Article Version 2026.1.0
Vehicle Privacy Notice
Effective from: 2026-01-01
Published at: 2025-12-30
This privacy notice explains how Volvo Cars (as defined below) process data related to vehicles and connected services provided by Volvo Cars that you can control through the privacy settings provided in the vehicle and for some features also in the Volvo Cars App.
Since the processing of data depends on the features and functions with which the vehicle is equipped, and on the services which you choose to activate, this document presents the widest extent of possible processing. If you have an older vehicle, or if a new model is not equipped with a certain feature or function, the data processing associated with that feature will not happen.
For an explanation of vehicle features and functions, please check the owner’s manual for the relevant model. Please note that if there are any differences between this notice and the owner’s manual related to the processing of personal data, this notice takes precedence.
This privacy notice does not apply to:
·Special vehicles (e.g. police cars)
·Processing of personal data that does not leave the vehicle (local processing)
·Processing of personal data when you interact with one of our retailers (such as when you buy your vehicle)
·Your use of software, apps and services provided by third parties (for further information, please see the individual service providers’ own terms and conditions as well as their privacy policies/notices)
·The provision of the internet/connectivity service in your vehicle, which is supplied by a mobile network operator independently from Volvo Cars.
Please note that Volvo Cars has other privacy notices that should be read together with this information for a complete picture.
You can easily access them here.
In this notice you will find information about:
2. What personal data we use and why
2.1 Data used for infotainment purposes
2.1.1 Over-the-Air Software Updates
2.1.4 Real-Time Traffic Information
2.1.5 Intelligent Speed Assist
2.2 Data used related to safety
2.2.1 Active Safety Data Recorder
2.2.5 Intrusion Detection System
2.3 Data used related to maintenance and repairs
2.3.2 Diagnostic Read-Out in Workshops
2.3.4 Extended Vehicle Data Analysis
2.4 Data used for research & development purposes
2.4.1 Traffic Accident Research
2.4.3 Vehicle Analytics & Improvements
3. Sharing of your personal data
1. Who we are
The entity responsible for the processing of personal data referred to below is Volvo Car Korea, having its registered office at 5th floor Pinnacle Tower, 343 Hak-Dong-Ro, Gang-Nam-Gu, Seoul, Korea, hereinafter referred to as “Volvo Cars”, “we”, or “us”. If other entities are processing personal data together with us, as so called joint controllers, this will be specified.
For the processing concerning Connected Safety, and Vehicle Data Analytics for hybrid or electric vehicles, Volvo Cars and Polestar Performance AB (a Swedish company headquartered in Gothenburg, Assar Gabrielssons Väg 9, SE-405 31, Sweden, hereinafter referred to as “Polestar”) are jointly responsible. Volvo Cars is for those purposes, responsible for providing information to its customers, and that the respective rights afforded by GDPR will be exercised by Volvo customers in relation to Volvo Cars.
2. What personal data we use and why
Personal data is information that directly or indirectly relates to you as a natural living person and that we receive from your vehicle. See below how we defined personal data categories in the context of vehicle related processing.
User details | Volvo ID, name, email, phone no, unique user ID |
Vehicle details | Identifiers such as the vehicle identification number (VIN) and registration number; and information about the vehicle such as model, production year, configuration and specifications including engine, propulsion type, hardware and software info and battery ID. |
Vehicle information and status | Data such as faults codes and diagnostics data, charging related data, component and system health status such as but not limited to state of health, overall status (vehicle propulsion and battery), status and behaviour of onboard systems and functions, alarms, warnings, security logs, certifications and authorisation data, calibrations, connectivity and network information data related to the use of the vehicle (such as odometer, timestamps, temperature, service indicators, emissions, device connections, weather and road conditions, energy and fuel consumption, trailer connected, settings. |
Vehicle usage and user behaviour | Data such as passenger occupancy, usage mode (charge, park, drive), use of remote services, brakes, steering, seat belts and doors, interactions and use of the infotainment head unit, use of vehicle functions such as accelerator, supporting information related to incidents and malfunctions. |
Position and movement information | Speed, location, and time logs. |
Safety events | Type of safety event triggered and its occurrences, such as slippery road alert activation, hazard light activation and related time stamps. |
Images/data from external cameras | Images captured from safety functions, autonomous drive and advanced driving assistance systems. |
2.1 Data used for infotainment purposes[CD1]
2.1.1 Over-the-Air Software Updates
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To maintain the latest software and provide necessary updates. · To ensure you can fully utilise our updated services. · To improve your protection against cybersecurity incidents. | · Vehicle details · Vehicle information and status | Consent.
