Volvo Cars Privacy Notice - In-Car Application

Effective from: 2024-04-25

Published at: 2024-04-25

Thanks for using Volvo Cars in-vehicle application! Volvo Cars Asia-Pacific Headquarters (with business address at 2088 Luyi Road, Jiading District, Shanghai, hereinafter referred to as “Volvo Cars”, “we” or “us”) takes the protection of users’ personal information and privacy rights seriously.

As we may collect and use your personal information when you are using Volvo Cars in-car application (“Volvo Application”), we have formulated the privacy notice (this “Notice”) that covers how we collect, store, use, entrusted process, share and protect personal information of users. We will explain to you in this Notice the purpose, manner and scope of our collection and use of your personal information, your rights to your personal information, and the measures we take to protect the information security, in order to provide full disclosure and obtain your consent or separate consent.

Unless explicitly stated otherwise, this Notice does not apply to products and/or services that are accessed through our products and/or services and provided to you independently by third parties (including but not limited to audio function of iFLYTEK, AMAP, Tencent IQT, Huawei APP Store, Ximalaya, QQ Music, NetEase Music, etc.), such as third-party Apps accessed through our products and/or services. Third parties may collect your personal information in order to provide the relevant services to you successfully. Please note that if you provide your personal information to a third party when using its products and/or services, your information will then be subject to the third party’s privacy statement or similar policy, and we are not liable for any improper use or disclosure of the information you provide by any third party.

We understand that the related persons or entities other than you (including, without limitation, your contact, spouse, relatives, drivers, etc.) may also access and use Volvo Application in using your vehicle, and their information is provided to us in the course of obtaining relevant products or services we provide to you (“you” and “related persons”, collectively referred to as “you”). You acknowledge that before such related persons provide any information to us, you have explained to them the purpose, method and scope of use of the information in accordance with this Notice and have obtained their consent to enable us to collect, retain, use, entrusted process, share, transfer and publicly disclose such information in accordance with this Notice. Meanwhile, you have notified such related persons of their rights to access, rectify and erase their personal information.

Please use Volvo Application after you have fully understood this Notice and clicked “Agree”. If you/your guardian do/does not agree to this Notice, you may object to our collection and use of your personal information by clicking “Disagree”, and then we may not be able to provide you with the relevant services.

This Notice will help you understand the following:

I. How We Collect and Use Your Personal Information

We collect personal information in order to operate more efficiently and provide you with the best user experience. The ways we collect personal information include: (1) you provide to us directly; (2) we obtained in your use of Volvo Application; and/or (3) we obtained from third parties.

The information to be collected by us depends on the products or services you actually use, the environment in which you interact with us, and the choices you make, including your privacy settings and the products and functions you use. Our products and functions include core business functions and value-added business functions. You do not necessarily have to provide us with your personal information we request. If you opt not to provide certain personal information necessary for core business functions, we may not be able to provide you with the corresponding services or respond to or resolve the issues you encounter. You may choose whether to consent to our collection of information for value-added business functions. If you refuse our collection, the relevant value-added business functions may not be implemented, but it will not affect your use of the corresponding core business functions.

1. How we collect and use your personal information

1.1 Information collected in your use of products or services

(1) To provide you with service of Volvo ID login

If you choose to log into Volvo ID, we will collect your email address/mobile number and password. If you refuse us to collect above personal information, you may not be able to use Volvo ID-related services, but you can still use other services of the Volvo Application.

(2) To provide you with Air Quality function

If you opt to enable the Air Quality function, we may collect your vehicle location information (the city information) to check the PM2.5 air quality index of your current city, and further monitor the environment around your vehicle. If you refuse to provide us with the above information, you may not be able to use the Air Quality function, but it will not affect your use of the basic functions of Volvo Application.

If you have enabled the Air Quality function, you can disable this function by pressing home button to terminate our collection of your personal information.

(3) To provide you with Event Data Recorder (EDR) service

To comply with the related legal requirements, we may collect and store safety-related information relating to crash or near-crash situations in an Event Data Recorder (EDR) – also known as the car’s “black box”. The safety-related information includes the following data:

How various systems in your vehicle were operating;
Whether or not the driver’s and passenger’s safety belts were buckled/fastened;
How far (if at all) the driver was depressing the accelerator and/or brake pedal (if any);
How fast the vehicle was traveling.

