Privacy Policy

General
Vehicle Privacy Notice
Website Notice
Volvo Valet
Retailer
Applicant Policy
Online Reservation
Electricity Refund Payout
Volvo Cars App
Volvo ID
Digital Retail Service
Consumer Surveys
Public Traffic Environment Data
Volvo cars SMS policy

VOLVO CARS APP PRIVACY NOTICE

Effective Date: August 29, 2022

This document describes how Volvo Cars (as defined below), and sometimes other entities process your personal data or personal information (collectively referred to in this document as “personal data”) when you use the Volvo Cars mobile application (hereinafter “Volvo Cars App”) that keeps you connected to your Volvo vehicle.

The Volvo Cars App has several functionalities which entail different types of personal data processing, as we explain below. Depending on your market and the type of subscription you have, these functionalities can be grouped as follows:

  • The Volvo Cars services – this includes the aspects described under sections 2.1 Your Subscription, 2.2 The Volvo Cars Remote Vehicle Services, 2.3 Driving Journal, 2.6 Public Car Charging, 2.7 When You Get in Touch With Us, 2.8 Marketing Communications and Surveys, and 2.10 Research and Development
  • Value added services, provided in collaboration with retailers – such as 2.4 Digital Service Booking and 2.5 Volvo Valet.

1. Who Is Responsible For The Processing Of Your Personal Data

The responsibility for the processing of your personal data in the Volvo Cars App is divided according to below:

  • The entity responsible for the main processing of personal data in relation to The Volvo Cars Remote Vehicle Services, Driving Journal, App Analytics, as well as Research and Development, is Volvo Car Corporation, having its registered office at Assar Gabrielssons Väg, SE-405as 31, Gothenburg, Sweden, company registration number 556074-3089, hereinafter referred to as “Volvo Cars”. For the purposes of the General Data Protection Regulation (GDPR), Volvo Car Corporation is a data controller for these purposes. For the purposes of California Consumer Privacy Act (CCPA) and as pertaining to information of US residents, Volvo Cars facilitates the operation of the App and the collection of information through it for the benefit of Volvo Car USA, having its registered office at 1800 Volvo Place, Mahwah, NJ, 17430 USA, hereinafter referred to as “National Sales Company” as its Service Provider.
  • The entity responsible for the processing of personal data when you get in touch with us as well as for Marketing communications is the National Sales Company.
  • For the retailer services booked through the Volvo Cars App (Digital service booking and Volvo Valet), the National Sales Company determines which retailers are eligible to participate in the App (hereinafter “Volvo Retailer” or “Retailer”). Through the App, the relevant retailer receives information about you in connection with the requested service as described below. For the purpose of GDPR, Volvo Cars, the National Sales Company, and the Volvo Cars retailer where you request the retailer service are joint controllers. For the purpose of the CCPA, Volvo Cars is a Service Provider for the National Sales Company.

2. Personal Data Collected, Why, And For How Long

2.1 Your Subscription

If you have a subscription for the Volvo Cars Remote Vehicle Services, you will be provided an opportunity to renew this service in the Volvo Cars App. When you do this, as well as to manage your subscription, we collect from you and process your personal identifiers (such as first and last name, phone number, e-mail address, VIN) and commercial information including your purchase status and history. We process this information to administer and monitor your purchase (from purchase to delivery) including any necessary contacts with authorities for official reporting, administration of your request for related services, to follow up on the delivery, and to communicate updates related to the services that you have purchased. We use a third-party payment provider to facilitate payments processing thought another third-party payment processor, and that is a separate processing of your personal data by them; you can read more about the privacy practices of our payment processor in Section 3 below.

For the purpose of GDPR, the legal basis for our processing of your personal data is that this processing is necessary for the performance of our contract (GDPR Art. 6.1. (b)) with you.

