts: Proactive notifications about recommended maintenance based on vehicle diagnostics, such as tire rotation, brake pad replacement, or software updates.
• Charging network integration: Seamless authentication and payment at partner charging networks.

2.5 Warranty, Service, and Diagnostics

We use diagnostic and performance data to:

• Provide remote diagnostic support and identify potential issues before they result in a breakdown.
• Prepare service appointments by pre-diagnosing reported issues using Vehicle telemetry.
• Process warranty claims by verifying the nature and cause of reported faults.
• Monitor component performance trends across the fleet to identify and address potential quality issues proactively, including safety recalls.

2.6 Legal and Regulatory Compliance

We may process vehicle data as required by law, including:

• Responding to lawful requests from law enforcement agencies, courts, and regulatory authorities.
• Complying with vehicle safety reporting requirements, recall obligations, and emissions regulations.
• Cooperating with accident investigation authorities.
• Complying with insurance telematics requirements where applicable and authorized by you.

The Tensor Robocar collects and processes the following categories of data through its onboard systems:

1.1 Camera and Vision Data

Your Vehicle is equipped with multiple exterior and interior cameras that are integral to the autonomous driving system, parking assistance, security monitoring, and driver/occupant monitoring functions.

Exterior Cameras: The Robocar is equipped with [number] exterior cameras providing a 360-degree view of the Vehicle's surroundings. These cameras capture continuous video data used for real-time autonomous driving decisions, including object detection, lane recognition, traffic sign interpretation, pedestrian detection, and obstacle avoidance. Short video clips may be recorded and stored locally on the Vehicle during specific events such as collisions, near-collisions, emergency braking activations, autonomous driving system disengagements, or when triggered manually by the driver. These event clips may be transmitted to Tensor's servers for safety analysis and autonomous driving improvement, subject to your data sharing preferences.

Interior Cameras: The Vehicle's cabin is equipped with cameras that monitor driver attentiveness, seat occupancy, and seatbelt usage. The driver monitoring system uses computer vision to detect signs of drowsiness, distraction, or impairment and will issue alerts or take corrective action. Interior camera data is primarily processed locally on the Vehicle and is not transmitted to Tensor's servers unless required for safety incident investigation or specifically enabled by you.

Important: Camera data may incidentally capture images of third parties, including pedestrians, other drivers, license plates, and bystanders. Tensor processes such data solely for the purposes of vehicle operation, safety, and autonomous driving improvement, and does not use it for identification of individuals.

1.2 Sensor and Perception Data

The Robocar is equipped with an extensive sensor suite designed to perceive and interpret the driving environment with high precision:

LiDAR (Light Detection and Ranging): Multiple LiDAR units generate three-dimensional point cloud maps of the Vehicle's surroundings in real time. This data provides precise distance measurements to surrounding objects, vehicles, pedestrians, and infrastructure. LiDAR data is essential for autonomous navigation and is processed continuously during vehicle operation.

Radar: Forward-facing, rear-facing, and corner radar units detect the speed, distance, and trajectory of surrounding vehicles and objects. Radar data is used for adaptive cruise control, collision avoidance, cross-traffic alerts, and autonomous driving decisions in adverse weather conditions where camera visibility may be reduced.

Ultrasonic Sensors: Short-range sensors around the Vehicle's perimeter detect nearby objects at low speeds for parking assistance, low-speed maneuvering, and obstacle detection. This data is processed locally in real time and is not transmitted off the Vehicle.

Inertial Measurement Unit (IMU): Measures the Vehicle's acceleration, rotation, and orientation. This data is combined with GPS and other sensor inputs for precise localization and is used by the autonomous driving system for motion planning and stability control.

Sensor Fusion Data: The autonomous driving system continuously combines inputs from all sensors (cameras, LiDAR, radar, ultrasonic, IMU) to create a comprehensive real-time model of the Vehicle's environment. This fused perception data is the foundation of the Robocar's autonomous driving capability. Aggregated and anonymized sensor fusion data may be used for fleet-wide autonomous driving improvement.

