Article Version 2026.162.0
Test Vehicle Privacy Notice
When Volvo Cars conducts testing activities, collects data for product and service development, or performs vehicle function verification with Volvo Cars test vehicles (“Test Vehicles”) we may collect personal data relating to other individuals on test tracks or public roads. Since the Test Vehicles are used for a range of purposes, the personal data that may be processed will differ, as will be explained below.
We know that protecting your personal data is an important responsibility, and we take it seriously. That’s why we’re committed to handling your data with care, keeping it secure, and being transparent about how we use it.
Country-specific deviations may apply, you can find these at the end of this notice.
We refer to the different individuals we interact with as “you” or "your”. Our use of your personal data is called processing.
In this notice you will find information about:
1. Who we are
2. Legal basis for collection and use of personal data
3. Types of personal data we collect and use
4. Why we collect and use your personal data and how long we keep it
5. Sharing of your personal data
7. Your rights
1. Who we are
The entity responsible for the processing of personal data described in this notice is Volvo Car Corporation, having its registered office at Assar Gabrielssons Väg, SE-405 31, Gothenburg, Sweden, company registration number 556074-3089. We refer to Volvo Car Corporation and its group companies as("we", “Volvo Cars”, “our” and “us”). We are a global company and provide products and services worldwide.
In respect of the data collected from Data Collection Vehicles, Volvo Cars and Zenseact AB, having its registered office at Lindholmspiren 2, 417 56 Göteborg, Sweden, company registration number 559228-9358, (“Zenseact”), are joint controllers. The joint controllers have agreed that the information is provided to you by Volvo Cars, this means that Volvo Cars is the main contact to exercise any of your rights (see Section 8 below).
2. Legal basis for collection and use of personal data
All processing of personal data needs to be justified. This is referred to as having a "legal basis”. The legal bases we rely on when processing personal data are described below. The legal basis differs depending on what purpose we use your personal data for.
-Necessary for the performance of a contract: This is used when the processing of your personal data is necessary to enter into and perform our obligations under a contract with you.
-Necessary to fulfil our, or a third party’s, legitimate interest: This is used when the processing of your personal data is necessary for us to pursue a business interest which is not overridden by your interest of not having personal data processed.
-Consent given by you: This is used when you provide us with your consent to process your personal data for specific reasons.
-Necessary to fulfil a legal obligation: This is used when we are required by law to process your personal data.
3. Types of personal data we collect and use
Volvo Cars use test vehicles for the purpose of research, development, and certification of cars and their functions, including the assisted, connected, partly automated and autonomous driving functions, but also for different tests and function verification. The Test Vehicles that record data from various sensors, including video recording of the environment are appropriately marked.
The different Test Vehicles are used for different purposes, which entail different types of personal data processing. The different types of Test Vehicles are as follows:
- AD-HMI Vehicles
- Certification Vehicles
- Function Verification Vehicles
Volvo Cars will not process any of the personal data mentioned below, for any other purposes, than the purposes explicitly described in this privacy notice. We have implemented relevant measures to e.g. limit the access to the personal data and remove non-relevant material.
To accomplish the purposes described below, the collected data must be authentic, this means that Volvo Cars must collect data from real-world traffic environments and situations, and the data cannot be modified, for example by blurring. However, we are not interested in, and do not attempt to, identify individuals present in the recordings. Nor do we extract any other personal data from the collected data.
We limit our locations of interest to exclude school and hospital entrances, homes for the elderly, women’s refuges, court, prisons, accident location with injured individuals, beaches or public parks, private areas such as interior of the house, its garden or balcony, and other places that might be sensitive for the persons being recorded.
4. Why we collect and use your personal data and how long we keep it
4.1 AD-HMI Vehicles
Volvo Cars AD-HMI Vehicles are Test Vehicles that are driven on public roads and collect traffic data. This processing involves collection of personal data relating to other road users and is necessary for research, statistical and analytic purposes, as well as for the development, testing, evaluation, verification and validation of software, hardware, systems and technologies related to the safety and/or functionality of Automated Driving (AD), Advanced Driver Assistance Systems (ADAS), Driver Monitoring Systems (DMS) and related technologies.