The period recorded is usually up to 30 seconds. Please noted that recording only takes place if a serious collision situation occurs, and no data is recorded under normal driving conditions. Furthermore, the recording does not include who is driving the vehicle or the (approximate) geographical location of the collision. Please understand that the EDR service is a business function required by laws and regulations. We need to collect above personal information to provide EDR service to you.

(4) To provide you with Driving Journal service

If you opt to activate and use the function of Driving Journal automatically, we may collect and use your name, phone number, E-mail address, Vehicle Identification Number (VIN), location and other trip-related information such as your driving routes, time, distance, fuel and/or electric consumption and mileage, in order to provide you with the mileage expense management service.

(5) To provide you with Over the Air Software Update (OTA) service

In order to be able to maintain the vehicle software and provide necessary software updates directly, we may collect and use the following data:

Vehicle Identification Number (VIN);
Vehicle software version;
Diagnostic trouble codes;
Vehicle specification;
Installation status and reports; and
Vehicle manufacturing date.

If you refuse over the air software updates, this will prevent you from being able to use our updated services, or you will not be able to use them fully. Failure to update may also increase the risk of cybersecurity incidents, much like in the case of all other smart devices. Note that you can also opt to have the updates installed in one of our workshops. Your refusal of our collection of the above information may hinder us to provide you with Over the Air Software Update service, but it will not affect your use of the basic functions of Volvo Application.

If you have enabled the Over the Air Software Update service, you can disable this service by going to Settings > System > Software Update > Turn Off Automatic Software Downloads to terminate our collection of your personal information.

(6) To provide you with Connected Safety function

In order to notify you of road condition changes or potential road hazard by displaying conspicuous warnings while you drive the vehicle, allowing you to adapt your driving style in a timely manner, we may collect and use the following data about you:

Vehicle identification number (VIN);
Alert activation (including Slippery road alert activation, Hazard light activation);
Timestamp of alert;
Location.

We will de-identify the above data, in order to avoid and reduce dangers posed by road traffic as well as improve road safety.

(7) To provide you with Speech Messaging service

In order to provide you with Speech Messaging service, we may collect and use the following data about you to verify whether your car has a subscription for this service, with which you can control features of your infotainment system via voice, and initiate conversations, create and send SMS messages using voice commands:

Recorded voice data or commands;
Vehicle identification number (VIN);
Phone number; and
Text message.

The text message will be created by the 3rd party suppliers, stored in the cloud, and will be sent back and saved in your vehicle. The content of the relevant texts will no longer be retained after the message is sent.

Navigation announcements and voice assistant announcements generated based on the voice recording function are from our partner iFlytek who provides you with customized sound generation services.

(8) To provide you with Emergency Call (eCall) function

In order to ensure your safety, we have developed Emergency Call (eCall) function, which will be triggered automatically in the event of a severe accident, detected by activation of one or more sensors within the vehicle. When an emergency call is made, we may collect the following data:

Vehicle Identification Number (VIN);
Vehicle propulsion or engine specification;
Vehicle model specification;
Time of the incident;
Location of the incident;
Direction of the vehicle travel; and
Vehicle status.

Both Volvo Cars and third party eCall service partners may collect the abovementioned data, which will also be transmitted to emergency services institutions (for example ambulance service supplier) if necessary.

Please understand that Emergency Call (eCall) is a core service, and your refusal of our collection of the above data may prevent you from being able to use the related services of Volvo Application.

(9) To provide you with Call Centre service (including Roadside Assistance (RSA), Stolen Vehicle Tracking (SVT), Remote Vehicle Immobilisation/Mobilisation (RVI/RVM)

When providing you with Call Centre service (including Roadside Assistance (RSA), Stolen Vehicle Tracking (SVT), Remote Vehicle Immobilisation/Mobilisation (RVI/RVM), we may collect and use your following data:

License plate;
Vehicle identification number (VIN);
Vehicle specification;
Vehicle status;
Time and place of the request;
Location at the time of the call;
Direction of the vehicle travel.

What’s more, depending on the nature and scope of the request, we may need to process additional information necessary for the requested assistance, for example:

contact information (home address, e-mail address, phone number);
insurance details (policy and claim number);
transaction-related data; and
damage cause and information about the workshop.

Your refusal of our collection may hinder us to provide you with Call Centre service, but it will not affect your use of the basic functions of Volvo Application.

