Privacy Policy

Privacy Policy Website (English)
Privacy Policy SmartCable (English)
Datenschutzerklärung Webseite (German)
Datenschutzerklärung SmartCable (German)

You can download our privacy policies here:

Download

Datenschutzerklärung Webseite (German)

Download

Datenschutzerklärung SmartCable (German)

Download

Or you can read our privacy policies here:

Privacy Policy for the website

In this privacy policy we, ubitricity Gesellschaft für verteilte Energiesysteme mbh (EUREF-Campus 7-8, 10829 Berlin, Germany; in the following also named ”ubitricity“, ”we“ or ”us“) inform you about the processing of personal data when using our website.

Personal data is information that relates to an identified or identifiable person. This includes, above all, information that makes it possible to draw conclusions about your identity such as your name, telephone number, and address or email address. Statistical data that we collect, for example, when you visit our website and that cannot be associated with your person, is not covered by the term “personal data”.

You can print or save this privacy policy by using the usual functionality of your browser. You can also download and archive this privacy statement as a PDF file by clicking here.

1. Contact

Your contact person and so-called person responsible for the processing of your personal data when visiting this website within the meaning of the EU General Data Protection Regulation (GDPR) is

ubitricity Gesellschaft für verteilte Energiesysteme mbH

EUREF-Campus 7-8
10829 Berlin
Phone             +49 30 398 371 690
Fax:                 +49 30 398 371 699
Email:            dataprotection@ubitricity.com

For any questions about privacy in connection with our products or the use of our website, you can always contact our data protection officer. This can be reached at the above postal address as well as at the previously stated email address (keyword: “for the attention of the data protection officer”).

2. Data processing on our website

2.1 Visiting our website / access data

When you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data include in particular:

IP address of the requesting device
Date and time of your request
Address of the website visited and the requesting website
Information about your browser and operating system
Online identifiers (e.g. device IDs, session IDs)

The data processing of this access data is necessary to enable the visit of the website and to ensure the long-term functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above to provide statistical information on the use of our website in order to further develop our website in terms of the usage habits of our visitors (for example, when the share of mobile devices accessing our website increases) and to maintain and administer our website in general. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.

The information stored in the log files does not allow any direct inference to your person – in particular, we store the IP addresses only in a shortened, anonymized form. The log files are stored for 30 days and archived after subsequent anonymization.

2.2 Contacting us

The collection of information marked on the online contact form is required to process your request. These are your name and your email address. With regard to other data fields, you decide yourself whether and which information you want to make available to us.

With regard to communicating with you via the email address provided by you via our online contact form, we use the so-called “double opt-in procedure”. This means we will only process your request and send you further emails if you confirm in our notification email that you have initiated the request and that you are the owner of the specified email address by clicking on a link. On confirmation we will save your email address, the time of confirmation and the IP address used for confirmation until your request has been completely processed, unless we still need your request to fulfill contractual or legal obligations (see section “Duration of storage”). The sole purpose of the storage is to send you the newsletter and to prove your registration. If your email address is not confirmed within 24 hours, we delete the data you entered.

The described processing of your data is carried out exclusively in so far and to the extent necessary for the communication with you. The legal basis for the described processing of your data insofar is Art. 6 para. 1 lit. b GDPR. The data collected in the context of your use of our online contact form will be deleted after processing of your query is finished without undue delay, unless we require such data for a longer period of time due to contractual or statutory obligations (cf. section “Duration of storage”).

2.3 CleverPortal

After purchasing our product “Mobile Charging” with SmartCable, we will create a profile for you on our consumer portal “CleverPortal”. Our Customer care will provide you with the login data, so you can monitor your power consumption and you have an overview of your contract data. For this purpose, following of your personal data will be processed:

Login data (login name, password), contact data (title, first and last name, address, country, email-address)
Portal data (language settings, time zone, location of browser, value added tax)
Charging events data (date, time stamps of begin and end of the charging process, location of charging process, ID-Number of charging event, cost per charging event, statistics of charging events and costs, saving of CO2 Emissions)
Contract data (invoices, contract number, contract term, electricity rate, Name of device, Device ID of used Smart Cable, meter number).

The legal basis for this processing is Article 6 para 1 lit b GDPR.

