back to topscroll back to top of page back to topscroll back to top of page
Prevost 100th

Data Management Agreement

In consideration for Prevost Car (US) Inc. and Prevost, a division of Volvo Group Canada Inc. (“Prevost”) providing the Customer with any Information Services (as defined below), Prevost, for its own account and for and on behalf of AB Volvo (publ.) and all subsidiaries of AB Volvo (publ.) (collectively, the “Volvo Group”), and the Customer (together, the “Parties”) agree as follows:

1. PURPOSES OF THIS AGREEMENT

The purposes of this Data Management Agreement (the “Agreement”) are the following:

  1. to set out the terms and conditions on which Prevost collects, uses and shares data from Information Systems (as defined below);
  2. to put in place appropriate contractual provisions, as required by applicable data protection laws, to govern Prevost’s processing of Vehicle Data (as defined below) on behalf of the Customer; and
  3. to set out the terms and conditions applicable to the provision, and termination, of services to the Customer in relation to any vehicle, which involve the processing (as defined in the Personal Information Processing Addendum attached as Appendix 1 hereto (the “PIPA”)) of information from Information Systems, including, but not limited to, services such as Preventive and Predictive Maintenance, Usage-Based Invoicing, Fleet Management, Zone Management and Service & Repair, market research, as well as the use of Volvo Connect and other similar platforms, portals and services (“Digital Channels”), and any services provided through the Digital Channels (together, the “Information Services”).

2. INFORMATION SYSTEMS

The Customer is aware that Prevost vehicles are equipped with one or more systems which may gather and store information about the vehicle (the “Information Systems”), including but not limited to information relating to telematics data, vehicle condition and performance and information relating to the operation of the vehicle (together, the “Vehicle Data”). In certain circumstances, the Vehicle Data may be deemed to contain Personal Information. The Customer agrees not to interfere with the operation of the Information Systems in any way.

Notwithstanding any termination or expiry of this Agreement, the Customer acknowledges and agrees that Prevost may: (i) access the Information Systems at any time (including remote access); (ii) gather the Vehicle Data; (iii) store the Vehicle Data on Volvo Group systems; (iv) use the Vehicle Data in order to provide services to the Customer, as well as for its own internal and other reasonable business purposes; and (v) share the Vehicle Data within the Volvo Group and with selected third parties.

The Customer agrees to notify Prevost in writing if it sells or otherwise transfers ownership of any vehicle that is subject to this Agreement to a third party.

3. DATA PROTECTION AND PROCESSING

The Parties recognize that during the course of providing the Information Services, either directly or through its authorized dealers, any of its authorized business partners or any third party providing services, such as repair, maintenance, usage-based invoicing or other services (whether or not under warranty), Prevost will process Vehicle Data, and should not be required to process Personal Information contained within or otherwise associated with the Vehicle Data, on behalf of the Customer, its affiliates or agents. To the extent Prevost does process Personal Information, the PIPA sets out the terms and conditions applicable to such processing of Personal Information and shall apply whenever Prevost is processing Personal Information on behalf of the Customer.

The Customer undertakes to comply with all applicable data protection laws, including, but not limited to, any obligations to give notices to any individuals whose Personal Information may be collected by the Customer and processed by Prevost hereunder, and any similar obligations imposed by data protection laws in other applicable jurisdictions. To the extent permitted by law, the Customer shall indemnify, defend and hold Prevost, its representatives and agents, and any third parties acting on behalf of Prevost, harmless from and against any loss arising directly or indirectly from the Customer’s failure to comply with applicable data protection laws.

4. SERVICE TERMS AND CONDITIONS

Prevost shall provide the Customer with the Information Services which the Customer has requested, or which Prevost has offered to the Customer and the Customer has agreed to receive, or for which the Customer has registered or otherwise subscribed via the Digital Channels, in each case whether or not for payment.

Provision of the Information Services may be subject to specific terms and conditions in addition to those set out in this Agreement, relating to, for example, price and payment, subscription terms and duration. In the event of a conflict between the provisions of this Agreement and such specific terms and conditions, the specific terms and conditions shall take precedence and shall apply in place of the conflicting provisions of this Agreement, but the remaining provisions of this Agreement shall continue to apply.