| Records of the software updates will be retained for the lifetime of the vehicle.
|
2.1.2 Connected Safety
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To alert you about current or potential traffic hazards and changing road conditions while you drive. · To improve road safety, reduce maintenance costs, and contribute to a sustainable traffic environment. | · Vehicle details · Safety events · Position and movement information (position is used to alert you about current or potential traffic hazards) | Performance of a contract or your consent | The information will be retained up to one week. |
2.1.3 Digital Key
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To allow you to lock, unlock, or start your vehicle with your smartphone or smart watch. · To enable sharing and revoking of digital keys through various digital channels. | · Vehicle details · Vehicle information and status · User details | Performance of a contract or your consent | Your data will be retained for as long as you have a valid contract. |
2.1.4 Real-Time Traffic Information
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To verify if the service subscription is active. · To calculate and provide information on risks of road congestion, which we do with the support of a partner that will receive anonymous position and movement data. | · Vehicle details · Position and movement information | Performance of a contract or your consent. | Your data will be retained for as long as the subscription is active. Once the subscription is inactive, VIN, speed and position are stored up to 90 days, unless a longer time is required under applicable local law. |
2.1.5 Intelligent Speed Assist
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To assist your vehicle in keeping the speed limit using road sign data. · To report aggregated data on your usage of the vehicle to relevant authorities. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · Position and movement information (the position is used to fetch road sign data) | Legal obligation or your consent. | Your data will be retained until it has been aggregated and reported to relevant authorities. |
2.1.6 Air Quality Index
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To show information on air quality within your vehicle. · If location is shared, it will provide you with information about pollution and pollen levels outside your vehicle. | · Vehicle information and status · Position and movement information | Performance of a contract or your consent. | Your data will be retained until it has been presented in your vehicle. |
2.1.7 Map Delivery System
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
To enhance functions in the vehicle such as Pilot Assist and Adaptive Cruise Control by utilising high-definition map data of your current location. | Position and movement information. | Performance of a contract or your consent. | The data will be retained until the map data has been downloaded. |
2.2 Data used related to safety
2.2.1 Active Safety Data Recorder
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
Data related to traffic accidents or collision-like situations will be processed by our research and development department to help us better understand the circumstances in which traffic accidents, injuries, and damage occur. | · Vehicle details · Safety events · Images from external camera (front-facing camera images are captured during 4 seconds before and after collision-like situations) · Position and movement information (with an accuracy of ≤ 500 meters) | Consent. | The data will be retained for 10 years, after which it will be deleted or anonymised. |
2.2.2 Event Data Recorder
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
To assess the vehicle safety system performance in situations of crash or near-crash. | · Vehicle information and status · Vehicle usage and user behaviour | To fulfil our legal obligations or your consent. | The data will be retained until it is overwritten by new events. |
2.2.3 Emergency Call (eCall)
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
To ensure an emergency call will be triggered, either automatically or manually in the event of certain types of accidents. | · Vehicle details · Position and movement information (with an accuracy of ≤ 500 meters including the direction of travel and delta velocity in case of crash) · Vehicle information and status · Vehicle usage and user behaviour | To fulfil our legal obligations or your consent. | Your data will be retained for up to 200 days. |
2.2.4 Call Centre Services
Services offered as part of the Call Centre Services are described below.