(10) To provide you with fault analysis and customer care services

In case of fault or other status notifications in DIM, for fault analysis, we may need to collect your following data and upload it to the Volvo back-end fault monitoring and analysis platform for analysis, so as to contact you for maintenance or prepare relevant parts for your maintenance in advance to save your time:

Vehicle identification number (VIN);
Alarm/Notification ID;
Mileage;
Vehicle speed;
Engine speed;
Gear; and
Vehicle location information.

If you allow workshops to activate the Bug Reporting function, we may collect and process the following data from your vehicle to identify and investigate the impact of software faults, solve software related problems and maintain our software in good health:

Information related to the vehicle (mileage, fuel consumption, vehicle configuration and details, Vehicle Identification Number (VIN), IP address and software version);
Information generated by the Information Host, Display Host, Telematics and Connectivity Antenna Module with associated signals (GPS, DID (Data Identifier), DTC (Diagnostic Trouble Code), vehicle network diagnostics, Android Automotive diagnostics, start-up diagnostics, also the reports and logfiles targeted to developers);
Information of the interaction between the driver and vehicle (speed, infotainment settings, destinations, phone books, radio settings, third party application settings, roadside assistance logs); and
Information related to the driver (e-mail accounts, phone number, Volvo ID).

When you use Extended Vehicle Data Analysis, we will collect and use the following data about you to completely investigate the issues of your vehicle:

basic customer data (name and contact);
data recorded by the Event Data Recorder and other systems relating to vehicle safety system (speed, GPS location, steering angle, brake power, deployment and use of safety systems etc);
data captured by other car sensors or acquired from providers of such information regarding surroundings (such as temperature, slippery road);
data from the vehicle’s Electronic Control Units, Telematics and Connectivity Antenna Module and the Information Host Unit and their associated signals;
vehicle status (mileage, fuel consumption, odometer and other data shown in the dashboard);
all interaction between driver and vehicle such as changes of different settings, account names such as Volvo ID and Google ID and data related to device usage which has connected via Bluetooth; and
Vehicle Identification Number (VIN).

If your vehicle is maintained or repaired at a service centre, workshop or our partner, we may collect and use the following information for fault tracing, managing our product manufacturer, and product research & development, to optimize the quality, safety and other functions of our vehicles:

Information related to the vehicle (model, production year, Vehicle Identification Number (VIN), hardware and software information);
Information generated by the vehicle, sensors and systems (odometer, service indicators, alarms, warnings, lights, faults, diagnostics, connectivity and network information, certifications and authorization data, calibrations, temperature, weather and road conditions, energy and fuel consumption, timestamps, state of health, status and behaviours of onboard systems and functions); and
Information related to how the vehicle is used and operated (configurations, settings, device connections, usage mode (charge, park, drive), charging information, timestamps, speed, passenger occupancy, interactions and use of the information head unit (the screen in the car), use of remote services, use of car functions such as accelerator, brakes, steering, seat belts and doors.

To provide you with customer care service and to prompt you to have a timely vehicle maintenance, we may collect and use your Vehicle Identification Number (VIN), license plate, customer inbound work order mileage, vehicle mileage data, vehicle maintenance reminders, and contact details for you or the person who send to service, and form a reminder of your recommended maintenance schedule.

Your refusal of our collection may hinder us to provide you with fault analysis and customer care services, but it will not affect your use of the basic functions of Volvo Application.

(11) To provide you with Vehicle Data Analytics function

We may need to collect and use the data listed below in order to obtain statistical information about our vehicles and how they are used. This is for product research and development purposes, in particular to improve and monitor the quality of vehicles and their safety features. This also serves to manage Volvo Cars’ warranty commitments.

Vehicle identification number (VIN);
Identifiers of the vehicle’s hardware and software versions;
Diagnostic trouble codes (DTC);
The following information on the vehicle’s high-voltage battery (where applicable):
- High voltage battery ID, capacity, and health status;
- Vehicle market information;
- Charging station information (e.g. availability status, the power type, pole ID, etc.); and
- Diagnostic data during charging (e.g. duration, state of charge, current fluctuation, etc.).

When you first choose to use the Vehicle Data Analytics service, you need to agree and follow the Volvo Privacy Policy, otherwise Vehicle Data Analytics will not collect any data. You can withdraw your consent at any time and we will stop collecting data immediately, but it won’t affect already collected information.