The Customer shall not distribute, retransfer, copy, publish, modify, enhance, reverse engineer, decompile or otherwise alter the Information Systems.

Prevost may modify, upgrade, exchange or substitute any of the Information Services or part thereof without notice as part of the continuous improvement process related to the Information System or as required to comply with any applicable safety, statutory or regulatory requirement or for added functionality which does not materially affect the quality or performance of the Information Services or of the vehicle.

The right of the Customer to use the Information Systems is subject to the technical and regulatory availability of the Information Systems. The technical availability of the Information Systems depends on availability of network and satellite coverage and may be disrupted due to local barriers (including but not limited to bridges, buildings and other physical barriers), atmospheric or topographic conditions and technical limitations (including but not limited to inbuilt errors of any GPS system).

Prevost disclaims any guarantee or liability for the security of the mobile telecommunications, wireless or other network used for the transmission of Vehicle Data and other information.

The Information Systems may not be available due to maintenance work. Details of planned maintenance work will, if possible, be posted on the Digital Channels or otherwise communicated to the Customer. Prevost will seek to minimize disruption of the Information Systems’ availability.

The Customer shall at all times comply with Prevost’s user guidelines and manuals in respect of each vehicle.

The Customer acknowledges that the Information Systems may not be available in all countries.

Prevost may suspend the Customer’s access to the Information Services or may use the Information Systems to locate a registered vehicle, if Prevost reasonably believes that the vehicle is not operated by Customer as lawful owner or otherwise in compliance with applicable law or the terms and conditions of this Agreement or any other agreement between the Customer and any Volvo Group entity.

5. DEACTIVATION OF THE INFORMATION SYSTEMS

Upon the written request of the Customer, Prevost shall deactivate its remote access to the Information Systems with respect to any nominated vehicle, by reference to the vehicle identification number (“VIN”), at the Customer’s expense and without undue delay (“Vehicle Deactivation”). To the extent that Vehicle Deactivation must be carried out by a Prevost-authorized workshop, the Customer shall be responsible for delivering the nominated vehicle(s) to any such workshop for deactivation.

For the avoidance of doubt, Vehicle Deactivation shall not prevent (i) remote access to the Information Systems if required by applicable law; or (ii) access to the Information Systems through a plug-in device, including but not limited to TechTool, for the purposes of repair and maintenance or warranty work.

The Customer acknowledges that Vehicle Deactivation shall mean that Prevost is unable to provide any Information Services with respect to the vehicle that has been deactivated.

The Customer consequently acknowledges and agrees that Vehicle Deactivation shall automatically terminate any services agreement entered into by the Customer and any Volvo Group entity, without any liability on the part of any Volvo Group entity, with respect to Information Services relating to the vehicle being deactivated.

Upon the written request of the Customer, Prevost shall reactivate its remote access to the Information Systems with respect to any nominated vehicle, by reference to the VIN at the Customer’s expense (“Vehicle Reactivation”). Unless Prevost is able to carry out Vehicle Reactivation remotely, any Vehicle Reactivation must be carried out by a Prevost- authorized workshop and the Customer shall be responsible for delivering the nominated vehicle(s) to any such workshop for reactivation. In the event of a Vehicle Reactivation, the terms and conditions of this Agreement and any other services agreement shall apply to the provision of any Information Services with respect to such vehicle.

Customer shall be solely responsible for requesting the Vehicle Deactivation and the deactivation of any collection of Vehicle Data where required by applicable Privacy and Data Protection Requirements (as defined in the PIPA), including without limitation to prevent functionalities which may allow Customer to track or document individuals’ location by use of the Vehicle Data.

6. LIMITATIONS OF LIABILITY

UNLESS OTHERWISE PROVIDED FOR IN SPECIFIC TERMS AND CONDITIONS RELATING TO THE PROVISION OF INFORMATION SERVICES, PREVOST’S TOTAL MAXIMUM LIABILITY UNDER THIS AGREEMENT FOR CLAIMS ARISING IN EACH CALENDAR QUARTER (WHETHER IN CONTRACT, TORT, NEGLIGENCE, STATUTE, RESTITUTION, OR OTHERWISE) SHALL NOT EXCEED ONE HUNDRED PER CENT (100%) OF THE FEES PAID FOR INFORMATION SERVICES IN THE CALENDAR QUARTER IN WHICH THE CLAIM AROSE.