The traffic data collected consists of the following categories:
-Video Data - collected through the use of video recorders installed in the Test Vehicles. These cameras are positioned to capture the road and the surrounding public traffic environment in front of the vehicle. The cameras may record pedestrians, cyclists, people in or on vehicles, and vehicles license plates in the vicinity of the Test Vehicle.
The legal basis for us to process the data mentioned above is our legitimate interests.
We will retain the data mentioned above for up to 10 years to be able to reuse the data for test of new versions of software during the lifetime of the components. We will regularly sort out and erase data that is no longer needed in order to only keep relevant traffic situations. Data that is incomplete or corrupt due to technical errors is also candidate to be removed.
4.2 Data Collection Vehicles
Volvo Cars data collection vehicles (“DCVs”) are test vehicles that are driven on public roads to collect public traffic environment data. The processing of this data, which involves processing of personal data relating to other road users, is necessary for the purpose of developing safe and reliable software and sensors for advanced driver assistance systems (ADAS) and autonomous drive (AD) systems, with the overall purpose of road safety and protecting all life on the road.
The data collected by the DCVs consists of the following categories:
-Sensor Data – including data from camera, LIDAR (light detection and ranging), radar and ultra-sonic sensors which can detect persons and objects moving around in the public traffic environment where the collection takes place. The data is used for evaluating sensors, the output from software interpreting the sensor data, and the software used in ADAS and AD systems. The cameras will record pedestrians, cyclists, people in or on vehicles, and vehicles license plates in the vicinity of the DCV.
-GPS – Geolocation data from the DCV will be collected and stored in order to be able to develop our functionalities and to find relevant recorded data based on location.
-Annotations will be added to the data to be able to find relevant recorded data, such as annotations of sensitive places. Annotations can either be made by the drivers of the DCV or when the data is processed afterwards.
The legal basis for us to process the data mentioned above is our legitimate interests as well as to fulfil our legal obligations specified in laws and by government authorities.
We will retain the data for as long as it is necessary for purposes mentioned above, but no longer than 10 years. We will regularly sort out and erase data that is no longer needed in order to only keep relevant traffic situations. Data that is incomplete or corrupt due to technical errors is also candidate to be removed. The drivers will also make annotations of recorded material when the data needs manual review and potential removal if the data can be considered intrusive or harmful for the individuals recorded.
4.3 Function Verification Vehicles
Volvo Cars function verification vehicles are Test Vehicles that are used for testing and verification of our new cars and their functions. These Test Vehicles may collect and process data, including personal data. This processing is necessary to ensure that Volvo Cars’ vehicles meet applicable quality and road safety standards as well as other legal and regulatory requirements.
The data collected by function verification vehicles consists of the following categories:
-Sensor data – such as camera, LIDAR (light detection and ranging), radar and ultra-sonic sensors which can detect persons and objects moving around in the public traffic environment where the collection takes place. The cameras will record pedestrians, cyclists, people in or on vehicles, and vehicles license plates in the vicinity of the Test Vehicle.
-GPS – Geolocation data from the Test Vehicle will be collected and stored in order to find relevant recorded data based on location.
The legal basis for us to process the data mentioned above is our legitimate interests.
We will retain the data for as long as it is necessary for purposes mentioned above, but no longer than 10 years. We will regularly sort out and erase data that is no longer needed in order to only keep relevant traffic situations. Data that is incomplete or corrupt due to technical errors is also candidate to be removed.
5. Sharing of your personal data
We share your personal data with various organizations if needed to achieve the purposes explained above. We have entered into necessary data protection contracts in order to ensure that your personal data is used lawfully.