We will retain your personal data for ninety (90) days after your Volvo Cars subscription has expired in order to enable continuation of the service if you choose to resubscribe. In addition, we will archive the data relating to your purchase for ten (10) years in order to comply with our legal obligations related to accounting and financial reporting legislation (GDPR Art. 6.1. (c)).

2.2 The Volvo Cars Remote Vehicle Services

To activate the Remote Vehicle Services through the Volvo Cars App, we collect personal identifiers (such as your first and last name, phone number, Volvo ID (e-mail address), vehicle identification number - “VIN”, unique device identifier, and push notification token) and commercial information such as purchase history (ownership period, any subscription services in which you are enrolled, and the model and year of your vehicle and corresponding vehicle specifications).

We use this information to provide the Volvo Cars Remote Vehicle Services, such as the ability to control your vehicle remotely (e.g. pre-climatization, unlock/lock doors, remote start/stop of engine, current outside temperature, receive theft alarm notifications), and to allow you to view the status of your vehicle (e.g. fuel level, windshield washer fluid levels, brake fluid levels, door lock status, tire pressure or maintenance warnings, battery status, or other vehicle status indicators).

We also use this information to send push notifications within the Volvo Cars App related to upcoming maintenance and service reminders for your vehicle. For hybrid and full electric cars, we store data of the charging location to be able to offer a convenient way to schedule the charging. We collect your vehicle location information as well as, if you allow this, location of your mobile device, for you to use the map functionalities in the Volvo Cars App, and to show you your position relative to your Volvo on the map. Wherever you are not asked specifically whether you agree to any data processing, we process this data to perform our contract with you (GDPR Art. 6.1. (b)).

If, through your mobile settings, you grant us access to your location data, calendars and contacts, we will process this data to supply an easy way for you to send the location of a point of interest from your phone to the car based on your contact list, calendars events, or search results. For the purposes of GDPR, the legal basis for this processing is your consent (GDPR Art. 6.1.(a)). This data is not stored in the Volvo Cars App, and we do not see it. When allowing access from your phone to other people’s data make sure that they have consented to this.

When your Volvo Cars subscription comes to an end, the details linked with this service, including your personal information, will be deleted after ninety (90) days unless there is a legal requirement for us to retain certain data. Note that the Volvo Cars subscription follows the car; therefore if there is a change of ownership you as a seller are responsible to disconnect your car from the app and get your data deleted. This also applies for the registered primary driver in case of a car lease. Follow this link for instructions: https://www.volvocars.com/uk/support/topics/connected-services/practical-information/change-of-ownership-with-connected-services.

2.3 Driving Journal

The Volvo Cars App allows you to choose to log your driving activities in a Driving Journal. This may be useful to you if, for example, you expense mileage. The Driving Journal must be activated by you. It otherwise remains inactive, and the data is not collected.

If you do activate the Driving Journal, we collect from you your personal identifiers (such as first and last name, phone number, E-mail address, and VIN) and collect automatically through your vehicle telematics your vehicle location information (start and stop, or continuously depending on type of car as described below) to identify each trip including trip related information (time, distance, fuel and/or electricity consumption, electricity generation if hybrid) and mileage. For petrol and diesel cars, the Driving Journal only contains the start and finish positions of each driving cycle. However, if you have a hybrid/twin engine model, the Driving Journal also includes information about routes taken. For the purposes of GDPR, we process this data based on your consent (GDPR Art. 6.1.(a)).

As a rule, the Driving Journal data is stored for 100 days. In special situations, such as cars benefiting from the Recharge Refund, the Driving Journal data is stored for 500 days.

You can at any time deactivate the Driving Journal, and in this case the data will stop being collected. This does not however automatically trigger the deletion of the previously collected information which is retained and subject to deletion as previously described.

2.4 Digital Service Booking

The Volvo Cars App makes it possible for you to book various services for your car with selected retailers. When you do this, the Volvo Cars App facilitates the transmission of your information to the relevant Volvo Cars retailer you select.