1.3 Location and Navigation Data

GPS Location: The Vehicle records precise geographic coordinates, speed, heading, and altitude using global navigation satellite systems (GPS, GLONASS, Galileo). Location data is used for navigation, real-time traffic routing, autonomous driving localization, emergency services (eCall), vehicle recovery in the event of theft, and geofencing for operational domain restrictions.

Route and Trip Data: The Vehicle records route information, including origin and destination addresses, waypoints, trip duration, distance traveled, and time of travel. Historical trip data is stored locally on the Vehicle and may be transmitted to Tensor's servers if you have enabled connected navigation services.

High-Definition Mapping Data: The autonomous driving system uses pre-loaded high-definition maps and may collect supplementary mapping data during operation to detect changes in road conditions, lane markings, signage, and infrastructure. This mapping data is critical for safe autonomous operation and may be shared with Tensor's mapping partners in aggregated, de-identified form.

1.4 Driving Behavior Data

Autonomous Driving Telemetry: When the autonomous driving system is engaged, the Vehicle records detailed telemetry data including system state, decision-making inputs, planned and executed trajectories, sensor confidence levels, system warnings, intervention events, and disengagement events (instances where the autonomous system returns control to the driver or enters a safe stop maneuver).

Driver Behavior: The Vehicle records data about driving patterns and inputs, including steering angle, accelerator and brake pedal position, speed, gear selection, turn signal usage, and frequency of autonomous driving feature usage. This data is used for safety analysis, insurance telematics (if applicable), and product improvement.

Safety Events: In the event of a collision, near-collision, airbag deployment, emergency braking, stability control activation, or rollover detection, the Vehicle's event data recorder captures a detailed record of vehicle state and sensor data for a period before, during, and after the event. This data may include vehicle speed, pedal positions, steering input, seatbelt status, airbag deployment status, autonomous driving system state, and exterior camera imagery. Safety event data may be shared with regulatory authorities, insurance companies, and law enforcement as required by law or your insurance policy.

1.5 Diagnostic and Performance Data

Vehicle Health Data: The Vehicle continuously monitors the status and performance of its mechanical, electrical, and software systems. This includes battery state of charge, battery health and degradation metrics, motor performance, tire pressure, brake system status, thermal management system performance, and component fault codes.

Charging Data: When connected to a charging station, the Vehicle records charging session data including start and end times, energy consumed, charging rate, charging station identifier and location, and battery temperature during charging. This data is used to optimize charging performance, provide charging history to the owner, and facilitate billing with charging network providers.

Software and Firmware Data: The Vehicle records information about its current software versions, over-the-air (OTA) update history, update success or failure status, and system boot logs. This data is used to manage software deployments, diagnose issues, and ensure that all Vehicles operate on the latest approved software.

Connectivity Data: The Vehicle records cellular network connection quality, data usage, Wi-Fi connection status, Bluetooth pairing information, and communication latency between the Vehicle and Tensor's cloud services. This data is used to maintain and optimize the Vehicle's connected services.

1.6 In-Cabin and Infotainment Data

Voice Commands: If you use the Vehicle's voice assistant, audio recordings of your voice commands are captured and processed to fulfill your requests (such as navigation, climate control, media playback, or phone calls). Voice data may be transmitted to cloud-based speech recognition services for processing. You can disable voice data transmission in the Vehicle's privacy settings, which will limit voice processing to on-device capabilities.

Infotainment Preferences: The Vehicle stores your media preferences, radio station presets, navigation favorites, phone contacts (if paired), call logs, and application usage data within the infotainment system. This data is stored locally on the Vehicle and is associated with your driver profile.

Occupant Data: Seat position settings, climate control preferences, mirror positions, and ambient lighting preferences associated with your driver profile. This data is used to personalize your driving experience.

We share vehicle data with the following categories of recipients, and only to the extent necessary for the purposes described in this policy:

Tensor Affiliates: Vehicle data may be shared within the Tensor corporate group, including our autonomous driving technology development subsidiary, for the purposes of safety research, autonomous driving improvement, product development, and fleet management.

Autonomous Driving Technology Partners: We may share de-identified or aggregated sensor data and driving telemetry with trusted technology partners who contribute to the development of Tensor's autonomous driving system, including machine learning model training, simulation, and validation. These partners are subject to strict contractual obligations regarding data use, confidentiality, and security.