2.4 Orders and billing

In an order process, we collect the necessary master data for contract fulfilment.

Title,
First and last name
Email address
Password,
Billing and shipping address.

Optional details such as telephone and fax numbers can be stated, so we can contact you in case of queries also using these. With respect to the use of the email address provided by you, we use the double opt-in procedure described in 3.2 above.

In addition, the information about the product you have purchased is stored and processed along with your master data.

As part of the payment process, we collect and process the necessary payment data according to the payment method you have selected. When paying by credit card, these are the card number, the expiration date and the security code (“CVC”). In the case of payment by electronic direct debit, these are the name of the account holder, the IBAN and the BIC or SWIFT.

The collection and processing of this data is necessary for the purpose of fulfilling the contract with you for the purchase of our products. We only process your data to the extent necessary for this purpose. The legal basis of the data processing is Art. 6 para. 1 lit. b GDPR.

If you choose payment via Stripe Payment Europe Ltd. (The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland, www.stripe.com, “Stripe”), an external payment service provider, data that are necessary for billing such as credit card data will be collected, processed and used by Stripe for this purpose only. Stripe is certified to PCI DSS. For further information please see Stripe’s privacy policy on https://stripe.com/de/privacy or contact datenschutz@ubitricity.com. The legal basis of the data processing is Art. 6 para 1 lit. b GDPR.

2.5 Newsletter

You have the option to subscribe to our newsletter, in which we keep you informed about new products and activities.

For the subscription to our newsletter, we use the double opt-in procedure described in 3.2. You can unsubscribe from the list anytime by using the respective unsubscribe link below every newsletter. Contacting us via mail or letter to the addresses given in the newsletter is of course also possible. The legal basis for data processing is your consent according to the Art. 6 para 1 lit. a GDPR.

We are cooperating with the US service provider „MailChimp“ for sending out our newsletter and managing the mailing lists. MailChimp is a company of the Rocket Science Group, LLC, 512 Means Street, Suite 404 Atlanta, GA 30318 („MailChimp“). MailChimp is offering a comprehensive and technologically convincing software solution and the provider convinced us as an enterprise that takes responsibility for data security. They are certified under the EU US Privacy Shield and hence obliged to respect EU data protection policies. The subscriptions to our newsletter are transmitted to MailChimp and saved on the platform as long as you stay subscribed. As soon as you subscribe, you receive a confirmation mail to confirm your subscription. In this process, your IP address and the time of your subscription is saved by MailChimp.

In our newsletters, we use common technologies to track interactions with our mailings (such as openings and clicks). These data are used in an anonymized form to create statistics and optimize our content for the communication with our customers. This is done by using small graphics that are embedded in mailings (so-called pixels). These data are saved exclusively in an anonymized form and not matched with your personal data. The legal basis for this practice is our interest in building customized and optimized newsletters, confirm Art. 6 para. 1 lit. f GDPR. We want to share content that is relevant to our customers and understand better what our customers are interested in. If you do not wish for your usage to be analyzed, you can unsubscribe from our newsletter or deactivate graphics in your mailing program. The data on your interaction with our newsletter are saved under a pseudonym for thirty days and then anonymized fully.

2.6 Google Maps

Our website uses the map service Google Maps of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). So the used Google map material can be embedded and shown in your browser, the browser has to establish a connection to a google server that could also be located in the US. In the case that personal data is transmitted to the US, Google has agreed to the EU-US Privacy Shield. Google thereby receives the information that our contact page was accessed from the IP address of your device. Legal basis Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in embedding a map service for building up contact.

If you access a Google map service via our website while logged into your Google account, Google can link this event to your Google profile. If you do not want this allocation, it is necessary to log out of your profile before accessing our contact page. Google saves your data and uses them for advertisement, market investigation and personalized map services. You can object to this to Google directly.

You can find more information on this in Google’s data protection policy data protection policy and the additional user conditions for Google Maps.

2.7 Applications

You can apply for available jobs by sending your application to our jobs email address. The aim of saving the data is selecting applications for a possible employment relation. For receiving and processing your data, the following information are of particular interest to us: first and last name, email address, application papers (references, CV), earliest possible starting day and payment wishes. The legal basis for processing your application are Art. 6 para. 1 lit. b and Art. 88 para. 1 GDPR.

