Go to content

UVO Connect Legal Notice

  • 1. Introduction

    This Privacy Notice of Kia UVO Connected GmbH, registered under the registration number HRB 112541, ("Kia" , "we" or "us" ) applies to the collection and processing of personal data in connection with the provision of Kia UVO services ("App Services" ) via the UVO app ("UVO App" ). We at KIA take your privacy very seriously and will process your personal data only in accordance with applicable data protection and privacy law.

    We may change and/or supplement this Privacy Notice at any time. Such changes and/or supplements may be necessary in particular due to the implementation of new technologies or the introduction of new services. We will publish the changes on our websites and/or in the UVO App.

  • 2. Controller

    The responsible controller for any personal data collected and processed in connection with the provision of the App Services is Kia UVO Connected GmbH.

  • 3. Contact Point and Data Protection Officer

    3.1 If you have any questions about or in connection with this Privacy Notice or the exercise any of your rights, you may contact our customer call center:

    Kia UVO Connected GmbH
    Email: info@kia-uvo.eu
    Ordinary mail: Theodor-Heuss-Allee 11, 60486 Frankfurt am Main
    Phone: +49 8007773044

    3.2 Alternatively, you may also contact our data protection officer:

    Email: dpo@kia-uvo.eu
    Ordinary mail: Data Protection Officer, Theodor-Heuss-Allee 11, 60486 Frankfurt am Main

  • 5. Your Rights

    If you have declared your consent for any personal data processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.
    Pursuant to applicable data protection law you may have the right to: request access to your personal data, request rectification of your personal data; request erasure of your personal data, request restriction of processing of your personal data; request data portability, and object to the processing of your personal data.

    In addition, you also have the right to lodge a complaint with the competent data protection supervisory authority.

    Please note that these aforementioned rights might be limited under the applicable national data protection law.

    5.1 Right of Access: You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed, and, where that is the case, to request access to the personal data. The access information includes – inter alia – the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access.

    You may have the right to obtain a copy of the personal data undergoing processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs.

    5.2 Right to rectification: You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

    5.3 Right to erasure ("right to be forgotten"): Under certain circumstances, you may have the right to obtain from us the erasure of personal data concerning you and we may be obliged to erase such personal data.

    5.4 Right to restriction of processing: Under certain circumstances, you may have the right to obtain from us restriction of processing your personal data. In this case, the respective data will be marked and may only be processed by us for certain purposes.

    5.5 Right to data portability: Under certain circumstances, you may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit those data to another entity without hindrance from us.

    5.6 Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation at any time to the processing of your personal data by us and we can be required to no longer process your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.


    5.7 Right to make arrangements for the storage and communication of data after one’s death: You have a right to make specific arrangements for the storage and communication of your personal data after your death, and we will act accordingly. You may also make general arrangements with a third party, which will let us know about your instructions in due time.



  • 6. Recipients and Categories of Recipients

    Any access to your personal data at Kia is restricted to those individuals that have a need to know in order to fulfill their job responsibilities.

    Kia may transfer your personal data for the respective purposes to the recipients and categories of recipients listed below:

    Private third parties – Affiliated or unaffiliated private bodies other than us that alone or jointly with others, determine the purposes and means of the processing of personal data.

    For the purpose of providing the App Services we need to transfer data (e.g. to our data processors – see below). For this technical service we rely on telecommunication services provided by telecommunication providers (currently Vodafone GmbH, Ferdinand-Braun-Platz 1, 40549 Dusseldorf, Germany).

    Data processors – Certain third parties, whether affiliated or unaffiliated, may receive your personal data to process such data on behalf of Kia under appropriate instructions as necessary for the respective processing purposes. The data processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal data, and to process the personal data only as instructed.

       &nbsp- The data processors for the App Services are Hyundai Autoever Europe GmbH, Kaiserleistraße 8a, 63067 Offenbach am Main, Germany and Hyundai MnSoft Inc., 74, Wonhyoro, Yongsan-gu, Seoul, Korea.

       &nbsp- The data processors for call center services are affiliates of Kia, which are located in the EU/EEA.

    Governmental authorities, courts, external advisors, and similar third parties that are public bodies as required or permitted by applicable law.

