Share this page

TOMRA Connect Technical and Data Security Principles

Version 3.0, 01.11.2018

About TOMRA Connect

TOMRA Connect is a real-time data service receiving data from TOMRA reverse vending machines and making that data available for reverse vending machine owners through various software services. Data is also made available for TOMRA technical personnel for service and maintenance purposes, as part of service agreements and for ad-hoc service tasks.

We operate within the EU General Data Protection Regulation (GDPR). Learn more about GDPR here.

TOMRA Connect Installation

An installation in TOMRA Connect includes a specific reverse vending machine identified by its serial number, a specific geographical location where the reverse vending machine is located, and the time when the installation was established. All three aspects are required for the installation to communicate data to TOMRA Connect, and for that data to be associated with a license account, and hence available for processing and use.

The concept of the installation forms the basis of TOMRA Connect data separation and isolation, ensuring that data is only available to authorized users.

TOMRA Connect hence offers full data isolation and -separation across customer accounts.

Data storage locations

TOMRA Connect data is transported to and stored at TOMRA’s physical data center in Asker, Norway for all reverse vending machines located in Europe and rest of the world apart from North America. For reverse vending machines located in North America, data is transported to and stored at TOMRA’s data center located with Amazon Web Services in Virginia. For reverse vending machines located in Australia, data is sent directly to TOMRA’s data center located with Amazon Web Services in Sydney, Australia.

Supplementary use of managed processing services for certain specific software services takes place through Amazon Web Services facilities in Virginia, USA for North America-based reverse vending machines, in Frankfurt, Germany for European and rest of world reverse vending machines, and in Sydney, Australia for the Australian-based reverse vending machines.

TOMRA Systems ASA has established a Data Processing Agreement with Amazon Web Services which ensure that Amazon Web Services has no right to utilize data stored with Amazon Web Services for any purpose other than delivering agreed technical infrastructure services to TOMRA.

It is TOMRA’s position that utilizing cloud services with a reputable and market-leading provider allows TOMRA to offer both cost-effective, technically and financially secure and stable, reliable, long-term and future-oriented software services and products compared to more traditional on-premise hosting alternatives. TOMRA have broad experience and competence with both on-premise and cloud hosted environments, and a long successful track record of securing and processing transactional money- and material-flow data.

Data security and protection

TOMRA Connect data is protected using industry standard encryption protocols during transport from reverse vending machines to the TOMRA Connect servers. TOMRA Connect web portal is only accessible through https with SSL encryption.

In situations with loss of connectivity or electricity at the reverse vending machine location, all reverse vending machine data will remain stored in the reverse vending machine and transmitted once operational state is restored, with no loss of data.

Frequency of communication from reverse vending machines to TOMRA Connect

TOMRA reverse vending machines sends a “heartbeat” to TOMRA Connect every 180 seconds (as the main rule). The heartbeat is a signal to TOMRA Connect that the reverse vending machine is online and operational. Should a reverse vending machine fail to send two consecutive heartbeats, the machine will be set to status “offline” until a heartbeat has been received. Reverse vending machines additionally transmit data associated with each consumer session immediately after the session is completed to ensure that the session data is stored and preserved in TOMRA Connect for accounting and clearing purposes. Additional messages of technical nature are communicated at various intervals to enable service and operational monitoring of reverse vending machine components and configurations.

Types of data being communicated to TOMRA Connect

TOMRA Connect receives data on a wide range of machine performance metrics as well as consumer sessions from each connected reverse vending machine. Such information is required for TOMRA to improve machine stability and reliability, as well as to generate clearing reports and services to deposit administration organizations/customers where applicable.

Customers that wish to utilize more advanced TOMRA Connect services such as In-store Marketing, Analytics or Consumer Engagement are required to authorize TOMRA to process and transport data required to deliver agreed services.

For customers utilizing TOMRA’s consumer engagement services, special data privacy agreements are required between TOMRA and the end-user (opt-in), and between TOMRA and the reverse vending machine owner.

TOMRA will not use, sell or in any other way offer to a third-party data that identifies consumers, store personnel or reverse vending machine owners without prior authorization.

TOMRA may aggregate recycling data on country or international level to visualize the benefit of recycling and to generate usage statistics.

TOMRA will utilize sensor data, test points, machine behavior data, etc. internally within TOMRA to analyze and improve its service towards customers and end users, and to offer improved response time and fault correction.

TOMRA will maintain data communicated to TOMRA Connect indefinitely to utilize such data for product analysis and improvement in relation to product development and improvement. Should a reverse vending machine owner so request, TOMRA will delete or anonymize data, with resulting inability for TOMRA to deliver statistics or historical data to the customer.

Reverse vending machine connectivity

Internet access on http and https ports (tcp 80 and 443) is required from the reverse vending machine to TOMRA Connect servers for basic functionality. For advanced remote service access by TOMRA, ports udp 2194 (for older models) and 1194 (for current models) also needs to be open.

The principle underlying all connectivity for TOMRA Connect is that communication is always initiated from the reverse vending machine and to the TOMRA Connect server. If return communication is required, a secure VPN tunnel is initiated. Reverse vending machines communicate only to fixed and secure IP addresses within the TOMRA domain network. No communication initiated from the outside to reverse vending machines inside customer networks is required.

Connection paths: reverse vending machine to TOMRA Connect

TOMRA recommends that all new installations communicate with TOMRA Connect over secure encrypted internet, protected by the measures outlined in this document.

Bandwidth requirements

Bandwidth requirements for reverse vending machine operation and monitoring services are moderate (<20 Kbit/s based on 2.500 empty objects returned per reverse vending machine per day).

For full utilization of TOMRA Connect’s capabilities for multimedia content and consumer engagement services, an adequate broadband connection is recommended. Actual bandwidth requirements for multimedia services will increase as a function of media size, upload frequency, the number of reverse vending machines sharing available connection capacity, etc.

For large reverse vending machine fleets in a retail environment with front-end server the following bandwidth requirements are recommended:

Minimum bandwidth recommendations without In-store Marketing and multimedia services:

100 reverse vending machines : 512Kb/s

500 reverse vending machines : 512 Kb/s

1000 reverse vending machines : 512 Kb/s - 1 Mb/s

3000 reverse vending machines : 1 Mb/s - 2 Mb/s

5000 reverse vending machines : 2Mb/s - 3-4 Mb/s

With In-store Marketing and multimedia services enabled the above recommendation should as a minimum be doubled. Modern high-capacity broadband connections are recommended.

Please contact us at for assistance with analyzing your needs based on anticipated use patterns, available bandwidth and the size of the reverse vending machine fleet.