2.8 Usage of own cookies

Some of our services require to use so-called cookies. A cookie is a small piece of text that is saved on your device by your browser. Cookies are not used to run programs or load viruses on your device. The main goal of our own cookies is rather to deliver a personalized offer for you and create a service that saves the most time possible for you.

Most browsers‘ standard settings accept cookies. You can, however, adapt your browser settings so that they reject cookies or only save them after prior consent. If you reject cookies, not all of our offerings might work without disturbances for you.

We use our own cookies particularly for

Log-in authentication
Load management
Saving your language settings
Note that a specific information of our website was shown to you – so that it will not be shown when you visit our site again.

We want to enable a more comfortable and individual usage of our website for you. These services are based on our afore-mentioned legitimate interests, legal basis is Art. 6 para. 1 lit. f GDPR.

Other than that, we also use cookies and comparable technologies (such as web beacons) of our partners for analysis and marketing. These are described more thoroughly in the following paragraphs.

2.9 Usage of cookies and similar technologies for analyses

To improve our website, we use cookies and similar technologies (such as web beacons) for statistical saving and analysis of user behavior based on clicks. Moreover, we use analyses services to evaluate our different marketing channels.

The legal basis for data processing as described in the following is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in creating an adapted user environment and continuous optimization of our web page. In the following description of technologies we use, you can also find information on your revocation possibilities to our analyses measures via a so-called opt-out cookie. Please note that if you delete all cookies in your browser and use another browser or profile in the future, you have to use an opt-out cookie again.

2.9.1 Google Analytics

Our website uses Google Analytics, an analytics service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). Google Analytics uses cookies and similar technologies to analyze and improve our website based on user behavior. The data created in this context can by transferred by Google to another server in the US and saved there. In the case that personal data are transferred to a server in the US, Google is subject to the EU-US Privacy Shield. Your IP address is however shortened before analyzing the user statistics so your identity is not exposed. For this, Google Analytics was enhanced by the code “anonymizeIP” on our website to guarantee and anonymized collection of your IP addresses.

Google will process the information generated by cookies to evaluate the usage of the website, create reports on website activities for the website holders and offer further services connected to website and internet usage.

As stated above, you can configure your browser to reject cookies, or you can prevent the collection of the data generated by cookies and related to the usage of our website (incl. your IP address and the processing of this data by Google by using a browser add-on provided by Google. As an alternative to the browser add-on or when accessing our website from a mobile device, please use this opt-out link. This prevents the collection of data by Google Analytics on this website (the opt-out is only effective for this browser and domain). If you delete cookies in this browser, you have to activate the link again.

Further information can be found in Google’s data protection policy.

2.9.2 MailChimp

For the dispatch and the administration of our newsletter we use the US-provider “MailChimp”. MailChimp is a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404 Atlanta, GA 30318 (“MailChimp”). MailChimp offers a well thought out and technically convincing software solution and the provider convinces as a secure and responsible company. They are certified under the EU-US Privacy Shield and is thus committed to comply with European data protection requirements. In view of the US data protection regulations, which deviate from the European requirements. The details of your subscription to the newsletter will be transmitted by us to MailChimp and stored there as long as you remain subscribed for the newsletter. After registering to receive the newsletter, you will receive a confirmation email to confirm your subscription. In this context, your IP address and the time of your confirmation will be collected and stored by MailChimp.

Further information can be found in the privacy policy of MailChimp.

2.10 Social Media Plug-Ins

Our website uses social media plug-ins (such as the like button) on the following social networks (also referred to as “social networks” below):

Facebook Inc., 1601 Willow Road, Menlo Park, Calif., 94025, USA (“Facebook“), whose privacy policy and other data collection information can be accessed through the following two links: http://www.facebook.com/policy.php ; http://www.facebook.com/help/186325668085084 ;
Twitter, Inc., 1355 Market St., Suite 900, San Francisco, California 94103, United States (“Twitter“), whose privacy policy is accessible through the following link: https://twitter.com/privacy

The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, based on our legitimate interest that you share our content through social networks and we increase our reach.