(12) To provide you with Service Planning function

When you use our Service Planning function to help you keep your vehicle in good condition and observe the vehicle status, we may collect and use the following diagnostic data:

Information related to the vehicle (model, production year, Vehicle Identification Number (VIN), hardware and software information)
Information generated by the vehicle, its sensors and systems (odometer, service indicators, alarms, warnings, lights, faults, diagnostics, temperature, timestamps, state of health, status and behaviour of onboard systems and functions)

When your vehicle is connected to the Internet, diagnostic data will be collected by Volvo Cars, Volvo Cars Sales and the workshops, and such diagnostic data will be entrusted to our retailers for processing. This is to enable your workshop to prepare your upcoming visit even better and administer bookings and deliveries of parts if needed.

(13) To provide you with product and event promotion information

When you use our products or services, we may send you certain information that we believe you are interested in or need to know, including our products/services, notifications and advertisements, events, promotions, and campaigns, based on the personal information that we have collected, through email, text messages, or phone call. If you intend to decline such information, you may unsubscribe via the unsubscribing method provided in the email or mobile phone text messages, or you may unsubscribe by contacting us directly via the contact information in this Notice.

1.2 Obtaining your information from third parties

In order to improve your using experience and develop new products, etc., we may obtain your personal information or other information from our partners within the scope permitted by law and your authorization.

We will use your personal information strictly in compliance with the purposes stated in this Notice, and your personal information will only be used for the purposes that are identified, described and authorized by you at the time of collection. If we want to use the information for other purposes not specified in this Notice, we will ask for your consent in advance. If we want to use the information collected for a specific purpose for other purposes, we will ask for your consent in advance. We will not provide user personal information and other vehicle data to third parties without the user's consent.

1.3 Other instructions for use

We will use the personal information we collect to the extent necessary to implement our services as agreed in this Notice.

We may compile statistics on the use of our services and may share these statistics with the public or third parties to demonstrate overall usage trends for our Services. However, these statistics do not contain any personally identifiable information about you.

We will use Event Tracking, based on your use of Volvo Application, to record certain data which contains the information generated from your use of AMAP, Ximalaya, QQ Music, NetEase Music and iFlytek applications (if involved), and we may record your usage and transaction status as well as your basic information (vehicle model, gender, age, whether you are a new user, education background and occupation). The above-mentioned information will assist us in understanding how you use our products and/or services, to further develop and improve our products and/or services, to enhance user experience, to develop new products and to recommend content that may be of interest to you.

When we intend to use your personal information for purposes other than those described in this Notice, or when information collected for a particular purpose is used for other purposes, we will ask for your prior consent by actively checking the box.

We may use the personal information collected in accordance with this Privacy Notice to conduct research, processing, training, statistics, analysis, and prediction. We improve the quality of our services, promote user experience, provide reference for business decisions, develop new products, and strengthen product security through research, analysis, and prediction. We may aggregate and analyze the personal information collected in accordance with this Privacy Notice to analyze or predict your personal characteristics, such as personal preferences and behavior, and eventually form a model of your personal characteristics. Please note that we do not currently use your model of characteristics for personalized push, but only for our internal data analysis.

2. Exceptions to consent to collection and use of personal information

You are fully aware that, under applicable laws, we may not need your consent to collect and use your personal information where one of the following circumstances is met:

(1) As necessary to conclude or perform on a contract to which the individual is a party, or as necessary for carrying out human resource management in accordance with lawfully formulated labor rules and regulations and lawfully concluded collective contracts;

(2) As necessary for the performance of legally-prescribed duties or obligations;

(3) As necessary to respond to public health incidents or to protect natural persons' security in their lives, health, and property in an emergency;

(4) Handling personal information within a reasonable range in order to carry out acts such as news reporting and public opinion oversight in the public interest;

(5) For a reasonable scope of handling of personal information that has been disclosed by the individual or otherwise already legally disclosed in accordance with laws and regulations;

(6) Other situations provided by laws or administrative regulations.

II. How We Retain Your Personal Information

We will determine the duration of retention of your personal information only to the extent required by laws or regulations, and as necessary to achieve the purposes of this Notice. Upon the expiry of the above period, we will delete or anonymize your personal information.
If we terminate our services or operations, we will notify you at least 30 days in advance, and delete or anonymize your personal information upon such termination.

III. How We Entrusted Process, Share, Transfer and Publicly Disclose Your Personal Information

1. How we entrusted process your personal information

Some specific modules or functions in our products or services are provided by external suppliers. For example, we may engage service technology service providers to assist us in providing customer support. For companies, organizations and individuals that we entrust to process personal information, we will sign strict confidentiality agreements or other data protection related agreements with them, requiring them to comply with laws, regulations and our requirements, and take other measures that can ensure the confidentiality and security of personal information to process personal information.

