Volvo Auto India Private Limited
Customer Privacy Policy
- Introduction
- Volvo Auto India Private Limited (hereinafter referred to as “Volvo India” or “we” or “us”) having our registered office at 405-B, 1st Floor, Tower A, DLF Cyber Park, Sector-20, Udyog Vihar, Phase-III, Gurgaon- 122016, appreciate the trust that customers place in us and consider data privacy to be an essential part of the services we offer. The processing of personal data forms an important part of the products and services we offer.
- In order to safeguard personal data whiale increasing customer value and offering enhanced and safer driving experiences, Volvo India has created this Privacy Policy in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information), Rules, 2011 (“SPDI Rules”). Volvo India will deal with personal and/or sensitive personal data in accordance with this Privacy Policy (“Policy”). The purpose of the Policy is to provide a general understanding of:
- The circumstances under which we collect and process personal data and/or sensitive personal data
- The types of personal data and/or sensitive personal data we collect
- The purpose for collecting such personal data and/or sensitive personal data
- How we use/handle personal data and/or sensitive personal data.
- Definitions
The following terms, used throughout this Policy, have the meanings set out in the SPDI Rules:
- Personal Data/ Personal Information: any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with Volvo India, is capable of identifying such person such as name, email address, contact number, address etc.
- Sensitive Personal Data: Such personal information which consists of information relating to:
- password
- financial information such as bank account, credit card or debit card or other payment instrument details
- physical, physiological and mental health condition
- sexual orientation
- medical records and history
- biometric information
- any detail relating to the above clauses as provided to Volvo India for providing service
- any of the information received under above clauses by Volvo India for processing, stored or processed under lawful contract or otherwise.
Any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as Sensitive Personal Data for the purposes of this Policy.
- Types of Data Collected
- We shall obtain consent prior to collecting or using personal data and/or sensitive data.
- We collect personal data and/or sensitive personal data during the sales and after-sales process as well as for utilizing Volvo India’s services in or outside a vehicle or in other contact with Volvo India, for example through our website/application, our social media channels or customer centres. We may also obtain such data from our authorized dealers and repairers other third parties.
- We collect the following types of data, including personal data, from the Customer, including but not limited to:
- Contact information (name, address, telephone number, email address, etc.);
- Demographic information (age, gender marital status, household composition, etc.);
- Financial information such as credit card details (in case of online booking of cars);
- Vehicle information (vehicle identification number (VIN), model, date of purchase, service history, etc.);
- Data generated by activities (navigation assistance, browsing history, search queries, IP address, location data, contents of communication etc.); and
- Data pertaining to purchase and use of our products and services (customer preferences and settings, payment type, purchase history, service history, service request details, Volvo ID, dealer visited and visit date etc.).
- The vehicle will also automatically collect data relating to the vehicle and its surroundings, primarily of a technical nature and not directly related to a person. Such data (“Vehicle-recorded data”) is typically connected to the vehicle identification number (“VIN”) of the vehicle and may therefore be traceable to the customer. Vehicle-recorded data may include:
- Safety information (whether airbags or belt tensioners have been triggered, whether the doors and windows are locked or open, etc.);
- System functionality status (of the engine, throttle, steering, and brakes, etc.);
- Driving data (vehicle speed, brake and accelerator pedal use, steering wheel movement, etc.);
- Location data (the position of the vehicle in case of an accident, etc.); and
- Surroundings data (temperature outside the vehicle, images, etc.).
- Information about certain Vehicle-recorded data is also included in the owner’s manual.
- Purpose of Collection and Usage of Data
- Personal/ Sensitive Personal Data is collected for lawful purposes which are connected to, and necessary for, Volvo India’s business activities.
- Generally, Customer’s Personal /Sensitive Personal Data shall be used for purposes such as administration and facilitation of Volvo India’s relationship with customers, employees, suppliers etc., for internal operational purposes, for marketing surveys and customer research and feedback, warranty services, to update with information about Volvo India and the products and services, to provide information about special offers from time to time, and to satisfy legal and regulatory obligations.
- The Personal /Sensitive Personal Data collected pertaining to the staff/employees shall be used for human resource management, technology support/updates, management planning, administration and management of the internal processes, services and operations, to enable it to perform Volvo India’s proper functions and to satisfy legal and regulatory obligations.