Who (recipient) | Why (purpose) |
Other group companies within Volvo Cars and its sub-processors | Personal data is transferred to other group companies to co-operate in research and development. |
IT suppliers and their sub-processors | Personal data is transferred to IT-suppliers who provide systems and services such as software, analytical and communication tools, data storage and cloud connectivity services. |
Suppliers, related parties and their sub-processors | Personal data is transferred to suppliers and related parties to develop or improve our products and services. |
To other third parties, but only necessary for compliance with a legal obligation to which we are subject (including but not limited to, Law Enforcement Authorities) or where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
| We may share information when a crime is suspected, or when it is necessary to establish, exercise or defend ourselves against legal claims. |
Any party approved by you | If you give us your approval, your personal data will be shared, such as to a third-party service provider, e.g. an insurance or charging provider. |
We also share anonymized data with third parties (e.g., public or private research groups, governmental or industry agencies, or similar), for various purposes.
6. International transfers
Whenever we transfer personal data to other countries, we use tools and safeguards to make sure that such transfers comply with applicable law and that your personal data is granted a high level of protection.
In many cases, we have signed the so called standard contractual clauses issued by the European Commission (available at the European Commission’s website) as well as implementing other necessary safeguards such as encryption and pseudonymization.
7. Your rights
You may have legal rights relating to our processing of your personal data. The rights may differ depending on which jurisdiction you are in and the nature of the processing.
You have the right to:
-Right to withdraw consent: If you have given your consent for the processing of your personal data, you can withdraw it at any time. This will only affect our future use of your personal data.
-Right to access your personal data: You can ask us for information regarding personal data that we have about you. In such a case, we will provide you with a copy of your personal data.
-Right to rectification: If the information concerning you is not correct, you can request its rectification. If your data is incomplete, you may request that it be completed.
-Right to restriction: You have the right to, under certain conditions, request us to restrict the processing of your personal data, if:
- you contest the accuracy of your personal data, for the period we need to verify the accuracy,
- the processing is unlawful and you request the restriction of processing rather than erasure of your personal data,
- we no longer need your personal data for the processing purpose but you require the data for the establishment, exercise or defense of legal claims, or
- you object to the processing while we verify whether our legitimate grounds override yours.
-Right to portability: You have the right to receive (in a structured, commonly used and machine-readable format) your personal data that you have provided to us, and, where technically feasible, request that we transmit your personal data (that you have provided to us) to another organization, if:
- we process your personal data by automated means;
- we base the processing of your personal data on your consent, or our processing of your personal data is necessary for the execution or performance of a contract to which you are a party; and
- your right to portability does not adversely affect the rights and the freedoms of other persons.
-Right to erasure: You have the right to request that we delete the personal data we process about you. We must comply with this request if we process your personal data, unless the processing is necessary:
- to continue providing a service to you, such as an active subscription;
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes; or
- for the establishment, exercise or defense of legal claims.
-Right to object: If we process your personal data based on our legitimate interest, you can object in that case we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds and an overriding interest for the processing or for the establishment, exercise or defense of legal claims. You also have the right to object at any time, regardless of any reason, to the processing of your personal data for direct marketing (which includes profiling to the extent that it is related to such direct marketing)
If you want to submit a request, you can get in touch with us by completing this form and clearly state your request refers to our Test Vehicle. We kindly ask that you use the form as it sets out the information that we need to verify your identity and effectively respond to your request. If you do not want to use the form, you can submit your request or contact us via the channel listed in the contact information section below.
You also have a right to submit a complaint to your local data protection authority. We would however appreciate if you reached out and raised your concerns directly with us first to allow us to try to resolve them together.
8. Contact information
If you have any questions about how we use your personal data, you can contact:
-Volvo Cars Corporation at dataprotection@volvocars.com,
or
-The Volvo Car Corporation Data Protection Officer via post at Volvo Car Corporation, Attention: The Data Protection Officer, avd 50092, VAK, 405 31 Gothenburg, Sweden.
For any other questions, please see our contact us page here: https://www.volvocars.com/intl/l/legal/contact-us/
You can find contact information and other information regarding Zenseact’s processing of personal data in their Privacy Policy, http://www.zenseact.com/privacy-policy/
9. Updates to this notice
We continuously develop our products and services and will review and update this Privacy Notice as a result. As such we encourage you to revisit this Privacy Notice regularly. The date at the top of this Privacy Notice lets you know when it was last updated. We will handle your personal data in a manner consistent with the Privacy Notice under which it was collected unless we have your consent to handle it differently.