2. How we share and transfer your personal information

We may, from time to time, share some of your personal information with our affiliates and strategic partners in cooperation with us in product and service offerings, or share or transfer your personal information in other circumstances to offer products or services you request. Volvo Cars may share your personal information to the following extent:

(1) Sharing among Volvo Entities: To the extent permitted by laws and regulations, your personal information may be shared with our affiliates to ensure compliance with laws, and protect the interests, property and security of us and our affiliates or business partners, you or other users or the public at large. We will share only such personal information as is necessary to achieve the purposes above. Without your consent, our affiliates will not use our shared personal information for any purpose other than those described above;

(2) Sharing with business partners: Some of our services will be provided by our authorized business partners only for the purposes stated in this Notice. We may share with our business partners some of your personal information to provide better customer service and user experience. Our business partners include the following:

Authorized Dealer: In order to provide you with pre-sale and after-sale warranty services, we will share your name, phone number, email address, location and other information with our authorized dealers for better provision of such services to you;
Authorized Service Provider: In order to provide you with after-sale repair services, we will share your vehicle, order and equipment information, among others, with our authorized service providers for better provision of such services to you;

The specific authorized dealers and authorized service providers depends on the specification of your vehicle. Generally speaking, you may find the name and contact information of your vehicle dealer and service provider in the car purchase agreement and other materials. If you have any questions, please contact us via any of the means stated in this Notice.

(3) Sharing with the third-party Software Development Kit (SDK) service provider: The Volvo Application contains SDK plug-ins from our authorized partners. If you use the relevant services provided by such authorized partners in Volvo Application, such service plug-ins will collect and process your relevant personal information, as detailed in the table below:

SDK type	Name of plug-ins	Description of implemented functions and scenarios	Name of SDK providers	Type of personal information	Called device permissions	Privacy notice of SDK providers
User behavior collection	Codeless Tracking collection of SDK via Growing IO Android	Collection of user access events, tracking events, basic user behavior events (page viewing, clicking events, etc.)	GrowingIO	Page path, page source, page title, IMEI, androidld, gaid, oaid, device orientation, screen height, device brand, model type, operating system, operating system version, language setting, deep link information set by clipboard-GIO	Network, network status, WiFi status	https://accounts.growingio.com/user-privacy

(4) We will share your information as required by laws or regulatory requirements in scenarios such as government investigations, disputes, and other legal procedures or requirements.

(5) We will disclose your information when we, in good faith, deem it necessary to protect our rights, for example, to investigate potential breaches of our terms and conditions or to detect, prevent or disclose fraud and other security concerns.

(6) We will only share your personal information for lawful, legitimate, necessary, specific, and explicit purposes to the extent required for providing products and/or services. We will only allow Volvo Cars employees and affiliates who have a need to use your personal information to access your personal information when acting on behalf of Volvo Cars and we will only share the required personal information and will be bound by the purposes stated in this Notice. Our affiliates will seek your consent separately if they intend to change the purpose for which your personal information is processed.

(7) Where personal information needs to be transferred due to merger, division, dissolution or declaration of bankruptcy, we will notify you of the name and contact information of the recipient. We will notify the recipient that it should continue to fulfill the obligations stated in this Notice and obtain your separate consent if the recipient makes any change to the purpose and method of information processing.

(8) We will enter into strict confidentiality agreements with companies, organizations and individuals with whom we share personal information, emphasizing our stringent data protection compliance requirements and requiring them to process personal information in accordance with our instructions and any other relevant confidentiality and security procedures. In the use of personal sensitive data, we require third parties to adopt data desensitization and encryption technology to better protect user data. However, please note that Volvo Cars and its authorized dealers and service providers are legal entities independent from each other, and we are generally not liable for unlawful acts of Volvo Cars’ authorized dealers or service providers. If you have any questions about the collection and use of your personal information by your dealers or service providers, please contact such dealers or service providers directly.

3. How we publicly disclose your personal information

We may publicly disclose your personal information only:

(1) when we obtain your separate consent; or

(2) when it is required by law: We may, as required to comply with laws, regulations, subpoena and other legal proceedings or action, or mandatory requirements of government authority, disclose your personal information if we, in good faith, believe that disclosure is necessary to protect our rights, to protect the safety of you and others, to investigate fraud or respond to government requests.