When you book a service through the Volvo Cars App, Volvo Cars collects:

  1. From you: your personal identifiers (such as first and last name, phone number, e-mail address);
  2. Automatically: depending on the service requested, vehicle information such as vehicle identity, license plate, diagnostic trouble codes, warnings, mileage, fluid levels, as well as your own description of the purpose of the booking (if any), which will be distributed to the National Sales Company and the retailer executing the service you requested (which might be service/repair workshop, body paint workshop, car reconditioning specialists and car logistics services).

This information will be used to book the service, organize performance, and contact you in matters regarding the service booked or as direct consequences of using the service such as sending confirmations and notifications. This data is processed in order to perform the booking you request. In other words, for the purposes of GDPR, our legal basis for this processing is your contract with us (GDPR Art. 6.1 (b)).

Booking details (time and location of requested appointment, used contact channel, booking status, booking content) will be stored in system logs for solving errors that might occur in the system. The booking details will also be processed for analysis and evaluation of the service. This processing is performed by Volvo Cars, and for the purpose of GDPR, the legal basis for the data processing is our legitimate interest (GDPR Art. 6.1 (f)).

We will keep your service-related personal data up to two (2) years from last time using the service. In addition, we will archive pseudonymized booking details in system logs for five (5) years for statistics reasons.

When you use the digital service booking, Volvo Cars automatically collects statistical data through Google Analytics (in restricted processing mode) to better understand user behavior and improve the usability. We thus process your online personal identifiers, including cookie identifiers, internet protocol addresses and device identifiers, as well as client identifiers. For GDPR purposes, the legal basis for the data processing is our legitimate interest (GDPR Art. 6.1 (f)) in measuring the usage and behavior of our app. This data will be stored for fourteen (14) months from collection.

In addition, the Volvo service partner providing the service is subject to various retention and documentation obligations and may also be required by law to disclose personal data to authorities (GDPR Art. 6.1 (c)). This information can be found in the privacy policy of the service partner.

2.5 Volvo Valet

The Volvo Cars App makes it possible for you to book the Volvo Valet service. When you do this, the Volvo Cars App facilitates the transmission of your information to the relevant Volvo Cars retailer you select (as explained below).

If you use the Volvo Valet service, the following information is automatically collected and processed about you: commercial information such as your pickup & delivery service history – in order to know which services have been completed; identifiers such as driver's license and insurance details– if you use a loaner vehicle; vehicle information such as license plate and VIN number - needed to identify vehicle; pickup and/or drop-off address - needed to provide the service; pickup and/or drop-off notes inserted by you (if any); and your IP address. When we send push notifications with the status updates of the service, we use the following categories of data in order to keep track of notifications sent: unique device identifier; push notification token; push notification title and body; and IP address. This processing is based on performance of a contract to which you are a party (GDPR Art. 6.1 (b)).

If you leave feedback after performance of the service, we collect from you your name, the rating and comments given. The legal basis of the data processing is for the purposes of our legitimate interests (GDPR Art. 6.1 (f)) to continuously improve our services for the customer. Furthermore, it is the customer's decision whether to provide feedback.

The quality of our service is essential and, because liability issues may arise regarding alleged damages to the car, we keep photos of the vehicle, along with timestamps and location, in our interest to defend our (and our partners and drivers involved in the service) rights and interests. The legal basis of the data processing is for the purposes of our legitimate interest (GDPR Art. 6.1 (f)) that in case of damage we want to clarify as simply as possible whether the damage was caused by drivers during the performance of the service.

We will retain your data related to the service up to three (3) years from last time using the service, unless disputes arise – in that case we keep the necessary data for as long as needed to defend our rights. In addition, we will archive pseudonymized booking details in system logs for five (5) years for statistics reasons.

In addition, the Volvo service partner providing the service is subject to various retention and documentation obligations and may also be required by law to disclose personal data to authorities (GDPR Art. 6.1 (c)). This information can be found in the privacy policy of the service partner.