Mapping and Navigation Providers: We share anonymized driving data with our mapping partners to maintain and update high-definition maps used by the autonomous driving system. We also share navigation requests and location data with our navigation service provider to deliver real-time routing and traffic information.

Charging Network Providers: When you charge your Vehicle at a partner charging station, we share your Vehicle identification, charging requirements, and payment information with the charging network operator to authenticate, initiate, and bill the charging session.

Insurance Companies: With your explicit consent, we may share driving behavior data and safety event data with your insurance provider for the purpose of usage-based insurance or accident claims processing.

Emergency Services: In the event of a collision or emergency, your Vehicle may automatically transmit its location and crash data to emergency dispatch services. This data sharing is designed to expedite emergency response and may be legally mandated.

Law Enforcement and Regulatory Authorities: We may disclose vehicle data to law enforcement, judicial, or regulatory authorities when required by law, court order, or legal process, or when necessary to protect the safety of our customers or the public. We evaluate each request to ensure it is legally valid and appropriately scoped.

Service and Repair Facilities: When your Vehicle is serviced at a Tensor service center or authorized repair facility, the service technician may access diagnostic data, fault codes, and relevant system logs to diagnose and repair the Vehicle. Service records are retained for warranty and quality assurance purposes.

Third-Party Application Developers: If you choose to connect third-party applications or services to your Vehicle (through the Tensor application platform), those third-party developers may access specific vehicle data as described in the application's terms of service. You control which third-party applications have access to your Vehicle data and can revoke access at any time through the Tensor mobile application.

We do not sell vehicle data to third parties. We do not use vehicle camera or sensor data for third-party advertising purposes.

‍Tensor Mobile Application: Your data sharing preferences can also be managed through the Tensor mobile app under Account > Privacy Settings.

• Disabling Fleet Learning: Your Vehicle's autonomous driving system will continue to operate normally using its onboard software. However, your Vehicle will not contribute data to fleet-wide autonomous driving improvements. You will still receive OTA software updates.
• Disabling Location Sharing: Remote vehicle tracking via the mobile app will be unavailable. Cloud-based navigation features (real-time traffic, point-of-interest search) will be limited. Emergency eCall location transmission cannot be disabled as it may be legally required.
• Disabling Voice Data: Voice commands will be processed using on-device speech recognition only, which may result in reduced accuracy and a more limited set of recognized commands.
• Disabling Usage Analytics: Your Vehicle will continue to function normally. You will still receive OTA updates and basic connected services.

4.3 Data That Cannot Be Disabled

Certain data collection is integral to vehicle safety and cannot be disabled:

• Safety event data recording: The event data recorder operates at all times and captures data surrounding safety-critical events. This is required for vehicle safety and may be legally mandated.
• Diagnostic data for safety recalls: Tensor must be able to identify vehicles affected by safety recalls and verify that recall remedies have been applied.
• Emergency Call (eCall) data: Location and crash data transmitted to emergency services during a collision cannot be disabled.
• OTA update management: Software version and update status data is required to ensure your Vehicle operates on the latest safety-critical software.

4.4 Data Deletion

You may request the deletion of vehicle data associated with your account by contacting privacy@tensor.auto. Please note that:

• Deletion requests will be fulfilled within thirty (30) days, subject to any legal retention obligations.
• Aggregated and anonymized data that has been incorporated into our autonomous driving training datasets cannot be individually deleted, as it can no longer be linked to you or your Vehicle.
• Certain data must be retained for legal compliance, warranty, and safety purposes as described in Section 5.
• Upon sale or transfer of your Vehicle, you should perform a factory data reset through the Vehicle's settings menu to erase your personal data, profiles, and preferences from the Vehicle's local storage.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. The specific retention periods depend on the nature of the data and the purpose of processing:

Account Data: Retained for the duration of your active account and for a period of five (5) years following account closure, to comply with UAE commercial record-keeping requirements.

Transaction and Order Data: Retained for a minimum of five (5) years after the completion of the transaction, in accordance with UAE tax and commercial law requirements.

