Mobile Applications | Volvo Construction Equipment Global

Privacy Policy Mobile applications

This notice provides information on the Volvo Group’s processing of personal data in relation to mobile applications and services (“Privacy Notice”). The scope of this privacy notice is to the following applications collectively referred to as “the Application”:

Connected Loadout
Site Map
Connected Pave

For the purpose of this notice, the “Volvo Group” means AB Volvo (publ.) and entities directly or indirectly controlled by AB Volvo, including but not limited to entities belonging to any of the Volvo Group’s principal Business Areas and Truck Division (as may exist from time to time) such as Volvo Trucks, Volvo Buses, Volvo Construction Equipment, Renault Trucks, Arquus, Volvo Penta, Mack Trucks, UD Trucks, Volvo Financial Services, Volvo Group Connected Solutions, Volvo Technology, Volvo Group Purchasing, Volvo Group Real Estate, Volvo Treasury, Volvo Information Technology, Volvo Group Trucks Operations and Volvo Autonomous Solutions.

This Privacy Notice applies only when Volvo Group is collecting or otherwise processing personal data for Volvo Group’s purposes (i.e., when Volvo Group (either alone or in common with other entities) is a controller and therefore determines the purposes for which and the manner in which any personal data is processed).

This Privacy Notice does not apply when Volvo Group is collecting or otherwise processing personal data on behalf of another company, such as Volvo Group’s independent dealers, importers, suppliers, and customers.

For the sake of clarity, please note that this Privacy Notice only covers the Volvo Group’s processing of personal data in relation to the applications mentioned above. We will explain more about the categories of data we process in section “What categories of personal data may Volvo process, on which legal ground(s) and for what purposes?” below.

The processing of any other personal data that are provided by you, or on your behalf, in connection with the purchase, rental or leasing of products, solutions and services from the Volvo Group or its third party dealers/distributors are covered by the Customer Representative Privacy Notice, please see here: Customer Representative Privacy Notice.

Further, in addition to this Privacy Notice, some Volvo Group systems, applications, and processes as well as applicable Volvo Group research and development projects may have their own privacy notices, which provide additional details about what specific personal data is collected and how it is stored, used, and transferred.

Identity and contact details of the controller and the Volvo Group Privacy Officer

The Volvo Group company that has sold and/or delivered the Application is the controller or processor of the personal data that Volvo obtains from you and the other sources described below. “Controller” means that it is Volvo that decides on the purpose and means for the processing of your personal data. Volvo is responsible for the processing of your personal data under applicable data privacy laws and regulations. If you have questions regarding the processing of your personal data, please contact the Volvo Group Privacy Officer at gpo.office@volvo.com or by post or phone at:

AB Volvo,

Att: Group Privacy Office,

Dept AA14100,

VGHQ SE-405 08 Göteborg,

Sweden

+46 (0)31 66 00 00

What categories of personal data may Volvo process, on which legal ground(s) and for what purposes?

Volvo process various types of data either generated in or by a Volvo Vehicle or submitted by a user through the Application. When this data, either alone or in combination with other data, can be linked to an individual, this becomes personal data.

For the purposes of this Privacy Notice, the term "process” or “processing” means any use of personal data, including but not limited to the collection, recording, organization, storing, adaptation, alteration, transferring, making available, blocking, deletion or destruction of personal data.

Legal ground

Volvo may process your personal data based on any one or more of the following legal grounds, see also further details below.