2.6 Public Car Charging

The Volvo Cars App is integrated with the services provided by Electrify America and ChargePoint in order to make it easy for drivers to charge their electric cars. When you use this service, we process the following additional data. We collect it in order to deliver the service to you. (GDPR Art. 6.1 (b)):

  1. Volvo ID;
  2. email address;
  3. payment method/reference id;
  4. RFID charging key EVCO-ID; and
  5. your location – this is in order to help you find a charging station near you.

If you contact our customer support with an issue related to car charging, we will also collect the following information about you in order to tend to your request (GDPR Art. 6.1 (b)):

  1. name, address, email;
  2. RFID-card number;
  3. issue type/description; and
  4. any other info that might be relevant depending on issue type, e.g. invoice number, etc.

2.7 When You Get In Touch With Us

When you use the contact option in the Volvo Cars App, we will collect from you and process your personal identifiers relevant for the channel you use (such as first and last name, phone number, E-mail address, VIN, unique device identifier, and push notification token) as well as any data you supply in connection with your enquiry. We do this under the legitimate interest to administer your request (GDPR Art. 6.1 (f)).

The data related to your requests will be retained for thirty-six (36) months from the receipt of your enquiry.

2.8 Marketing Communications and Surveys

Through the Volvo Cars App you can receive marketing communications related to the Volvo Cars products if you have consented to this. To do this, we collect from you and process your personal identifiers (such as first and last name, phone number, email address), your vehicle specification information (such as model, engine, VIN), and personal identifiers such as Volvo ID data, device ID, and subscription information.

You can opt-out of receiving emails at any time by clicking the “unsubscribe” button included in all marketing e-mails, or by contacting us at the contact information provided below. You can opt-out of receiving phone or SMS marketing communications by replying STOP to such SMS marketing communications.

If you withdraw your consent, as described above, the processing of your relevant data may be restricted due to use of a suppression list in order to make sure you don’t unintentionally receive marketing communication.

2.9 App Analytics

We measure how our app is being used in order to better understand user behavior and improve the usability and reliability of the app, as well as to gain insights into how the services are used and improve your experience of these services. We do this by using Google Analytics (in restricted processing mode), and we automatically collect and process personal identifiers including your device ID, device IP address (pseudonymized immediately after collection), Volvo ID and vehicle connection status. For more information on how Google Analytics collects and processes information, please visit: www.google.com/policies/privacy/partners. For information about how to opt out of having certain of your information used by Google Analytics, visit: https://tools.google.com/dlpage/gaoptout/.

For the purposes of GDPR, the legal basis for this data processing is our legitimate interest (GDPR Art. 6.1 (f)) to improve the usage and experience of our app and our services.

This data will be stored by us for fourteen (14) months from collection.

2.10 Research and Development

For research and development purposes and to better understand how to improve our products and services and which new ones to develop, we use a data-driven approach and leverage automatically collected vehicle information (such as VIN), product information (such as Volvo Cars App usage e.g. how often the Volvo Car App is used and when), customer personal identifiers (such as Volvo ID, email, phone number) and commercial information (such as sales data and the selling or servicing retailer) to inform the direction of the development of our products and services. The processing spans a wide range of analytics, modelling, and research performed by our analysts and data scientists.

Volvo Cars conducts analytics for trends and to model or improve its services, which does not involve building consumer profiles to use in providing services to another business.

The National Sales Company conducts analytics for trends and models as above and also uses customer personal identifiers (such as Volvo ID, email, phone number) and commercial information (such as sales data and the selling or servicing retailer) to model or improve its services and also to make determinations and inferences from your information for the purpose of marketing.

For the purpose of GDPR, the legal basis for this processing is our legitimate interest (GDPR Art. 6.1 (f)). Where possible, we restrict analyses to anonymized or pseudonymized data. The processing does not include any automated decisions concerning you.