Vehicle Ownership Data: Retained for the duration of your ownership of the vehicle and for five (5) years thereafter, to support warranty claims, recall management, and regulatory compliance.

Marketing Data: Retained until you withdraw your consent or request deletion. If you unsubscribe from marketing communications, we retain a record of your opt-out preference to ensure we honor your choice.

Technical and Usage Data: Aggregated analytics data may be retained indefinitely. Individual-level browsing data is retained for twenty-four (24) months.

When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention and destruction policies. Anonymized data that cannot be used to identify you may be retained indefinitely for research and statistical purposes.

We implement comprehensive technical and organizational measures to protect vehicle data throughout its lifecycle — from collection on the Vehicle, through transmission to our servers, to storage and processing in our cloud infrastructure.

6.1 On-Vehicle Security

• Secure compute platform: The autonomous driving computer and telematics control unit operate on a hardened, security-certified platform with secure boot, hardware-based key storage, and runtime integrity verification.
• Internal network segmentation: The Vehicle's internal network architecture segregates safety-critical systems (autonomous driving, braking, steering) from infotainment and connectivity systems using gateway controllers with strict access controls.
• Encrypted storage: Personal data and sensitive vehicle data stored on the Vehicle's onboard storage is encrypted at rest using hardware-accelerated AES-256 encryption.
• Secure software updates: OTA updates are cryptographically signed by Tensor. The Vehicle verifies the authenticity and integrity of every software package before installation, preventing the installation of unauthorized or tampered software.

6.2 Data in Transit

• Encrypted communication: All data transmitted between the Vehicle and Tensor's cloud infrastructure is encrypted using TLS 1.3 with certificate pinning to prevent man-in-the-middle attacks.
• Mutual authentication: Both the Vehicle and the cloud server mutually authenticate each other's identity before establishing a data connection.
• Data minimization in transit: The Vehicle transmits only the data required for the enabled services and features. Raw high-bandwidth sensor data (e.g., full-resolution video streams) is not routinely transmitted; instead, the Vehicle processes data locally and transmits only relevant metadata, event clips, or aggregated summaries.

6.3 Cloud Infrastructure Security

• Data center security: Vehicle data is stored in enterprise-grade cloud data centers with physical security controls including biometric access, 24/7 surveillance, and environmental monitoring.
• Encryption at rest: All vehicle data stored in our cloud infrastructure is encrypted at rest using AES-256 encryption with regularly rotated encryption keys managed through a hardware security module (HSM).
• Access controls: Access to vehicle data within Tensor is restricted on a role-based, need-to-know basis. Access to identifiable vehicle data requires multi-factor authentication and is logged for audit purposes.
• Monitoring and incident response: Our security operations center monitors for unauthorized access, data exfiltration attempts, and other security incidents on a 24/7 basis. We maintain a documented incident response plan that includes notification to affected customers and the UAE Data Office in accordance with the UAE PDPL.

6.4 Cybersecurity and Vulnerability Management

• Vulnerability disclosure program: We maintain a responsible vulnerability disclosure program. Security researchers who discover vulnerabilities in our Vehicle or connected systems may report them to security@tensor.auto.
• Penetration testing: We conduct regular third-party penetration testing of our Vehicle systems, cloud infrastructure, and mobile applications.
• Security updates: Security vulnerabilities are addressed through OTA software updates. Critical security patches are prioritized for expedited deployment across the fleet.

If you have questions about this Vehicle Data Privacy Policy or wish to exercise your data protection rights, please contact us:

Data Protection Officer Tensor Auto FZE [Registered Address] United Arab Emirates

• Email: privacy@tensor.auto
• Phone: [UAE Phone Number]
• Website: https://tensor.auto/vehicle-privacy

Data Subject Rights Requests: To request access, rectification, erasure, restriction, or portability of your vehicle data, please submit your request to privacy@tensor.auto or through the data rights portal at https://tensor.auto/privacy/rights.

Complaints: If you believe our processing of your vehicle data violates the UAE PDPL, you have the right to lodge a complaint with the UAE Data Office at https://uaedataoffice.ae.

For information about how we handle personal data collected through our website and other non-vehicle interactions, please refer to our general Privacy Policy at https://tensor.auto/privacy.