Services | How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
Roadside Assistance | To connect you to our call centre when you need support in case of technical faults with your vehicle. | · Vehicle details · Position and movement information · Vehicle information and status · Additional information necessary for the delivery of requested assistance (e.g., user details, insurance details, transaction-related data, damage cause, and information about the workshop handling the repair) | Performance of a contract or your consent. | Your data will be retained for up to 200 days. |
Stolen Vehicle Tracking | To locate your vehicle, if stolen. | |||
Remote Vehicle Immobilisation/ Mobilisation | To enable or disable the immobiliser in the vehicle. | · Vehicle details · Position and movement information (with an accuracy of ≤ 500 meters) · Vehicle information and status · Safety events (reason for the call) | ||
Safety Call | To ensure the safety of those in the vehicle in situations where the driver is detected as unresponsive by the safety features in the vehicle (reason for the call). |
2.2.5 Intrusion Detection System
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To detect and prevent anomalies and violations that could be possible cybersecurity threats for the vehicle systems. · To monitor how software and apps behave to ensure they are not violating what they are permitted to do. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · Position and movement information | To fulfil our legal obligations.
| Your data will be retained: · pseudonymized for the lifetime of the vehicle. · for up to one year after the investigation has been concluded, in case of a detected vulnerability. |
2.2.6 Ensuring Safe Batteries
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To ensure that our vehicles with a hybrid or full-electric powertrain are safe. · If deemed needed, to contact and inform you of potential concerns. | · Vehicle details · Vehicle information and status | Our legitimate interest to develop and improve the safety of our products or your consent. | Your data will be retained for the lifetime of the vehicle. |
· To enable early detection of potential concerns and to identify new potential fault types. · To manage our product manufacturer obligations. | To fulfil our legal obligations or your consent. |
2.3 Data used related to maintenance and repairs
2.3.1 Service Planning
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To predict and observe your vehicle’s and its components health. · To enable us and workshops to prepare for and administer service of your vehicle. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour | Performance of a contract or your consent. | · Your data will be retained for up to three years. · The vehicle’s high-voltage battery information will be retained for up to 10 years. |
2.3.2 Diagnostic Read-Out in Workshops
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
For fault tracing and product research and development. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour | Our legitimate interests to develop and improve our products and services or your consent | Your data will be retained for the lifetime of the vehicle.
|
To manage our product manufacturer obligations. | To fulfil our legal obligations or your consent |
2.3.3 Bug Reporting
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
To identify and investigate software-related problems and maintain our software in good health. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · User details | Our legitimate interests to remedy, develop and improve our software or your consent | Your data will be retained until the issue with your vehicle has been solved, or for up to 90 days, whichever occurs later. |
2.3.4 Extended Vehicle Data Analysis
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To investigate and identify issues with the vehicle. · To manage a potential warranty case and potential product safety issues. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · User details · Position and movement information · Safety events | Our legitimate interests to remedy, develop and improve our products or your consent | Your data will be retained until the problem with your vehicle has been solved, after which it will be deleted. |
2.4 Data used for research & development purposes
2.4.1 Traffic Accident Research
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To investigate the circumstances of a traffic accident involving one of our vehicles. · To improve the safety of our vehicles and the traffic environment in general. | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · Position and movement information · Images from external camera | Our legitimate interests to remedy, develop and improve safety in our products or your consent | Your data will be retained for up to 10 years. |
· To gather additional information on the accident through a survey, if beneficial for our research. | · User details |
2.4.2 Vehicle Data Analytics
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To understand how the vehicle is being used. · To obtain statistical information about our vehicles. · For product research and development, particularly to improve and monitor the quality of vehicles and their safety features. · To manage Volvo Cars’ warranty commitments. | · Vehicle details · Vehicle information and status | Consent. | · Your data will be retained for up to two years. · The vehicle’s high-voltage battery information will be retained for the lifetime of the battery. |
2.4.3 Vehicle Analytics & Improvements
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
· To understand how the vehicle is being used. · To obtain statistical information about our vehicles. · For fault tracing, product research, and development. · To monitor and improve the sustainability and quality of our vehicles, their safety features, and other functions. · To contact and inform you of potential problems or faults if needed | · Vehicle details · Vehicle information and status · Vehicle usage and user behaviour · Position and movement information (with an accuracy of ≤ 500 meters) · Safety events · Images from external camera · User details | Consent. | · Your data will be retained for up to five years after which, if it is still needed, will be anonymised, or otherwise be deleted. · The vehicle’s high-voltage battery information will be retained for the lifetime of the battery. |
2.5 Emissions reporting
How will we use your personal data (‘purpose’) | The information we use (‘personal data’) | Legal basis | Retention |
To collect emission specific data from your vehicle that will be reported to the relevant entity or authority. | · Vehicle details · Vehicle information and status | To fulfil our legal obligations or your consent | Your data will be retained until it has been reported to relevant authorities. |
3. Sharing of your personal data[CD2]
We share data with various organisations to run our business, to maintain our relationship with you, and to provide you with products and services. We describe these situations below.