In the event that personal information is transferred to the US, Facebook, and Twitter have been subject to the EU-US Privacy Shield. The social networks receive the information that you have accessed the corresponding subpage of our online service. This happens regardless of whether you have an account on one of the social networks and are logged in there. If you are logged in to one of the social networks, this data will be assigned directly to your local account. If you run the activated plug-in and for example, if you link the page, the social network will also store this information, including the date and time, in your user account and publicly disclose this to your contacts. If you do not want the association with your profile in the respective social network, you must log out before activating the plug-in.

The social networks store these data as usage profiles and use them for purposes of advertising, market research and / or tailor-made design of their websites. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the establishment of these user profiles, as Facebook members you can disable advertising based on social actions in the advertising preferences. You can also completely prevent the social media plug-ins of the social networks from being loaded with add-on programs for your browser, e.g. with the Facebook Blocker or the “Block third-party cookies” feature.

For more information, especially on the purpose and extent of data collection and the further processing and use of data by social networks and their rights and options to protect your privacy, please refer to the above linked privacy policy of the respective social networks.

We point out that we have no influence on the terms of use of the social networks and the services they offer, and only limited influence on their data processing. Please check carefully what data you share with us through the social networks. We cannot accept responsibility for the behavior of the social network operators and other users as well as third parties who may collaborate with the social network operators or use their services.

3. Disclosure of data

A transfer of the data collected by us takes place only if:

You have given your express consent to this according to Art. 6 para. 1 lit. a GDPR
Disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR required to assert, exercise or defend legal claims and no reason stands to assume that you have a predominantly legitimate interest in refraining from passing on your data,
We are required by law to disclose in accordance with Art. 6 para. 1 lit. c GDPR
It is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b GDPR required for the execution of contractual relationships with you or for the execution of pre-contractual measures, which are carried out at your request.

Part of the data processing can be done by our service providers. In addition to the service providers mentioned in this privacy policy, this may include, but is not limited to, data centers that maintain our website and databases, IT service providers who maintain our systems, other service providers, and consulting firms. If we transfer data to our service providers, they may only use the data to fulfill their tasks. The service providers were carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organizational measures to protect the rights of the persons concerned and are regularly monitored by us.

In addition, it may be disclosed in connection with government inquiries, court orders and legal proceedings if required for the prosecution or enforcement.

3.1 WordPress

To process the data entered through our online contact form, we use the WordPress tool, a service of Automattic Inc. (60 29th St. # 343, San Francisco, CA 94110, USA, “Autmoattic”). In this regard, the data entered in our online contact form will be fed directly into our newsletter mailing list via WordPress. Insofar as your data is transferred to the US, Autmoattic has submitted to the EU-US Privacy Shield. The legal basis is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest to process the data entered via the online contact form on our website safely and reliably by external service providers and at the same time to reduce our own effort for the provision of the IT infrastructure of our website.

4. Data retention time

As a matter of principle, we store personal data only as long as necessary to fulfill the contractual or legal obligations to which we have collected the data. Thereafter, we delete the data immediately, unless we need the data until the expiration of the statutory limitation period for evidence for civil claims or for statutory storage requirements.

For evidence, we must retain contract information for three years from the end of the year in which the business relationship ends with you. Any claims become statute-barred after the legal limitation period at the earliest at this time.

Even after that, we sometimes have to save your data for accounting reasons. We are obliged to do so because of legal documentation obligations which may arise from the German Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act and the Securities Trading Act. The deadlines for storing documents are two to ten years.

5. Your rights

You have the right to request information about the processing of your personal data by us at any time. As part of the provision of information, we will explain the data processing and provide you with an overview of the data stored about you. If data stored by us should be incorrect or out of date, you have the right to have this information corrected. You may also request the deletion of your data. If deletion is not possible by way of exception due to other regulations, the data will be blocked so that they are only available for this legal purpose. You can also limit the processing of your data, such as: For example, if you believe that the information we hold is incorrect. You also have the right to data portability, this means that we will send you a digital copy of the personal data you provide on request.

To exercise your rights as described here, you can always use the contact details above. This also applies if you wish to receive copies of warranties to demonstrate adequate data protection.

In addition, you have the right to object to data processing, which is based on Art. 6 para. 1 lit. e or f GDPR is based. Finally, you have the right to complain to the Data Protection Authority responsible for us. You can assert this right with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged breach. In Berlin, the headquarters of ubitricity, the competent supervisory authority is: Die Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstraße 219, 10969 Berlin, Germany.