4. Exceptions to authorized consent to sharing, transfer or public disclosure of personal information

You are fully aware that, under applicable laws, we may share, transfer or publicly disclose your personal information without your prior consent where one of the following circumstances is met:

(2) As necessary for the performance of legally-prescribed duties or obligations;

(3) As necessary to respond to public health incidents or to protect natural persons' security in their lives, health, and property in an emergency;

(4) Handling personal information within a reasonable range in order to carry out acts such as news reporting and public opinion oversight in the public interest;

(5) For a reasonable scope of handling of personal information that has been disclosed by the individual or otherwise already legally disclosed in accordance with laws and regulations;

(6) Other situations provided by laws or administrative regulations.

IV. How We Protect Your Personal Information

We attach great importance to the protection of users’ personal information and take all reasonably practical measures to protect your personal information:

1. Technical measures for data security

We will adopt security precautions that meet industry standards, including developing reasonable systems, norms, and adopting security technologies to prevent unauthorized access, use, modification, damage or loss of your personal information.

Volvo Cars adopts encryption technology to encrypt and store users’ personal information, and isolate it through segregation technology. Volvo Cars adopts strict data access rights control and multiple identity authentication technology to protect personal information and avoid unauthorized use of data.

2. We only allow employees of Volvo Cars and its affiliates who have a need to know such information to access personal information, and we have strict access control and monitoring mechanisms in place for this purpose. We also require all personnel who may have access to your personal information to comply with their confidentiality obligations. If they fail to fulfill these obligations, we will pursue their legal liabilities or suspend our cooperation with them accordingly.

3. We recommend that you use complex passwords when communicating with other users by email, instant messaging, social networking software and other communication tools, and take care to protect your personal information.

4. You are reminded that the Internet environment is not 100% secure, and we will take security measures to ensure the security of any information you send us, in accordance with legal requirements and technological development. In the meantime, however, if any unauthorized access, public disclosure, tampering, or destruction of information is caused by any unpredictable and unpreventable damage to our physical, technical or management protection facilities, we will not be liable for any losses not caused by Volvo Cars.

5. Handling of security incidents

Please be sure to protect your personal information properly and only provide it to others when necessary. In order to deal with the potential risks such as leakage, damage and loss of personal information, Volvo Cars has established various rules and regulations, specifying the criteria for classifying and grading security incidents and security vulnerabilities as well as corresponding handling procedures. Volvo Cars has also set up a dedicated emergency response team for security incidents, which will, in accordance with good practice for security incidents, initiate security plans for different security incidents, to stop losses, analyze, locate, formulate remedial measures, and work with relevant departments to trace to the source and crack down on the incidents.

In case of any personal information security incident, we will, in accordance with the requirements of laws and regulations, promptly notify you of the following matters: basic status and possible impacts of such security incident, response measures we have taken or will take, suggestions on how you may prevent or reduce risks on your own, and remedies available to you. We will also promptly notify you of relevant information of such incident through email, letter, phone call, push notification, or otherwise. If it is difficult to notify each personal information subject one by one, we will publish an announcement in a reasonable and effective manner. In addition, we will, as required by law, voluntarily report our disposal of the personal information security incident to the regulatory authority.

We have established a dedicated network operations and data security team to carry out work related to personal information protection. If you have any questions about our personal information protection, please contact us via any of the means stated at the bottom of this Notice. If you are aware of any leakage of your personal information, especially concerning your account and password, please contact us immediately via any of the means stated in this Notice and assist us in taking appropriate measures.

V. Your Rights to Your Personal Information

We respect your rights to your personal information. Below is a list of your rights under the law, and we will explain how we protect these rights.

1. Right to be informed

We publish this Notice to inform you of how we may process your personal information. We are committed to ensuring transparency in the use of your information.

2. Right to access

You may inquire or access your personal information directly in our product or service interface, including logging in your account at any time through the product page to access your personal information in connection with your account.

You may access your personal information via [Settings – User Account - Account]. If you are unable to inquire or access your personal information on your own or encounter any problems in exercising your right of access to data, you may contact us and request access to your personal information via any of the means disclosed in this Notice.

3. Right to rectification

You have the right to request us to correct or supplement any of your personal information that we have processed if you find it incorrect or incomplete. You may apply for correction through Volvo Entities, authorized dealers, customer service hotline (10108666) and other channels.

4. Right to erasure

You may make a request to us to delete personal information in the following cases:

(1) If our processing of personal information violates laws and regulations or our agreement with you;

(2) If you no longer use our products or services, or if you cancel your Volvo ID;

(3) If our processing purpose has been achieved, cannot be achieved, or is no longer necessary to achieve the processing purpose;

(4) If we no longer provide products or services to you, or if the retention period has expired;

(5) If you withdraw your consent.