PREVOST SHALL NOT BE LIABLE (WHETHER IN CONTRACT, TORT, NEGLIGENCE, STATUTE OR OTHERWISE) FOR ANY LOSS OF PROFIT, LOSS OF BUSINESS, WASTED MANAGEMENT TIME OR COSTS OF DATA RECONSTRUCTION OR RECOVERY, WHETHER SUCH LOSS ARISES DIRECTLY OR INDIRECTLY AND WHETHER PREVOST WAS AWARE OF ITS POSSIBILITY OR NOT, OR FOR ANY CONSEQUENTIAL OR INDIRECT LOSSES.

PREVOST SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE OF ANY KIND WHATSOEVER CAUSED BY ACTS OR OMISSIONS OF THE CUSTOMER, INCLUDING, BUT NOT LIMITED TO, THE CUSTOMER’S FAILURE TO COMPLY WITH ANY DATA PROTECTION LAWS.

PREVOST SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE OF ANY KIND WHATSOEVER CAUSED BY A FAILURE OR DOWNTIME OF THE PUBLIC COMMUNICATIONS SYSTEMS ON WHICH THE PROVISION OF THE INFORMATION SERVICES MAY BE DEPENDENT.

THE CUSTOMER UNDERSTANDS AND AGREES THAT: (I) IT HAS NO CONTRACTUAL RELATIONSHIP WITH THE UNDERLYING CARRIER OF MOBILE AND WIRELESS SERVICES USED FOR THE TRANSMISSION OF DATA AND INFORMATION, (II) IT IS NOT A THIRD PARTY BENEFICIARY OF ANY AGREEMENT BETWEEN PREVOST OR ANY OF ITS AFFILIATES AND THE UNDERLYING CARRIER, (III) THE UNDERLYING CARRIER HAS NO LIABILITY OF ANY KIND TO CUSTOMER WHETHER FOR BREACH OF CONTRACT, WARRANTY, NEGLIGENCE, STRICT LIABILITY IN TORT OR OTHERWISE, (IV) MESSAGES AND ANY OTHER INFORMATION OR DATA MAY BE DELAYED, DELETED OR NOT DELIVERED, AND (V) THE UNDERLYING CARRIER CANNOT GUARANTEE THE SECURITY OF WIRELESS TRANSMISSIONS AND WILL NOT BE LIABLE FOR ANY LACK OF SECURITY RELATING TO THE USE OF THE INFORMATION SERVICES.

7. WARRANTIES

The Customer warrants to Prevost that it has, and will have at all times during the term of this Agreement, all necessary consents, permissions, licenses and authorizations to ensure that the Customer uses the Information Services, Information Systems and Digital Channels in full compliance with all applicable laws and regulations.

Statutory or manufacturer’s warranty rights are limited to those provided in relation to the specific Information Services separately purchased by the Customer. Such warranty rights do not cover any other Information Services and/or the operability of the Information Systems.

Prevost hereby excludes to the fullest extent permissible in law, all conditions, warranties and stipulations, express (other than those set out in this Agreement) or implied, statutory, customary or otherwise which, but for such exclusion, would or might subsist in favor of Customer.

8. GENERAL

By entering into any agreement that incorporates this Agreement by reference, or by downloading, accessing, installing or otherwise using the Information Services, the Customer acknowledges that it: (a) has read and understood the Agreement; (b) has all necessary authorizations to enable it to enter into the Agreement (including where it is entering into the Agreement on behalf of other group entities) and to enable the Volvo Group to undertake the activities foreseen in the Agreement; and (c) agrees to be bound by its terms and conditions, as amended from time to time, in place of any previous Telematics Services Agreement or General Data Processing Agreement between Prevost and the Customer.

Prevost may vary or amend the terms and conditions of this Agreement by publishing a new version at https://prevostcar.com/data-management. The Customer shall be deemed to have accepted the new terms if it has continued to use the Information Services for three

(3) months after such new terms have been published.