We retain this data for ten (10) years.

2.11 Volvo Electric Miles

If you decide to participate in the Volvo Electric Miles program, we utilize information from the Volvo Cars App and information collected from the vehicle to administer the Electric Miles program. Information from the vehicle includes information about your charging activities (including start/end time of the charge, the general location of the charge within a defined radius, battery charge percentage data, miles driven under electric power, and number of watt hours charged), Open ID account data (name, login information), information about the vehicle when driving is completed (general location within a defined radius and time and battery charge percentage data), and odometer readings.

We use this information to award badges or determine challenge completion within the context of the Volvo Electric Miles. We also use this information to calculate your savings realized by charging your car instead of purchasing gas. To the extent GDPR applies, the legal basis for this is that it is necessary to provide the services related to the Electric Miles program (GDPR Art. 6.1 (b))

If you elect to participate in Volvo Electric Miles, you may elect to receive notifications regarding your progress (badges earned, new challenges, and rewards given) through the Volvo Cars App. You can opt out of these notifications at any time through the notification/permission settings on your mobile device or in the settings page for the Volvo Electric Miles program. Opting out of the App notifications will not stop any marketing or transactional communications you receive from Volvo. You may unsubscribe from those at any time by clicking the opt out link in the relevant communication.

You will be awarded points for various achievements such as the number of charges, frequency of charges, variety or number of charging locations visited, and electric mileage. The points are awarded only in connection with the achievements in the Volvo Electric Miles program and not in consideration for any personal information you share with us. You will be awarded points based on specific parameters and achievements which are detailed in the Volvo Electric Miles Terms and Conditions.

We collect the number and levels of badges that you have been awarded, challenges presented to you, and levels of challenges and rewards given and redeemed (see below) through the duration of the Electric Miles program. We use this to track your progress, suggest challenges and/or present you with a page where you will see how your charging activities compare to the overall community. We refer to this as a “leaderboard” though your personal information will not be visible to other Volvo Electric Miles participants. To the extent GDPR applies, the legal basis for this is that it is necessary to provide the services related to the Electric Miles program (GDPR Art. 6.1 (b)).

You can end your participation in Volvo Electric Miles by following prompts in the Volvo Cars App or the program settings page. We retain information related to Volvo Electric Miles during your participation in Volvo Electric Miles and will delete it from Volvo Electric Miles records 60 days after your participation ends.

You have the option of sharing any badges earned or challenges completed on social media. When you do so, the privacy policies of the respective social media site apply to your post and any information you decide to share on that site.

Information regarding your participation in Volvo Electric Miles is shared with our service provider to facilitate the provision of the Volvo Electric Miles program.

3. How Your Personal Data Is Shared

The processing as described above involves processing of your personal data with the following categories of third parties, on a need-to-know basis:

  • cloud connectivity servicing;
  • data hosting;
  • push notifications;
  • email distribution;
  • chat functionality and customer care handling;
  • selected Volvo Car retailers for digital service booking and Volvo Valet;
  • subscription invoice handling;
  • processing of payments submitted through the Volvo Cars App; and
  • facilitating the reporting of energy use as part of the California LCFS program (see below).

Our processors are limited by contract in their ability to use your personal data for any purpose other than to provide services for us in compliance with each data processing agreement in place. In some of these situations, the use of the processors involves limited transfers of personal data outside of the European Union (EU). We have taken precautions that such transfers are limited to the minimum necessary.

Sharing with other members of the Volvo Car Group

Data mentioned under section 2 above is collected via the Volvo Cars App on behalf of the National Sales Company, and may be shared as needed with other companies within the Volvo Car Group for the following purposes:

  • accessing retailer performance;
  • customer care;
  • research and development;
  • marketing segmentation; and
  • accessing subscription extensions and reactivations.