6. Right of revocation and opposition

In accordance with Article 7 para. 2 of the GDPR, you have the right to revoke a consent once given to us at any time. As a result, we will not continue the data processing based on this consent for the future. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

Insofar as we process your data on the basis of legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your data and to give us reasons that arise from your particular situation and that, in your opinion, speak in favor of your legitimate interests. If it concerns an objection against the data processing for purposes of the direct advertisement you have a general right of objection, which is implemented also without the indication of reasons for us.

If you would like to exercise your right of revocation or objection, it is sufficient to send an informal message to the above mentioned contact details.

7. Data Security

We maintain up-to-date technical measures to ensure data security, in particular to protect your personal data against dangers during data transfers as well as against access by third parties. These are adjusted according to the current state of the art. To secure the personal information you provide on our website, we use Transport Layer Security (TLS), which encrypts the information you provide.

8. Changes to the data protection policy

Occasionally, we may update this privacy policy, for example, when we adapt our website or change the legal or regulatory requirements.

Version: 2.0 / Status: March 2019

Privacy Policy SmartCable

In this privacy policy, ubitricity Distributed Energy Systems UK Limited; Spectrum House, Unit 11 32-34, Gordon House Road, London NW5 1LP; in the following also named ”ubitricity DES UK Ltd.“, ”we“ or ”us“) informs you about the processing of your personal data when using the ubitricity SmartCable and related services.

You can print or save this privacy policy by using the usual functionality of your browser. You can also download and archive this privacy statement as a PDF file by clicking here.

1. Contact

Your contact person and so-called controller (which is the person responsible for the processing of your personal data when using the Direct Access Charging) within the meaning of the EU General Data Protection Regulation (GDPR) is:

ubitricity Distributed Energy Systems UK Limited (ubitricity DES Ltd.)

Spectrum House · Unit 11 ·

32-34 Gordon House Road · London · NW5 1LP

email: dataprotection@ubitricity.co.uk

For any questions on the subject of privacy in connection with our products and services, you can also contact our data protection officer at the above postal address as well as at the previously stated email address (keyword: “for the attention of the data protection officer”).

2. Data processing

2.1 SmartCable order and billing

When ordering a SmartCable we process the following data to fulfil our contractual obligations under our contract with you on the provision of our services.

Title,
First and last name,
Email address,
Password,
Billing and shipping address.

Optional details such as telephone and fax numbers can be stated, so we can contact you in case of queries also using these.

If you choose payment via Stripe Payment Europe Ltd. (The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland, www.stripe.com, “Stripe”), an external payment service provider, data that are necessary for billing such as credit card data will be collected, processed and used by Stripe for this purpose only. Stripe is certified to PCI DSS. Stripe may process your Data in the USA. For further information please see Stripe’s privacy policy on https://stripe.com/de/privacy.

2.2 Customer support

When calling the customer support hotline or sending e-mails to our customer support, ubitricity DES UK Ltd. may process the following data for your inquiry and to fulfill our contractual obligation under our contract with you on the provision and use of the SmartCable and related services.

E-Mail address
Telephone number
Charging events data (date, time stamps of beginning and end of the charging process, charged kWh, location of charging process, ID-number of charging event, cost per charging event, statistics of charging events and costs)
ID-number of SmartCable and used SimpleSocket
Billing data
Customer address
Any other relevant data provided through telephone or e-mail by you

The legal basis of the data processing is Art. 6 para. 1 lit. b GDPR.

2.3 CleverPortal

After purchasing the SmartCable and related services, we will create a profile for you on our customer portal “CleverPortal” in order to fulfill our contractual obligation under our contract with you on the provision and use of the SmartCable and related services. Our Customer support will provide you with the login data, so you can monitor your power consumption and you have an overview of your contract data. For this purpose, following of your personal data will be processed:

Login data (login name, password), contact data (title, first and last name, address, country, email-address)
Portal data (language settings, time zone, location of browser, value added tax)
Charging events data (date, time stamps of beginning and end of the charging process, location of charging process, ID-number of charging event, cost per charging event, statistics of charging events and costs)
Contract data (invoices, contract number, contract term, electricity rate, name of device, device ID of used Smart Cable, meter number).