The formation, existence, construction, performance, validity and all aspects whatsoever of this Agreement or of any term of this Agreement will be governed by the laws of the State of Delaware (but without giving effect to Delaware’s principles regarding conflicts of laws). The United Nations Convention on the International Sales of Goods shall not apply to this Agreement.

Any dispute, controversy or claim arising between the parties—or a claim brought by a user of the Information Services against Prevost—based on, or in connection with, this Agreement, shall be finally settled by arbitration accordance with the Commercial Arbitration Rules of the American Arbitration Association, provided that nothing shall prevent Prevost from seeking interim or provisional relief, including a temporary restraining order, preliminary injunction or other interim equitable relief if necessary to protect Prevost’s interests in its intellectual property or confidential information. Such injunctive relief may be without necessity of proving actual damages or posting of a bond. The arbitral proceedings shall be conducted in the English language and be held in Greensboro, North Carolina.

All arbitral proceedings conducted, all information disclosed, and all documents submitted or issued by or on behalf of any of the disputing parties or the arbitrators in any such proceedings as well as all decisions and awards made or declared in the course of any such proceedings shall be kept strictly confidential and may not be used for any other purpose than such proceedings or the enforcement of any such decision or award, nor shall they be disclosed to any third party without the prior written consent of the party to which the information relates, or as regards to a decision or award, the prior written consent of all disputing parties.

Nothing in this agreement shall limit the forum or law for Prevost to litigate claims or defenses involving Prevost’s intellectual property or confidential information.

If any condition or part of this Agreement is found by any court, tribunal, administrative body or authority of competent jurisdiction to be illegal, invalid or unenforceable then that provision will, to the extent required, be severed from this Agreement and will be ineffective, without, as far as is possible, modifying any other provision or part of this Agreement and this will not affect any other provisions of this Agreement which will remain in full force and effect.

Prevost shall have the right to transfer this Agreement at any time to any other Volvo Group entity. The Customer shall approve such assumption of contract and shall release Prevost from this Agreement without any further claims.

IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT (OR ANY AMENDMENT OF THIS AGREEMENT), YOU MUST NOT DOWNLOAD, ACCESS, INSTALL OR OTHERWISE USE ANY OF THE INFORMATION SERVICES.

APPENDIX 1

PERSONAL INFORMATION PROCESSING ADDENDUM

This Personal Information Processing Addendum (the “PIPA”) sets out the additional terms, requirements, and conditions on which Prevost will, if required to, process Personal Information pursuant to the Data Management Agreement to which this PIPA is attached as Appendix 1 (the “DMA”).

  1. Definitions and Interpretation
  • The following definitions and rules of interpretation apply in this PIPA:

“Business Purpose” means the parties’ provision and receipt of the Information Services described in the DMA.

“Data Subject” means an individual who is the subject of the Personal Information and to whom or about whom the Personal Information relates or identifies, directly or indirectly.

“Personal Information” means any information Prevost processes for the Customer pursuant to the DMA that (a) identifies or relates to an individual who can be identified directly or indirectly from that data alone or in combination with other information in Prevost’s possession or control or that Prevost is likely to have access to, or (b) the relevant Privacy and Data Protection Requirements otherwise define as protected personal information.

“Processing, processes, or process” means any activity that involves the use of Personal Information or that the relevant Privacy and Data Protection Requirements may otherwise include in the definition of processing, processes, or process. It includes obtaining, recording, or holding the data, or carrying out any operation or set of operations on the data including, but not limited to, organizing, amending, retrieving, using, disclosing, erasing, or destroying it. Processing also includes transferring Personal Information to third parties.

“Privacy and Data Protection Requirements” means all applicable laws and regulations relating to the processing, protection, or privacy of the Personal Information, including where applicable, the guidance and codes of practice issued by regulatory bodies in any relevant jurisdiction.

“Security Breach” means any act or omission that compromises the security, confidentiality, or integrity of Personal Information or the physical, technical, administrative, or organizational safeguards put in place to protect it.