Contractual obligation. Volvo may process your data if such processing is necessary to fulfil a contractual obligation towards you (such as warranties and service agreements).
Legal obligation. Volvo may process your personal data if such processing is necessary to comply with a legal obligation, e.g. to comply with court orders and legal reporting requirements.
Legitimate interests. Volvo may process your personal data if such processing is necessary for the purposes of a legitimate interest pursued by Volvo or a third party. It is generally considered to be in Volvo’s legitimate interest to manage its daily operations, including to enhance and further develop its products, solutions and services offering and to secure the overall management of sold products, solutions and services. Where it is stated herein that Volvo relies on its legitimate interests for a given processing purpose, Volvo is of the opinion that its legitimate interests are not overridden by your interests, rights or freedoms given (i) the transparency Volvo provides on the processing activity, (ii) Volvo’s privacy by design approach, (iii) Volvo’s regular privacy review and (iv) the rights you have in relation to the processing activity. If you wish to obtain further information on this balancing test approach, please contact the Volvo Group Privacy Officer via the contact details set out above.
Vital interests. Volvo may process your personal data to protect the vital interest of you and others, if Volvo has valid reasons to believe that such processing of your personal data may prevent or reduce any significant potential harm to you or others.
Consent. In exceptional cases or if no other legal ground can be applied, Volvo may ask for your explicit consent to process certain personal data. Such consent is your choice and is entirely voluntary. Volvo may process the following categories of data which, in itself or in combination with other data, may constitute personal data, and for the general purposes stated in Table 1 below.

Please note that the below list is a list of examples only and not intended as an exhaustive list, and that Volvo will not necessarily process all the data listed below about you. Some of the purposes for processing will overlap and there may be several purposes which justify our use of your personal data.

Categories,Purpose and Legal Ground for Processing

Categories of Personal Data	Purposes of Processing	Legal Ground for Processing
Location Data The application accesses the user’s location when the application is running on the device and the user has given permission to the application to access location data. The location data is not collected or shared but for when the application is within certain defined areas or a certain state of a work cycle. Such a state is when delivering material from one geographical zone to another. For more information please review the section ‘How will Volvo share your personal data?’ on how we share location data. Outside of these areas and state, the location is only used temporarily by the application to provide in-app functionality and is not stored. We do not access the users’ locations if the application has been shut down. The user can at any time turn off the location updates on the device by denying or revoking the application permissions in the device settings.	The location is used to visualize the user´s location locally on the device on an on-screen map, provide route guidance and determine if the user is within the boundary of a predefined geographical area or if the user is in a certain state of a work cycle (see section ‘How will Volvo share your personal data?’). This includes updating the location when the application is in the background. The application is using the user’s background location updates to provide seamless functionality by determine if the user is in a certain defined geographical area and/or in a certain state and provide visibility and full system functionality without additional user interaction. As the application is used in vehicles, this will allow the user to focus on driving safely. A notification is indicating to the user if the application is currently using the location in the background.	Contractual Obligation
Last know location on-site The application stores the last position of the vehicle within the defined area of the construction site. The application does not store positions outside the defined area and the search function will therefore only display current or last known position on the construction site.	To allow users to use a search function to find vehicles on the construction site.	Contractual Obligation
Basic profiles and vehicle configuration The application will collect basic profiles and vehicle configuration such as Alias, telephone number, Vehicle ID, and Vehicle descriptions that the user chooses to share. The application will also generate a universally unique identifier (UUID) for each new installation. The application collects the device UUID in association with the vehicle configuration information. No account/log in detail is necessary to use the application so the fields do not require valid personal information.	The user data is used for icon identification on a map for visibility purposes and as reference in the functionality the application provide such as past vehicle locations on-site, order and receipt information. The device UUID is used to identify and connect vehicle configurations created on the same device.	Contractual Obligation
Technical information, usage analytics and log files We use a third-party service for analytics and quality assurance. The application collects technical information such as device model, OS version, country, language, and network details in crash reports log files. Also, the application collects data on usage such as number of sessions the application has been used. The application collects usage data for aggregated information on active usage trends, version adoption and OS distributions. As well as crash reports logs for quality and support errands to continuously improve our service.	Solving quality issues Service improvement	Legitimate interest

From where will Volvo obtain your personal data?

Volvo generally obtain your personal data;

interactively over the wireless network in connection with the use of Volvo Vehicles (e.g. via the telematics gateway);
or from you if you have manually entered personal data in connection with your use of the Application.