- The Personal Information/Sensitive Personal Data may be collected either directly by Volvo India or through an affiliate or third party such as Volvo authorised Dealerships. In all cases, the Personal/ Sensitive Personal Data shall be retained and processed as per the applicable law.
- Disclosures to third parties
- We will take consent before disclosing personal data and/or sensitive personal data to third parties. Volvo India may share personal data with the following:
- Between Volvo entities/affiliates/group companies;
- With our authorized dealers and repairers, for the purpose of distributing product and service offers and other communications;
- With suppliers providing services to us in accordance with data processing agreements (as required by law);
- With other business partners for the purpose of distributing product and service offers and other communications or for research and development purposes;
- In connection with the sale or transfer of a Volvo India’s entity or its assets;
- A Third-party management platform ; and
- A Call Centre[S&A1] , in order to manage customer complaints and queries.
- Notwithstanding the above, we may share personal data without consent where:
- Such disclosure is necessary for compliance of a legal obligation/by an order under law; or
- Upon a request from a Government agency for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.
- Transfer of Personal Data
- Personal data and/or sensitive personal data may be transferred to third parties, including:
-
- Any personal data and/or sensitive personal data already collected in the past will be transferred to and hosted on cloud based customer relationship management system to be used in accordance with the purposes as set out in this Privacy Policy. In the future, any personal data and/or sensitive personal data collected, after the implementation of the cloud based platform will be automatically synced with the platform, to be used in accordance with the purposes as set out in this Privacy Policy. The underlying database, containing all personal data and/or sensitive personal data that will be synced with the platform, is hosted on servers outside India. Volvo affiliates will have access to the data on the platform.
- Between Volvo entities/affiliates/group companies.
- To suppliers providing services to Volvo India internally.
- In most cases, we will secure consent before transferring personal data to any of these entities. We may transfer personal data to any of these entities without consent, if it is necessary for the performance of a lawful contract. In doing so, we will ensure that any such entity to whom the data is transferred ensures the level of data protection required under the SPDI Rules.
- Volvo India authorized Dealers, Representatives, Repairers and Third Party Applications
- Volvo India emphases on strict rules regarding data protection compliance in its contracts with authorized dealers, representatives and repairers. Please note, however, that Volvo India and its authorized dealers, representatives and repairers are separate legal entities and that we are generally not responsible if such entities do not follow applicable laws.
- If there are any questions regarding a dealer’s or repairer’s use of personal data, please contact the dealer or repairer directly.
- Applications and other services connected to a vehicle but provided by a third party, which, for example, may require transfer of location data and other Vehicle-recorded data to the third party can be accessed. Volvo India is not responsible for the collection or use of personal data and/or sensitive personal data in third party applications or services, and recommends a careful review of the applicable terms and conditions of (and any privacy statement related to) such applications or services prior to use.
- If there are any questions concerning a certain third party’s use of personal data, please contact the dealer/third party directly.
- Retention of Personal/ Sensitive Personal Data
We will only retain personal/ sensitive personal data for as long as it is necessary to fulfil the purposes outlined in this Policy or the purposes which have otherwise been communicated.
- Security Practices and Procedures
Volvo Cars strives to implement appropriate technical and organizational measures in order to protect personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect personal data are appropriate for the risks presented by the nature and use of personal data.
- Marketing
- We will not sell or trade personal data with third parties unless we have consent to do so.
- We will not share personal data and/or sensitive personal data with third parties for their marketing purposes, unless we have received consent for such disclosures. If after providing such consent, the customer wishes to stop receiving marketing materials from a third party, they may contact that third party directly.
- As indicated above, we may provide information regarding new products, services, events or similar marketing activities. If the customer wishes to unsubscribe to a particular e-mail newsletter, stop receiving calls, SMS or similar communication, they can follow the instructions in the relevant communication. The MyVolvo account may also be used to opt out of specific types of communication from Volvo India and to change previously submitted preferences.
- Changes
Volvo Cars reserves the right to amend this policy from time to time. The date of the last modification is stated at the end of this document. If we make any changes to this policy and to the way in which we use personal data, we will provide an updated version of this policy.
- Contact Us
In case of any discrepancies or grievance with respect to processing of personal data, please contact our Grievance Officer, Ms. Payal Khanna at payal.khanna@volvocars.com.