  • This PIPA is subject to the terms of the DMA and is incorporated into the Interpretations and defined terms set forth in the DMA apply to the interpretation of this PIPA.
  • In the case of conflict or ambiguity between any of the provisions of this PIPA and the provisions of the DMA, the provisions of this PIPA will prevail and control.
  1. Processing Purposes. The Customer retains control of the Personal Information and remains responsible for its compliance obligations under the applicable Privacy and Data Protection Requirements, including providing any required notices and obtaining any required consents, and for the processing instructions it gives to Prevost. The Customer discloses Personal Information to Prevost only for the limited and specified Business Purposes.
  2. Prevost’s Obligations
  • Prevost will only process, retain, use, or disclose the Personal Information to the extent, and in such a manner, as is necessary for the Business Purposes in accordance with the Customer’s written instructions. Prevost will not process, retain, use, or disclose the Personal Information for any other purpose, outside of the parties’ business relationship, or in a way that does not comply with this PIPA or the Privacy and Data Protection Requirements.

Prevost must promptly notify the Customer if, in its opinion, the Customer’s instruction would not comply with the Privacy and Data Protection Requirements.

  • Prevost must promptly comply with any Customer request or instruction requiring Prevost to amend, transfer, or delete the Personal Information, or to stop, mitigate, or remedy any unauthorized processing. Notwithstanding the foregoing, the Customer acknowledges that the Digital Channels provide the means to amend, transfer or delete Personal Information, and the Customer agrees that it shall use commercially reasonable efforts to utilize such means within the Digital Channels prior to requesting that Prevost take such actions under this Section 3.2.
  • Prevost will maintain the confidentiality of all Personal Information and will not sell it to anyone, share it for cross-contextual (targeted) advertising with anyone, or disclose it to third parties without specific authorization from the Customer or as permitted by this PIPA, unless required by law. If a law requires Prevost to process or disclose Personal Information, Prevost must first inform the Customer of the legal requirement and give the Customer an opportunity to object or challenge the requirement, unless the law prohibits such notice.
  • Prevost will reasonably assist the Customer with meeting the Customer’s compliance obligations under the Privacy and Data Protection Requirements, taking into account the nature of Prevost’s processing and the information available to Prevost.
  • Prevost must promptly notify the Customer of any changes to Privacy and Data Protection Requirements, or its ability to meet those obligations, that may adversely affect Prevost’s performance of the DMA or this PIPA.
  1. Prevost’s Employees. Prevost will limit Personal Information access to (a) those employees who require Personal Information access to meet Prevost’s obligations under this PIPA and the DMA; and (b) the part or parts of the Personal Information that those employees strictly require for the performance of their duties. Prevost will ensure that all employees (a) are informed of the Personal Information’s confidential nature and use restrictions and are obliged to keep the Personal Information confidential; (b) have undertaken training on the Privacy and Data Protection Requirements relating to handling Personal Information and how it applies to their particular duties; and (c) are aware both of Prevost’s duties and their personal duties and obligations under the Privacy and Data Protection Requirements and this PIPA.
  2. Security. Prevost must at all times implement appropriate technical and organizational measures designed to safeguard Personal Information against unauthorized or unlawful processing, access, copying, modification, storage, reproduction, display, or distribution, and against accidental loss, destruction, unavailability, or damage.
  3. Security Breaches and Personal Information Loss. Prevost will promptly notify the Customer if it becomes aware of (a) any unauthorized or unlawful processing of the Personal Information; or (b) any Security Breach. Immediately following any unauthorized or unlawful Personal Information processing or Security Breach, the parties will co-ordinate with each other to investigate the matter. Prevost will reasonably co-operate with the Customer in the Customer’s handling of the matter. Prevost will not inform any third party of a Security Breach without first obtaining the Customer’s prior written consent, except when law or regulation requires it. Prevost agrees that the Customer has the sole right to determine whether to provide notice of the Security Breach to any Data Subjects, regulators, law enforcement agencies, or others, as required by law or regulation or in the Customer’s discretion, including the contents and delivery method of the notice.
  4. Subprocessors. Prevost may only authorize a third party subcontractor (a “Subprocessor”) to process the Personal Information if (a) the Customer is given an opportunity to object within five (5) business days after Prevost supplies the Customer with full details regarding such Subprocessor; and (b) Prevost enters into a written contract with the Subprocessor that contains terms substantially the same as those set out in this PIPA. If the Customer objects to a proposed Subprocessor, Prevost may be unable to provide some or all of the Information