What happens if you do not provide Volvo with any personal data?

If and when you use the Application, Volvo will automatically obtain some data as noted above relating to your use of the Application. The processing of data is necessary if you want to use all features and functionalities of the Application.

How will Volvo share your personal data? **

The application is using a closed group concept for sharing data between other group members. Each group is set up by a site owner and requires an invite code generated from that group to join. The personal data collected is connected and only shared to the closed groups that the user has chosen to join.

For Connected Load Out and Site Map the core functionality of the application is tied to the “on-site” case where the application is using geofencing to limit the on-site functionality. Thereby, the application only shares the user´s location data to other members if the user is currently within the defined geofence of the closed group. This limits the position sharing functionality to the workplace to respect our user’s privacy.

For Connected Pave the core functionality is tied to work cycles and what state of the work cycle that is currently active. What state that shall be active is decided by if the user is within a defined geographical area, a site, and how the user travels in and out of the areas. To respect the user’s privacy, position data is only shared when the user is within a site or within a certain state of a work cycle. Such a state is when delivering material from one zone to another.

To activate the state that indicates an ongoing delivery of material the user needs to join the paving process in the Connected Pave application. Then the user needs to be assigned an active ticket/weighing bill. The state of delivering material is active until the user reaches the geographical area defined as the paver site. During delivery the screen indicates the current state and the user can at any time choose to leave the process and stop sharing position.

For all applications it applies that location data is only shared to other members if the users allow it. All users can disable the position sharing by toggling the in-app option or by revoking the application location settings on the device at any time.

When the user is outside of the predefined geographical areas and/or outside certain states of the work cycle the application is not sending its location to the cloud service and only updates its location locally in the device to further protect our user’s privacy.

Personal data is used to provide the services within the application and shared between the members of the closed groups that the user is active within. Other group members can see Alias, vehicle ID, vehicle type and current or last location on-site using the map and search functionality. The device UUID is generated and stored for each new installation of the app and is not shared to other members.

In addition, your personal data may be shared with other Volvo Group companies and with certain categories of third parties (as further detailed below), which may involve transferring your personal data to other countries.

Sharing of personal data within the Volvo Group

The Volvo Group is a global organization with offices and operations throughout the world, and your personal data may be transferred or be accessible internationally throughout the Volvo Group’s global business and between its various entities and affiliates. Any transfers of your personal data to other Volvo Group companies (including transfers from within the EU/EEA to outside the EU/EEA) will be governed by an intercompany agreement based on EU approved Standard Contractual Clauses or such other mechanisms as have been recognized or approved by the relevant authorities from time to time. Such agreement reflects the standards contained in European data privacy laws (including the EU General Data Protection Regulation). Having this agreement in place means that all Volvo Group entities have to comply with the same internal rules. It also means that your rights stay the same no matter where your data are processed by Volvo Group.

Sharing of personal data with third parties outside of the Volvo Group

Volvo does not sell your personal data to any third parties. However, in addition to the sharing of personal data between Volvo Group companies as set out above, Volvo may also share your personal data with certain categories of third parties, including:

Business partners, such as:

Volvo’s authorized dealers and service centers for the purpose of ensuring service and repair of Volvo Vehicles and for purposes connected with our finance and insurance offerings;
Volvo’s suppliers and service providers who support Volvo in the delivery of products, solutions and services, including IT suppliers and service providers;
Volvo’s business and co-operation partners for purposes such as business intelligence and analytics purposes (however, in most cases the data is only shared on an anonymized and aggregated basis); and
Third parties with whom we transact or collaborate to provide products, solutions or services and other third parties with whom we seek to innovate, develop and deliver new or improved products, solutions and services to our customers or new or improved internal processes and operations, all of which ultimately enhance how we can support our customers.