If you request deletion of your sensitive personal information based on the above circumstances, you may contact us at any time through the contact information set forth in this Privacy Notice and we will delete within 10 business days. If you request deletion of your non-sensitive personal information based on above cases, you may contact us at any time through the contact information set forth in this Privacy Notice and we will respond within 15 business days. If we decide to respond to your request for deletion, we will also notify the entities that obtained your personal information from us to delete your personal information at the same time, unless otherwise required by law or regulation or unless those entities have your independent authorization. When we delete your information from our service, we may not immediately delete the corresponding information from our backup system, but will delete it when the backup is updated. Please know and understand that, according to laws and regulations, if the retention period stipulated by laws and administrative regulations has not expired, or if deletion of personal information is technically difficult to achieve, we will stop processing other than storing and taking the necessary safety protection measures.

5. Right to account cancellation

We provide you with the right to cancel your account. You may contact us directly via any of the means disclosed in this Notice to apply for cancellation of your account. After you submit your application, we may need to manually review your account cancellation to confirm that you meet the conditions for account cancellation. We will assist you with account cancellation within 15 business days after you submit the application. After you choose to cancel your account, we will erase or anonymize all relevant personal information under your account, unless otherwise provided by laws and regulations. After you cancel your account, we will no longer provide you with any products or services that require you to log in your account.

6. Right to consent withdrawal

Each business function requires some basic personal information to be completed (see “How We Collect and Use Your Personal Information” of this Notice).

You can withdraw your authorization or consent by going to the Vehicle System Settings page [Settings – Profiles - Privacy - Privacy Settings] at any time to turn off the corresponding permissions.

7. Right to portability

Where the conditions specified by the national cyberspace administration are met, you have the right to request the transfer of your personal information to a designated personal information processor. With formal authorization, you can exercise your right to portability through the contact information provided in this Notice.

8. Right to complaint

You have the right to complain by contacting via any of the means disclosed in this Notice. We will respond to your complaint within 15 business days of receipt. If you are not satisfied with our response, especially when our personal information processing has infringed upon your legitimate rights and interests, you may also file a complaint with or report to the cyberspace, public security, industry and commerce and other regulatory authorities, or file a lawsuit to a court having jurisdiction.
Please note that, for security reasons, we may verify your identity before processing your request. In principle, we will not charge a fee for your reasonable requests. For repeated requests that exceed reasonable limits, we will charge a fee as appropriate. We may reject those requests that are unduly repetitive, that require too many technical means (for example, developing new systems or making fundamental changes to existing practices), that pose a risk to the legitimate rights and interests of others, or that are very impractical, and state the specific reasons therefor in our response. Furthermore, we may not respond to your request if your request directly relates to national security, national defense, public health, criminal investigation, or other matters directly related to the public interest, or may seriously damage your, or other individuals’ or organizations’ legitimate rights and interests.

Subject to the relevant legal requirements, your close relatives may exercise the above rights to access, duplicate, correct, or erase your relevant personal information, unless otherwise arranged by you.

VI. How We Process Personal Information of Minors

Our products and services are mainly intended for adults. If you are a minor under the age of 18, you must obtain prior consent from your guardian before using our products and/or services. In the case of collection of children’s personal information with the consent of their parents, we will only use or publicly disclose such information to the extent permitted by law, expressly consented by their guardian or necessary to protect the children. For the personal information of children under the age of 14, we will, in addition to comply with the provisions of this Notice on users’ personal information, adhere to the principles of legitimate necessity, informed consent, clear purpose, security assurance and lawful use, store, use, and disclose children’s personal information, and protect the legitimate rights of children and their guardians concerning the relevant children’s personal information in strict accordance with the Personal Information Protection Law, the Provisions on the Network Protection of Children’s Personal Information and other laws and regulations.
We will seek to erase the relevant personal information as soon as possible if we are aware that we have collected the personal information of a minor without the prior verifiable consent of his or her guardian.
If you are the guardian of a minor, please contact us through the contact information below when you have questions about the processing of the information of the minor under your guardianship, or if you have evidence to prove that the minor has used Volvo Application without the consent of a guardian.