Where we refer to these organisations as our ‘suppliers”, ‘processors’ or ‘sub-processors’, each one of these organisations is limited by contract in their ability to use your personal data for any purpose other than to provide services to us or on our behalf, as instructed by us. In each case, we only share the personal data, including telematics data, we deem necessary to achieve the respective purpose.
Who (‘Recipient’) | Why (‘Purpose’) |
Other group companies within Volvo Cars and its sub-processors | Personal data is transferred to other group companies for customer care, to provide our products and services and for provision of IT systems for business support and data storage. |
IT-suppliers and their sub-processors | Personal data is transferred to IT-suppliers who supply general business support systems to us, such as software and data storage providers. |
Authorised Volvo Car retailer(s) and repairer(s) (and its sub-processors) | Personal data is transferred for the purpose of providing services, fault tracing, maintenance, and repair. |
Law enforcement authorities (e.g. police, courts) and other competent authorities | Personal data needs to be shared or may be shared with law enforcement authorities (e.g., police, courts), to comply with a legal obligation, or our legitimate interest in providing data, when a severe crime is suspected, or when it is necessary to establish, exercise or defend ourselves against legal claims. We provide law enforcement with the least amount of personal data that is necessary. Example of data type that we can give out is the serial number of a vehicle part connected to a VIN number or an IMEI-number (unique user ID).
|
Other service providers (such as mobile network operators, customer care service partners, connectivity providers, roadside assistance operators and charging operators) | We may share information from the vehicle and subscription information to enable the services, for fault tracing and service improvement purposes. In some markets we use and share information with a third-party provider for customer care services. To provide certain functions (e.g., real-time traffic information) we share anonymised data with third parties.
|
Any party approved by you | For example, you may ask us to share vehicle data with a third party such as an insurance company to prepare an insurance quote for you. |
Third -party vehicle owners such as companies with a Volvo Car fleet or car rental companies | Personal data may be provided by Volvo Cars, as processor, to the third-party owners, as controllers, for the purpose of providing fleet management services.
|
Specifically, we provide your personal information to third parties as follows:
Name of Recipient | Items of Personal Information Provided | Recipient’s Purpose of Use | Period of Retention and Use by Recipient |
Volvo Car Corporation | All collected items | Management of customer data, provision of services and improving and monitoring the quality of the provided services | Until fulfilment of the purpose of personal information provision or request of deletion by customer |
We delegate the processing of your personal information as follows, and the delegates may process personal information according to the purpose of the delegation:
Delegatee | Description of Delegated Services |
TDCX Korea Co., Ltd. (티디씨엑스코리아 유한회사) | Customer call center, Call center Services, service related customer general inquiries, outbound/inbound calls, vehicle related inquiries, dealer network inquiries, surveys, RSA, email inquiries, 1:1 web inquiries |
Samsung Fire Insurance. (삼성화재서비스손해사정㈜) | Emergency roadside assistance service, Call center Services |
MPC Plus Inc. ((주)피씨플러스) | RSA call center services, RSA services, outbound calls |
Samsung Fire Insurance RSA partners | On site RSA services (actual towing, emergency services) |
AWS (Amazon Web Service) 아마존웹서비스 | Hosting cloud in Seoul to provide solution for connected car cloud service of Volvo Assistance (web server, data base, firewall) |
Volvo Car Corporation | Provision of services (including Volvo Assistance) and improving and monitoring the quality of the provided service |
ECARX Sweden AB | Provision of connected car cloud services for Volvo Assistance on EX30 and subsequent EV models |
WirelessCar Sweden AB | Provision of call center services and improving and monitoring the quality of the provided service |
Geely Auto Group Co., Ltd. | Provision of services and improving and monitoring the quality of the provided service |
We transfer personal information outside Korea as follows. You have the right to refuse to consent to the transfer of personal information. If you wish to refuse a transfer of your personal information overseas, please contact [dataprotection@volvocars.com] to communicate your request. However, if you refuse, we may not be able to provide the services stated in this privacy notice.