Professional advisors, such as insurers, lawyers and other professional advisors in connection with insurance claims, audits and the receipt of advisory services.
Counterparties and their advisors, in connection with merger and acquisition projects.
Emergency service providers, such as the police, fire brigade, ambulance and roadside assistance to protect the vital interest of you and others such as in connection with emergency assistance.
Law enforcement, regulatory authorities and other public and judicial bodies in connection with legal obligations such as court orders or legal reporting requirements or if considered necessary in exceptional cases to protect the vital interest of you or others.

Any third party service providers and professional advisors to whom your personal data are disclosed, are expected and required to protect the confidentiality and security of your personal data and may only use your personal data in compliance with applicable data privacy laws and regulations.

Further, in the event that any Volvo Group company that is located within the EU/EEA transfers personal data to external third parties that are located outside of the EU/EEA the relevant Volvo Group company will satisfy itself that there are appropriate safeguards in place which provide adequate levels of protection of your personal data as required by applicable data privacy laws (including the EU General Data Protection Regulation). For example, this may include the use of EU approved Standard Contractual Clauses or such other mechanism as have been recognized or approved by the relevant authorities from time to time.

If you have questions about how Volvo will share your personal data, please contact the Volvo Group Privacy Officer via the contact details set out above.

How does Volvo safeguard personal data?

Volvo utilizes appropriate and reasonable legal, technical and organizational security measures, including information technology security and physical security measures, to adequately protect personal data.

These measures are appropriate to the risks posed by the processing of personal data and to the sensitivity of the personal data and take into account the requirements of applicable local law. In addition, the measures are continuously improved in line with the development of available security products and services.

Volvo requires all persons to abide by applicable security policies related to personal data when using Volvo systems.

For how long will Volvo process your personal data?

Volvo will not process your personal data longer than necessary given the purpose of the processing, unless otherwise required or permitted by law.

Your data protection rights

You may be entitled, where provided for under applicable data privacy laws and regulations, to:

Request access to the personal data Volvo process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of the specific pieces and categories of personal data.

Request a rectification of your personal data: this right entitles you to have your personal data corrected if it is inaccurate or incomplete.

Object to the processing of your personal data: this right entitles you to request that Volvo no longer processes your personal data.

Request the erasure or deletion of your personal data: this right entitles you to request the erasure or deletion of your personal data, including where such personal data would no longer be necessary to achieve the purposes.

Request the restriction of the processing of your personal data: this right entitles you to request that Volvo processes your personal data only in limited circumstances, including with your consent.

Request portability of your personal data: this right entitles you to receive a copy (in a portable and, if technically feasible, readily usable format) of your personal data, or request Volvo to transmit such personal data to another data controller.

In the event that our processing of your personal data or part thereof is based on your consent, to withdraw at any time your consent, in which case Volvo will cease any further processing activities of your personal data or the relevant part thereof (however such withdrawal will not affect the legality of the data processing activities prior to the withdrawal).

Please note that Volvo may not always be obliged to comply with a request of deletion, restriction, objection or data portability. Assessment may be made on a case by case basis of Volvo’s legal obligations and the exception to such rights.

Please further note that restrictions or objections on processing certain data may have negative consequences for your use of Volvo Vehicles. If certain data is disabled you may not be able to use all the features and functionality of the Volvo Vehicle and Volvo may not be able to notify you about issues with the vehicle in real time. This may cause reduced functionality of the vehicle and could result in the damage or inoperability of the vehicle.

You also have the right to lodge any complaints you may have regarding Volvo’s processing of your personal data to a supervisory authority. For more information about these rights and how to exercise them, please contact the Volvo Group Privacy Officer via the contact details set out above.

What happens if this Privacy Notice changes?

Volvo encourages the periodic review of this Privacy Notice to stay aware of any changes to it.

We reserve the right to amend this Privacy Notice as needed. When we do, we will note near the top of this Privacy Notice the date that any such changes are made and/or when they become effective.