Sharing with other third-parties (separate controllers)

We process payments through third parties that collect payment data directly from you and do not share it with us, for example:

  • Stripe Inc. is a service provider that facilitates our payment processing, billing, invoicing, and subscription administration. You can view their privacy policy at https://stripe.com/en-se/privacy.

The Volvo Cars App uses Google Maps to show you and your car’s location to be able to utilize the “send destination to car” function, to suggest the closest route to a destination and to show the car location. You can view their privacy policy at https://policies.google.com/privacy.

General sharing

In addition to the sharing outlined above, we may share the personal data collected from the Volvo Cars App in the following circumstances:

  1. As a result of a change in our corporate structure: in the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any part of our business, assets, or stock, we would share any personal data collected about you with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We would also share personal data with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.
  2. To prevent harm: we will share personal data if we believe it is necessary to detect, investigate, prevent, or act against illegal activities, fraud, or situation(s) involving potential threats to the rights, property, or personal safety of any person.
  3. For legal purposes: we will share personal data where we are legally required to do so such as in response to court orders, law enforcement, or legal process, including for national security purposes; to establish, protect, or exercise our legal rights, as required to enforce our terms of service or other contracts; to defend against legal claims or demands; or to comply with the requirements of any applicable law.
  4. With your consent: apart from the reasons identified above, we may ask for your permission to share your personal data for a specific purpose. We will contact you and ask for your consent before you give us your personal data or before the personal information you already provided is shared for such purpose.

Sharing in the preceding 12 months

In the preceding 12 months, we have shared, for a business purpose:

  1. At your request, your personal identifiers and commercial information with the Volvo Cars authorized retailer to provide you with the requested service.
  2. At your request, your personal identifiers and commercial information with your guest to facilitate car sharing.
  3. Your personal identifiers, payment information, vehicle information, internet and other electronic network activity information, and commercial information with our service providers to provide the Volvo Cars App and services offered thereon including data hosting, push notifications, chat functionality and customer care handling, digital service booking and Volvo Valet, and invoice handling and to facilitate payment.
  4. Your personal identifiers, device information and internet and other electronic network activity information with a provider to measure how our app is being used in order to better understand user behavior and improve the usability and reliability of the app, as well as to gain insights into how the services are used and improve your experience of these services.
  5. Your personal identifiers and commercial information with a service provider to facilitate Volvo Car USA’s sharing of energy use information with the California Air Resources Board (CARB) in connection with Volvo Car USA’s participation in the low carbon fuel standard (LCFS) program and to be eligible to receive LCFS credits. Specifically, we share vehicle information being your Vehicle Identification Number and electric vehicle charging data and the geolocation of vehicles at charging stations with this service provider to register participating vehicles. The service provider facilitates the sharing of this information between Volvo Car and CARB. When shared, VINs are not tied to geolocation data. Rather, geolocation data is tied to a pseudonymized identifier. VINs are only used to differentiate among vehicles to prevent double counting and fraud. CARB assigns an alternative identifier to each registered VIN and associates the charging data to it.
  6. Your personal identifiers, commercial information, vehicle information and internet and other electronic network activity information with service providers for research and development purposes to better understand how to improve our products and services and which new ones to develop.

Sale of personal data

The disclosure of information to Google maps may constitute a sale under CCPA. You can opt out of this sharing of information by disabling the location settings on your mobile device.

4. Your Rights In Relation To The Processing Of Personal Data

4.1 Your Rights Under GDPR

As a data subject, you have specific legal rights granted by the GDPR relating to the personal data we process about you. These are briefly explained below, and you can exercise them by filling out the dedicated form indicated below.