  • 7. Cross-Border Data Transfer

    Some of the recipients of your personal data will be located or may have relevant operations outside of your country and the EU/EEA, e.g. in the Republic of Korea, where the data protection laws may provide a different level of protection compared to the laws in your jurisdiction and with regard to which an adequacy decision by the European Commission does not exist. With regard to data transfers to such recipients outside of the EU/EEA we provide appropriate safeguards, in particular, by way of entering into data transfer agreements adopted by the European Commission (e.g. Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC)) with the recipients or taking other measures to provide an adequate level of data protection. A copy of the respective measure we have taken is available via our data protection officer (see 3.2 above).

  • 8. Storage Period

    8.1 Your personal data is stored by Kia and/or our service providers, strictly to the extent necessary for the performance of our obligations and strictly for the time necessary to achieve the purposes for which the personal data is collected, in accordance with applicable data protection laws. When Kia no longer needs to process your personal data, we will erase it from our systems and/or records and/or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which Kia is subject; e.g., personal data contained in contracts, communications, and business letters may be subject to statutory retention requirements, which may require retention of up to 10 years).

    8.2 Where no legal or regulatory retention periods apply, as a rule, all personal data processed in connection with the provision of the App Services is deleted or anonymized immediately after provision of the individual services action has been completed with the following exceptions:

    Log-in data are stored for the duration of the contract (i.e. up to seven years)

    8.3 Termination of account: If you choose to terminate your use of the App Services (e.g. by setting the respective preference in the UVO App) all personal data related to your UVO account will be deleted, unless retention periods apply (see 8.1 above).

    8.4 Reset of account: Your UVO account may be reset by setting the respective preference (e.g. in the UVO App). Upon reset of the UVO account, you will be logged out of the UVO App and will have to perform a new log-in procedure or log in with different credentials if you intend to use the App Services.

  • 9. Offline Mode

    You may choose to activate an Offline Mode by setting the respective preference. If Offline Mode is turned on all UVO functions are disabled and no personal data, in particular no location data (GPS), is collected.

  • 10. Local Law Amendments

    The following local law amendments apply:

    Spain

    Section 5.2 para. 2 shall be replaced as follows:

    You may have the right to obtain a copy of the personal data undergoing processing. For further copies requested by You within six months unless there is legitimate cause to do so, we may charge a reasonable fee based on administrative costs.

    Section 8 shall be replaced as follows:

    8.1 Your personal data is stored by Kia and/or our service providers, strictly to the extent necessary for the performance of our obligations and strictly for the time necessary to achieve the purposes for which the personal data is collected, in accordance with applicable data protection laws. When Kia no longer needs to process your personal data, we will block it and once the period for the statute of limitation has elapsed (e.g., personal data contained in contracts, communications, and business letters may be subject to statutory retention requirements, which may require retention of up to 10 year), we will erase it from our systems and/or records and/or take steps to properly anonymize it so that you can no longer be identified from it.

    8.2 Where no legal or regulatory retention periods apply, as a rule, all personal data processed in connection with the provision of the App Services is blocked and subsequently erased or anonymized immediately after provision of the individual services action has been completed with the following exceptions:

    Log-in data are stored for the duration of the contract (i.e. up to seven years)
    8.3 Termination of account: If you choose to terminate your use of the App Services (e.g. by setting the respective preference in the UVO App) all personal data related to your UVO account will be blocked and subsequently deleted as explained above.



    Italy

    Regardless anything to the contrary as indicated in the above Privacy Notice, the following will apply to the extent Italian law will apply to the processing of your personal data: (i) in no event Kia will process your personal data for profiling purposes without your consent; (ii) if You are an existing customer and have provided Kia with your email address, and without prejudice to your right of object pursuant to point 5.6 above, Kia may send you marketing communications via email in relation to products or services similar to the products or services previously purchased by You; (iii) with reference to storage periods, Kia will retain personal data processed for marketing or profiling purposes, if any, for 24 and 12 months, respectively, unless the Italian data protection supervisory authority authorizes Kia to retain them for a longer period.

    The contact details of the Italian data protection supervisory authority are the following:

    Garante per la Protezione dei Dati Personali
    Piazza Venezia n. 11 - 00187 Rome
    www.gpdp.it - www.garanteprivacy.it
    Email: garante@gpdp.it
    Fax: (+39) 06 696773785
    Tel: (+39) 06 696771

    Netherlands

    Section 8.1 shall be amended as follows:

    The standard statutory data retention period for general bookkeeping purposes is 7 years in the Netherlands. Note that this retention period may be extended, in particular if the applicable law so requires and/or if necessary for the purposes of the legitimate interests pursued by Kia (for example due to threatening or pending litigation).