Transferee’s Name (Contact) | Country in which Transferee is Located | Transferee’s Purposes for Using the Personal Information | Items of Personal Information to be Transferred | Time/Method of Transfer, ground of transfer | Retention and Use Period by Transferee |
Volvo Car Corporation (globdpo@volvocars.com) | Sweden | Provision of services (including Volvo Assistance) and improving and monitoring the quality of the provided service | All collected items | At the time of service use through electronic transmission; delegation for contractual performance (Article 28-8(1)3 of the PIPA) | Until fulfilment of the purpose of personal information provision |
ECARX Sweden AB (privacy@ecarxgroup.com) | Sweden | Provision of connected car cloud services for Volvo Assistance on EX30 and subsequent EV models | All collected items | At the time of service use through electronic transmission; delegation for contractual performance (Article 28-8(1)3 of the PIPA) | Until fulfilment of the purpose of personal information provision |
Geely Auto Group Co., Ltd. (geelyauto.privacy@geely.com) | China | Public Key infrastructure, Over the air update, Manufacturing engineering system, Quality | All collected items | At the time of service use through electronic transmission; delegation for contractual performance (Article 28-8(1)3 of the PIPA) | Until fulfilment of the purpose of personal information provision |
WirelessCar Sweden AB (Function.dpo@wirelesscar.com) | Sweden | Provision of call center services and improving and monitoring the quality of the provided service | All collected items | At the time of service use through electronic transmission; delegation for contractual performance(Article 28-8(1)3 of the PIPA) | Until fulfilment of the purpose of personal information provision |
4. Your rights and controls
You have specific legal rights relating to the personal data we process about you. The rights may differ depending on which jurisdiction you are in and the nature of the processing. Generally, your rights concern the possibility to:
- withdraw your consent
object to our processing of your data
ask for a copy of the data we hold about you (so-called subject access right)
ask for the data to be transferred to another entity (so-called data portability)
ask for the data to be corrected or restricted
ask for the data to be deleted (so-called right to be forgotten)
As mentioned, these rights are not absolute and in some cases data protection law limits their application. Should this be the case for a request you make to us, we will always explain why we cannot fulfil your request.
If you would like to submit a rights request, you can get in touch with us by completing this form. We kindly ask that you use the form as it sets out the information that we need to verify your identity and effectively process your request. However, should you prefer not to use the form, you are always welcome to contact us and submit your request using the contact information in the next section.
You also have a right to submit a complaint to your local data protection authority should you have concerns about how we use your personal data. However, we would appreciate it if you reached out and raised your concerns directly with us first to allow us to try to resolve them together. You can find our contact information below.
5. Security
We take the following technical, administrative and physical measures required to ensure the security of your personal information:
The technical measures are as follows:
- Protecting personal information storage and information processing systems by installing up-to-date malware protection software.
An implemented password policy according to best-industry security practice.
Configuring personal information storage and information processing systems according to best-industry security practice.
The administrative measures are as follows:
- Establishing and implementing an internal personal information management plan that sets forth matters related to the organization and operation of a personal information protection group, training of personal information handlers, access control of personal information, and other matters related to personal information protection.
Granting the right to access personal information storage systems to the least privilege principle.
The physical measures are as follows:
- Managing access to premises where personal information storage systems are located by installing an access control system.
6. Contact information
If you have any questions about how we use your personal data, you can contact us.
Chief Privacy Officer
- Name: Man Sik Lee
Telephone Number: 1588-1777
E-mail: help_korea@volvocars.com
Person in Charge of Protection of Personal information
- Name: Young Ha Kim
Telephone Number: 1588-1777
E-mail: help_korea@volvocars.com
7. Updates to this notice
We continuously develop our products and services and will review and update this privacy notice as a result. As such we encourage you to revisit this privacy notice regularly. The date at the top of this privacy notice lets you know when it was last updated. [You can find previous versions of this privacy notice through [link]. We will handle your personal data in a manner consistent with the privacy notice under which it was collected unless we have your consent to handle it differently.