Accordingly, the Customer acknowledges and agrees that if the Customer objects to Prevost’s engagement of a Subprocessor, Prevost may unilaterally (and without liability to any Volvo Group entity, including Prevost) terminate the DMA or any other relevant services agreement between the Customer and any Volvo Group entity regarding the Information Services that cannot be provided due to the Customer’s objection to such Subprocessor. Notwithstanding the foregoing, each other member of the Volvo Group is hereby deemed to be an approved Subprocessor and shall be deemed bound by the terms and conditions of this PIPA.

  1. Data Subject Requests, Complaints, and Third Party Rights. Prevost must notify the Customer within five (5) business days if it receives a request from a Data Subject to exercise any rights the individual may have regarding their Personal Information, such as access, correction, deletion, or to opt-out of or limit certain activities such as disclosures or other processing actions. Prevost must notify the Customer within one (1) business day if it receives any other complaint, notice, or communication that directly or indirectly relates to the Personal Information processing or to either party’s compliance with the Privacy and Data Protection Requirements. Prevost will give the Customer all reasonable co-operation and assistance in responding to any complaint, notice, communication, or Data Subject request. Notwithstanding the foregoing, the Customer acknowledges that the Digital Channels provide the means to make corrections, deletions or blocking of Personal Information, and the Customer agrees that it shall use commercially reasonable efforts to utilize such means within the Digital Channels prior to requesting Prevost’s co-operation and assistance under this Section 8.
  2. Term and Termination. This PIPA will remain in full force and effect so long as (a) the DMA remains in effect; or Prevost retains any Personal Information related to the DMA in its possession or control (the “Term”). If a change in any Privacy and Data Protection Requirement or either party’s circumstances prevents a party from fulfilling all or part of its DMA obligations, the parties will suspend the processing of Personal Information until the party’s processing complies with the requirements. If the parties are unable to bring the Personal Information processing into compliance with the Privacy and Data Protection Requirements within thirty (30) days, they may terminate the DMA upon written notice to the other party.
  3. Data Return and Destruction. On termination of the DMA for any reason or expiration of its term, Prevost will securely destroy or, if directed in writing by the Customer, return and not retain, all or any Personal Information related to this PIPA in its possession or control. If any law, regulation, or government or regulatory body requires Prevost to retain any documents or materials that Prevost would otherwise be required to return or destroy, it will notify the Customer in writing of that retention requirement, giving details of the documents or materials that it must retain, the legal basis for retention, and establishing a specific timeline for destruction once the retention requirement ends. Prevost may only use such retained Personal Information for the required retention reason or audit purposes.
  4. Records. Prevost will keep reasonably detailed records regarding any processing of Personal Information it carries out for the Customer pursuant to the DMA, including but not limited to, the access, control, and security of the Personal Information, approved Subprocessors, the processing purposes, and any other records required by the applicable Privacy and Data Protection Requirements (the “Records”). Prevost will ensure that the Records are sufficient to enable the Customer to verify Prevost’s compliance with its obligations under this PIPA.
  5. Audit. During the Term, Prevost will permit the Customer and its third-party representatives to audit Prevost’s compliance with its obligations under this PIPA, upon at least thirty (30) days’ notice and no more than one (1) time per each calendar year; provided that the Customer and its third-party representatives conducting such audit have first entered into a confidentiality agreement that is satisfactory to Prevost in form and All such audits shall be (a) conducted during Prevost’s normal working hours, (b) conducted at the sole expense of the Customer, and (c) limited in scope, manner and duration to what which is reasonably necessary to achieve its purpose and may not unreasonably disrupt Prevost’s business operations.
  6. Customer’s Representation and Warranty. The Customer warrants and represents that Prevost’s expected use of the Personal Information for the Business Purpose and as specifically instructed by the Customer will comply with all Privacy and Data Protection Requirements.
  7. Notices. Any notice or other communication given to a party under or in connection with this PIPA must be in writing and delivered to the applicable party’s address set forth on the first page of the DMA (or such other address as such party may designate from time to time by giving notice to the other party in accordance with this Section 14).