This version reflects our commitment to legal rigour and transparency while ensuring that our communications remain clear, accessible, and consistent with the Volv Global SA brand.
Effective Date (Last Updated): 21 avril 2025
1. Introduction
- The revised Swiss Federal Act on Data Protection (nFADP)
- The EU General Data Protection Regulation (GDPR)
- The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
By using our website, www.volv.global, or any of our services, you acknowledge and agree to the practices described herein. For any questions or comments regarding our privacy practices, please contact us at dpo@volv.global.
2. Who We Are
Controller / Business: Volv Global SA, a limited liability company incorporated in Switzerland (company number CHE-431.770.478), operates this website and is responsible for the collection, processing, and use of your personal information under Swiss law, the GDPR (where applicable), and the CCPA (for California residents).
Address: Volv Global SA, Route de la Corniche 3, 1066 Épalinges, Switzerland
Email: dpo@volv.global
Where required under the GDPR, we may appoint an EU representative. For further details or to contact an EU representative, please email us at dpo@volv.global.
3. Applicability of Law
We adhere to the requirements of:
- The revised Swiss Federal Act on Data Protection (nFADP) and its ordinances
- The EU General Data Protection Regulation (GDPR)
- The California Consumer Privacy Act (CCPA), as amended by the CPRA, for California residents
We also comply with any other relevant data protection laws as and where applicable.
4. Information We Collect
- Fill out contact forms (e.g. title, first and last name, email address, company name, area of interest)
- Subscribe to our newsletter (e.g. name, email address, company name)
- Participate in promotions or surveys
- Register an account on our website (e.g. name, email address, nationality, date of first employment or enrolment)
- Communicate with us via email or other channels
Please note that some information may be mandatory for us to provide specific services. Should you choose not to provide such information, we may be unable to fulfil your request.
- IP address and device identifiers
- Date and time of access
- Pages and files accessed (URL)
- Referring website (if any)
- Browser type and version, operating system, language settings
- Name of your internet service provider
This information is collected to ensure the technical operation and security of our website, to analyse trends, and to enhance our services. Our processing is based on our legitimate interests (GDPR Art. 6(1)(f), Swiss law) or other applicable legal grounds.
5. Legal Bases for Processing
Where the GDPR applies, we process personal data on the following legal bases:
- Consent (GDPR Art. 6(1)(a)): For instance, when you subscribe to our newsletters or participate in promotions.
- Contract (GDPR Art. 6(1)(b)): When processing is necessary to provide the services you have requested.
- Legal Obligation (GDPR Art. 6(1)(c)): When required to comply with statutory obligations.
- Legitimate Interests (GDPR Art. 6(1)(f)): For activities such as maintaining and improving our website, preventing fraud, and ensuring security, unless overridden by your data protection interests or fundamental rights.
Under Swiss law, we process personal data in accordance with the revised nFADP.
6. How We Use Your Information
We use your personal data to:
- Provision and Improvement of Services: Operate and maintain our website, respond to inquiries, personalise user experiences, and process promotions.
- Marketing and Communications: Send newsletters or promotional materials where you have provided consent or where permitted by law.
- Analytics: Evaluate website performance, understand usage trends, and optimise user experience.
- Security and Compliance: Detect, investigate, and prevent security threats, fraud, or other unauthorised activities, and comply with legal obligations or law enforcement requests.
- Business Operations: Facilitate corporate transactions (e.g. mergers, acquisitions) subject to appropriate confidentiality measures.
7. Disclosure of Personal Information
We share personal data only as permitted or required by law, including with:
- Service Providers: Third parties (e.g. hosting, analytics, marketing, payment processors) who process data on our behalf under written agreements.
- Business Partners: For joint activities, events or promotions, provided you have consented where necessary.
- Legal and Regulatory Authorities: To comply with legal obligations, enforce our agreements, or protect the rights and safety of our business or others.
- Corporate Transactions: In connection with mergers, acquisitions, or sales of assets.
- With Your Consent: When you explicitly authorise a disclosure for specified purposes.
We do not sell or rent personal data to unaffiliated third parties for their own marketing purposes without your consent. For California residents, we will clarify sale or sharing as defined by the CCPA in Section 11.
8. International Transfers
Where personal data is transferred outside of Switzerland or the European Economic Area (EEA), we implement adequate safeguards such as EU standard contractual clauses (adapted for Swiss/EU transfers) or recognised adequacy decisions to ensure compliance with applicable data protection laws. Should you require further details on these safeguards, please contact us.
10. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. This includes providing requested services, complying with legal obligations, resolving disputes, or enforcing our agreements. Where possible, we will specify retention periods or criteria for determining these periods. Once your data is no longer required, it will be securely deleted or anonymised, subject to any applicable legal retention requirements.
11. Additional Disclosures for California Residents (CCPA/CPRA)
This section applies exclusively to residents of California.
11.1 Categories of Personal Information Collected
In the past 12 months, we may have collected:
- Identifiers: Name, email address, IP address, etc.
- Internet or Electronic Network Activity: Browsing history, log files, device information, etc.
- Commercial Information: Details of promotions or surveys in which you have participated.
- Inferences: Preferences, characteristics, or behaviours inferred for analytics or advertising.
11.2 How We Use and Disclose Personal Information
We use and disclose your personal data for the purposes outlined in Sections 6 and 7, such as providing our services, processing your requests, analysing performance, conducting marketing, and complying with legal obligations.
11.3 Sale or Sharing of Personal Information
Under the CCPA, sale or sharing includes certain data exchanges for advertising or analytics. We do not knowingly sell or share personal data for monetary or other valuable consideration without your consent. Should we engage in activities that qualify as a sale or share in the future, a clear Do Not Sell or Share My Personal Information link or similar mechanism will be provided for you to opt out.
11.4 Your CCPA Rights
California residents are entitled to:
- Right to Know: Request details about the personal data we have collected, including its sources and the purposes of its collection.
- Right to Delete: Request the deletion of your personal data (subject to certain exceptions).
- Right to Correct: Request corrections to any inaccurate personal data.
- Right to Opt Out: Opt out of the sale or sharing of your personal data.
- Right to Limit Use/Disclosure of Sensitive Personal Information: Where applicable, restrict the use or disclosure of sensitive personal data.
- Right to Non-Discrimination: Enjoy our services without any penalty for exercising your rights.
11.5 Exercising Your CCPA Rights
To submit a request, please email dpo@volv.global with the subject line “California Privacy Rights,” including sufficient detail (such as your name, email address, and the nature of your request) to allow us to verify your identity. You may also authorise an agent to act on your behalf with appropriate written permission.
12. Data Analysis and Automated Decision-Making
We may use third-party analytics services (e.g. Google Analytics) that deploy cookies or similar tools to collect aggregated data. This helps us evaluate and improve our website. We do not engage in fully automated decision-making (including profiling) that produces legal or similarly significant effects on individuals. If such processes are introduced in the future, we will update this policy to explain the logic and potential impacts.
13. Security Measures and Data Breach Protocol
We have implemented robust technical and organisational measures to protect your personal information from unauthorised access, use, disclosure, alteration, or destruction. These measures include encryption, secure servers, access controls, and regular reviews of our security practices. Although we strive to safeguard your data, no method of transmission or storage is completely secure.
In the unlikely event of a data breach that poses a high risk to your rights or triggers notification obligations under applicable laws, we will promptly notify you and the relevant authorities, and take appropriate remedial action.
14. Children’s Privacy
Our website is not intended for individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately so that we can delete the information unless we are legally obliged to retain it. (Note: In jurisdictions where different age thresholds apply, such as COPPA in the United States, we ensure compliance with the relevant legal requirements.)
15. Your Rights
For Residents under the GDPR/Swiss Law
If you are subject to the GDPR or are a resident of Switzerland, you have the right to:
- Access: Confirm whether we process your personal data and, if so, request a copy.
- Rectification: Request correction of any inaccurate or incomplete data.
- Erasure: Request deletion of your data under certain conditions.
- Restriction: Request that processing be restricted in particular circumstances.
- Object: Object to processing based on legitimate interests or for direct marketing purposes.
- Data Portability: Receive your personal data in a structured, commonly used format and request its transfer, where technically feasible.
- Withdraw Consent: Withdraw your consent at any time, without affecting the lawfulness of prior processing.
You also have the right to lodge a complaint with the relevant supervisory authority (e.g. the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland or the appropriate EU supervisory authority).
16. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal obligations. In the event of significant changes, we will notify you by email or through a prominent notice on our website. Your continued use of our website after such updates indicates your acceptance of the revised terms.
17. Contact Us
If you have any questions or concerns about this Privacy Policy or if you wish to exercise your rights under applicable data protection laws, please contact us at:
Volv Global SA
Route de la Corniche 3
1066 Épalinges, Switzerland
Email: dpo@volv.global
Please note: Email communications are not always secure. Do not include sensitive information in your messages to us.