  1. Right to withdraw consent: Where you have given consent for the processing of your personal data, you may withdraw your consent at any moment with effect for the future.
  2. Right to access your personal data: You may request information regarding personal data that we hold about you. We will provide you with a copy of your personal data upon request. If you request further copies of your personal data, then we can charge you with a reasonable fee that we base on the administrative costs related to your request. You have the right to the information about our safeguards for the transfer of your personal data to a country that is outside the EU and the European Economic Area (EEA) if you request that we confirm whether or not we process your personal data, and we transfer your personal data to a country that is outside the EU and the EEA.
  3. Right to rectification: You may obtain from us rectification of incorrect or incomplete personal data concerning you. We make reasonable efforts to keep personal data in our possession or control which are used on an ongoing basis, accurate, complete, current, and relevant, based on the most recent information available to us.
  4. Right to restriction: You may obtain from us restriction of processing of your personal data, if:
    1. you contest the accuracy of your personal data, for the period we need to verify the accuracy;
    2. the processing is unlawful, and you request the restriction of processing rather than erasure of your personal data;
    3. the processing is unlawful, and you request the restriction of processing rather than erasure of your personal data;
    4. we no longer need your personal data for the processing purpose, but you require it for the establishment, exercise, or defense of legal claims; or
    5. you object to the processing while we verify whether our legitimate grounds override yours.
  5. Right to portability: You have the right to receive your personal data that you have provided to us, and, where technically feasible, request that we transmit your personal data (that you have provided to us) to another organization, if:
    1. we process your personal data by automated means;
    2. we base the processing of your personal data on your consent, or our processing of your personal data is necessary for the execution or performance of a contract to which you are a party;
    3. your personal data is provided to us by you; or
    4. your right to portability does not adversely affect the rights and the freedoms of other persons.

    You have the right to receive your personal data in a structured, commonly used and machine-readable format. Your right to receive your personal data must not adversely affect the rights and the freedoms of other persons. Your right to have your personal data transmitted from us to another organization is a right you have if such transmission is technically feasible.

  6. Right to erasure: You have the right to request that we delete the personal data we process about you. We must comply with this request if we process your personal data, unless processing is necessary:
    1. for exercising the right of freedom of expression and information;
    2. for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject;
    3. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes; or
    4. for the establishment, exercise, or defense of legal claims.
  7. Right to object: You may object at any time to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on our legitimate interests or those of a third party. In this event we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds and an overriding interest for the processing or for the establishment, exercise, or defense of legal claims. If you object to the processing, please specify whether you also wish the erasure of your personal data, otherwise we will only restrict it.

    You also have the right to object at any time, regardless of any reason, to the processing of your personal data for direct marketing (which includes profiling to the extent that it is related to such direct marketing), if such processing was based on our legitimate interest. If the marketing was based on your consent, you can withdraw consent (see above).

  8. Right to lodge a complaint: You can lodge a complaint to your local data protection supervisory authority or with any other data protection authority in the EU. However, we would appreciate if you first contact us to try and solve your problem. You can find our contact details below.

You can exercise your rights in relation to us by filling out this form, which will help us to deal with your request properly. The online form contains the information that we need to verify your identity and review your request. For requests submitted by telephone or email, you will need to provide us with sufficient information that allows us to reasonably verify that you are the person whose personal data we collected and describe your request in sufficient detail to allow us to properly evaluate and respond to it. If we are not able to verify your identity for access and deletion requests with the information provided, we may ask you for additional pieces of information.

4.2 Your Rights Under California Law

Under California law, consumers residing in California have certain rights with respect to the personal data about them that we collect and sell. These rights include:

