Volvo Financial Services (“VFS”, “we” or “us”) takes data protection & security very seriously. As part of the AB Volvo Group, it is our policy to comply with all applicable laws in each country in which we operate and this includes data privacy laws.
This Statement acknowledges our commitment to the following fundamental principles of data protection.
We shall use all reasonable endeavors to ensure that Personal Data processed by VFS shall be:
We also confirm our commitment to complying with applicable laws as they relate to the processing of sensitive (or special categories of) personal data and to the transfer of personal data to a country other than the country in which it was first collected.
Our commitment to the above fundamental principles is implemented through a variety of internal processes and systems including a general observation of the following:
Notice & Consent
You will be informed of the type of data to be collected and the purposes for which such data is collected and, where your consent is required to process same, we shall seek that from you in clear and unambiguous language. Once given, you have the right to withdraw your consent at any time but this will not affect the lawfulness of processing based on consent before its withdrawal.
You will be granted access to your personal data held by us on written request and you will have the opportunity to request the correction, amendment or deletion of your personal data if what we hold is incorrect, out of date or no longer relevant or required for the original or consented business purposes. We may charge a fee for access, amendment, etc. but it will not be excessive. Generally we shall respond to written access requests within 30 days but we may restrict access in exceptional circumstances where the legitimate rights of persons other than you would be violated or where the burden or expense of providing access would be disproportionate to the risks of your privacy.
Recourse & Remedy
If you have a complaint regarding the processing of your personal data by VFS, you should send your complaint in writing to our Data Protection Officer (DPO) as identified below. We shall treat your complaint seriously and use all reasonable efforts to respond to you timeously and to address the concerns you raise. You may also have the right to make an independent complaint to the relevant external dispute resolution body if provided under local law. We shall use all reasonable efforts to cooperate with any such dispute resolution body to address the concerns you raise in a timely manner.
VFS has designated Debby Nijs, its Global Manager Information Security and Privacy as the Data Protection Officer (“DPO”) responsible for its compliance with and enforcement of this Statement and applicable data protection laws
You may reach Debby by post or email at:
Volvo Financial Services
B - 1082 Brussels
Please include your name, address, phone number and/or email in all communications and clearly state the nature of your request.
Effective Date and Changes to this Statement
The commitments and practices described in this Statement are current as of June 30, 2016. We reserve the right to modify, amend or withdraw this Statement at any time consistent with the requirements of the fundamental principles and applicable law.
Limitation on Application of Fundamental Principles
Adherence by VFS to the fundamental principles may be limited (a) to the extent required to respond to a legal or ethical obligation, and (b) to the extent permitted by applicable law.
As still applicable under US law, VFS adheres to the Safe Harbor Principles as administered by the U.S. Department of Commerce and remains a registered participant in this program (for more information, visit http://www.export.gov/safeharbor). In addition, we reaffirm our commitment to the fundamental principles outlined above and have put appropriate processes in place, including the use of data transfer agreements based on the internationally approved “Standard Contractual Clauses” (or “Model Clauses” as they are sometimes referred to), with regard to the lawful transfer of personal data from one country to another as may be needed from time to time in the conduct of our legitimate business purposes.