VII. Third-Party Service Providers and Their Services

When using our products and/or services, you may access applications and other services linked to products such as Volvo vehicles and web pages but actually provided by third parties, for example, third-party applications that may require vehicle records including your location data to provide services to you. To this end, such applications and other services provided by third parties may involve your providing to third parties a particular type of personal information. Volvo Cars shall not be liable for any collection or use of personal information by third parties’ applications or services. We also recommend that you read the applicable terms and conditions (and any related privacy statements) carefully before using such applications or services and make a choice in your sole discretion after making sure you have fully understood its rules on collecting and using your personal information. If you have any question about a particular third party’s use of your personal information, please contact the third party directly.

VIII. How Your Personal Information Is Transferred Globally

In principle, the personal information collected and generated within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. As Volvo Car Group operates its daily business through affiliates and information systems around the world, with your separate consent, your personal information may be transferred to Volvo Car Group affiliates and cooperative third-party service providers outside of China (Overseas Receiver), or accessed by Overseas Receiver:

No.	Purposes	Fields
1	To provide you with service of Volvo ID login.	Mobile number/email address, password
2	To provide you with Volvo On Call service and emergency assistance immediately when you encounter an accident, illness, external threat, etc. and need roadside assistance. To ensure the proper operation and maintenance of the service system through the overall analysis of the call service, so that you can enjoy Volvo On Call service with the best quality.	Name, mobile number, VIN number
3	Track vehicle status to complete the vehicle software and firmware update, download and installation process.	VIN number, vehicle model, software version number, firmware version number, update data (i.e. download time, software name, software description, and upgrade result (success/failure))
4	Continuously improve safety performance and provide accident process reconstruction services.	VIN number, working conditions of throttle, automatic pedal, ABS, as well as the longitudinal, horizontal, vertical acceleration of the vehicle

Currently, the physical storage locations for our data include Beijing, Shanghai, Gothenburg.

The aforementioned Overseas Receiver is:

Company Name	Country	Contact Information
Volvo Car Corporation	Sweden	Data Protection Officer, DPO Contact: globdpo@volvocars.com Contact Address: Group Privacy Office，Dept AA14100，VGHQ，SE-405 08，Göteborg，Sweden

We will fulfil our obligations of managing the security of data export as required by laws, regulations and relevant supervision, and take the necessary security measures to protect your personal information. You may exercise your legal rights directly against the Overseas Receiver via the contact information set forth in the above form, or you may request our assistance in contacting the Overseas Receiver at yaqin.xu@volvocars.com.

IX. Update of this Notice

1. This Notice will be updated to provide you with better services and to keep pace with our business development. We will not, however, reduce your rights under this Notice without your explicit consent. We will issue updates on our website and Volvo Cars App, and remind you of such updates by website announcements or any other proper way before they take effect. Please visit Volvo Cars’ website to keep abreast of the latest privacy policy. By using or continuing to use our products and/or services after we have updated this Notice (in such event that we will promptly remind you of the updates), you agree to the content of this Notice (including the updated version) and consent to the collection, use, storage and sharing of your information in accordance with this Notice.

2. For material changes, we will also provide a more prominent notice (we will explain specific changes to this Notice by means including but not limited to emails, text messages or a special notice on the browser page).

Material changes referred to in this Notice include, but are not limited to the following:

(1) Material changes in our service model. For example, the purpose of processing personal information, types of personal information processed, and the way of using personal information;

(2) Material changes in our ownership structure, organizational structure and so on, such as changes in ownership due to business adjustment, bankruptcy, merger and acquisition;

(3) Changes in the main recipients to which the personal information is shared, transferred or publicly disclosed;

(4) Material changes in your rights to participate in personal information processing and the way of exercising such rights;

(5) Changes in our department responsible for personal information security, relevant contact information and complaint channels; and

(6) High risks as indicated in the assessment report on the impact of personal information security.

3. We will also keep previous versions of this Notice in archives for your reference.

X. How to Contact Us

1. If you have any questions, comments or suggestions about this Notice or matters related to your personal information, please send your comments to: Volvo Cars Asia Pacific Headquarters, Attention: 2088, Luyi Road, Jiading District, Shanghai, or contact us by calling our customer service number (10108666) or via our contact for user rights matters (Xu Yaqin, 16621032398).

We will usually reply within 15 working days, unless otherwise provided by laws and regulations. If you are not satisfied with our reply, especially if you believe our personal information processing has harmed your legitimate rights and interests, you may also file a complaint with or report to the cyberspace, telecommunications, public security, industry and commerce and other regulatory authorities, or take proceedings in the court of competent jurisdiction.