  1. Right to access: You have the right to request what personal data we have collected, used, shared for a business purpose, and sold about you within the preceding 12 months. Once we receive your request and confirm your identity, we will disclose to you the information we have collected about you.
  2. Right to deletion: You have the right to request the deletion of your personal data that we collect about you, subject to certain exceptions. Once we receive your request and confirm your identity, we will delete (and direct our service providers to delete) your personal data from our records, unless an exception applies under applicable law.
  3. Right to opt-out: You have the right to opt-out of the sale of personal data by us to third parties for monetary or other valuable consideration. Each of the individual Service Privacy Policies sets out whether or not we sell personal data as such action is defined under California law in connection with such service. In the event we do sell your personal data, you may opt-out. Across all of our digital properties, our collection and sharing of personal data through the use of certain cookies may be deemed a sale under the CCPA. To exercise your right to opt-out of the sharing of your personal data to advertising partners through cookies, please use our OneTrust Cookie Manager.
  4. Right of non-discrimination: You have the right to not receive discriminatory treatment if and when you exercise your rights to access, delete, or opt-out. For example, this means we cannot deny you goods or services to you or change different prices or rates for goods and services, including through the use of discounts or other benefits or imposing penalties, due to you having exercised your rights.

To exercise your right to access, correct, or delete your personal data, you may submit a request through our online form here, via e-mail at vcuscare@volvocars.com, or by calling us at 1(800) 550-5658. You may only make a request for access twice within a 12-month period. To exercise your right to opt-out of the sharing of your personal data to advertising partners, which may be a sale under the CCPA, please use our OneTrust Cookie Manager.

If you are a resident of California, an authorized agent may make a verifiable consumer rights request related to your personal data. If you are an authorized agent making a request on behalf of a consumer, you must provide us with signed permission by the consumer that you are authorized to act on behalf of that consumer. If you are a legal entity, you must also provide us with documentation of your registration with the California Secretary of State. To submit such a request, please contact us via e-mail at vcuscare@volvocars.com.

The online form for access, correction, and deletion requests contains the information that we need to verify your identity and review your request. For requests submitted via telephone or e-mail, you must provide us with sufficient information that allows us to reasonably verify you are the person about whom we collected the personal data and describe your request with sufficient detail to allow us to properly evaluate and respond to it. If we are not able to verify your identity for access and deletion requests with the information provided, we may ask you for additional pieces of information. We aim to respond to your request for access, correction, or deletion within the time required by applicable law. If we need more time to respond to your request, we will let you know of the reason and the extension period in writing.

4.3 Your Rights Under Nevada Law

We do not sell personal data collected through our website for monetary consideration. Under Nevada law, you may opt-out of future sales of your personal data collected through our website for monetary consideration. If you want to opt-out of any potential future sales, please e-mail us at: vcuscare@volvocars.com with “Opt-Out of Future Sale of Personal Data” in the subject line and body of your message.

5. Children’s Privacy

Our products and services are not intended to be used by children. We do not knowingly solicit or collect any personal data about children under the age of sixteen (16) nor knowingly allow children to order our products, communicate with us, or use any of our online services or mobile applications. If a child has provided us with personal data, a parent or guardian of that child may contact us to have that data deleted from our records. If you believe that we might have any data from a child under the age of sixteen (16), please tell us using the Contact Information listed below. We will take all reasonable steps to delete the child’s data as soon as possible except where necessary to protect the safety of the child or others as required by law. We do not have actual knowledge that we sell personal data of minors under the age of sixteen (16) years.

6. Information Security

To protect your personal data from loss, theft, and unauthorized access, use, or disclosure, we have implemented technical, administrative, and physical security measures including, for certain data, 256-bit encryption, access controls, and secure development processes. Unfortunately, no method of transmission over the Internet or method of electronic storage is 100% secure or impenetrable.

7. Contact Information

In order to exercise your rights, please see section 5 above. If you have any other questions regarding the subject matter of personal data protection, you can contact us as indicated below.

Volvo Car Corporation

Post address: : Assar Gabrielssons väg, SE-405 31, Gothenburg, Sweden

E-mail address: globdpo@volvocars.com

8. How We Make Changes to Our Privacy Notice

We reserve the right, at our discretion, to modify our privacy practices and update and make changes to this privacy notice at any time. Whenever we make substantial changes to this notice, and in particular when this notice underlies your consent, we will inform you of the changes.

This privacy notice is current as of the date which appears at the top of the document.