The legal basis for this processing is Article 6 para 1 lit b GDPR.

2.4 Charging and billing

When charging with the SmartCable, ubitricity DES UK Ltd. will process the following data to fulfil our contractual obligations under our contract with you on the provision of our services to enable and invoice the charging process:

E-Mail address
Charging events data (date, time stamps of beginning and end of the charging process, charged kWh, location of charging process, ID-number of charging event, cost per charging event, statistics of charging events and costs)
ID-number of SmartCable and used SimpleSocket
Billing data
Customer address

The legal basis of the data processing is Art. 6 para. 1 lit. b GDPR.

If you choose payment via Stripe Payment Europe Ltd. (The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland, www.stripe.com, “Stripe”), an external payment service provider, data that are necessary for billing such as credit card data will be collected, processed and used by Stripe for this purpose only. Stripe is certified to PCI DSS. Stripe may process your Data in the USA. For further information please see Stripe’s privacy policy on https://stripe.com/de/privacy. The legal basis of the data processing is Art. 6 para 1 lit. b GDPR.

2.5 Customer Experience Surveys and Customer Experience Research

ubitricity DES UK Ltd. may ask you to participate in customer experience surveys and may analyze your charging data. ubitricity DES UK Ltd. is doing this based on your consent to this privacy policy and the legitimate interest to improve services. If you consent, the following data will be processed:

E-Mail address
Survey answers (such as contact details, charge data, customer satisfaction)
Data of the charging session (kWh, location, time, and duration of charging event)
Data of previous charging sessions, for which the SmartCable was used.
Data of previous direct access charging sessions, which were ordered with the same E-Mail address.
Any other data provided through the survey by you

The legal basis of the data processing is Art. 6 para. 1 lit. a and f lit. f GDPR.

3. Disclosure of data

A transfer of the data collected by us takes place only if:

You have given your express consent to this according to Art. 6 para. 1 lit. a GDPR
It is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b GDPR required for the execution of contractual relationships with you or for the execution of pre-contractual measures, which are carried out at your request.
We are required by law to disclose in accordance with Art. 6 para. 1 lit. c GDPR
Disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR required to assert, exercise or defend legal claims and no reason stands to assume that you have a predominantly legitimate interest in refraining from passing on your data,

Where this is necessary in order to provide you with our charging services and, thus, fulfill our contractual obligations resulting from the respective contract we have concluded with you, and insofar as permitted under law, we may share your pseudonymised data (i.e. place, duration and amount of any charging activity performed by you) with competent local government agencies in charge of charge points as well as with the TfL, London Councils and Greater London Authority. Legal basis for such transfer of your data is the necessity of which for fulfillment of our contract with you on the provision of our charging services according to Art. 6 (1) b) GDPR.

In addition to the service providers mentioned in this privacy policy, your data may be transferred by us to the following of our service providers for the services set out as follows this may include, but is not limited to:

In addition, it may be disclosed in connection with government inquiries, court orders and legal proceedings if required for the prosecution or enforcement.If we transfer data to our above-mentioned service providers, they may only use the data to fulfill their tasks. The service providers were carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organizational measures to protect the rights of the persons concerned and are regularly monitored by us.

Where data is transferred outside of the European Economic Area and the United Kingdom of Great Britain and Northern Ireland either Standard Contractual Clauses (SSC) or Binding Corporate Rules (BCR) are in place or the European Commission has ruled that the country ensures an adequate level of protection.

4. Data retention time

As a matter of principle, we store personal data only as long as necessary to fulfill the contractual or legal obligations to which we have collected the data. Thereafter, we delete or anonymize the data, unless we need the data until the expiration of the statutory limitation period for evidence for civil claims or for statutory storage requirements.

With respect to any of your data that we collect and process based on your respective consent in the context or our Customer Experience Surveys and Customer Experience Research, such data will be stored by us for 4 years or – prior to that- until you withdraw your consent to the processing of your data as described in this paragraph, unless continued processing of your data is required and permitted under applicable statutory data privacy law.

5. Your rights

To exercise your rights as described here, you can always use the contact details above. This also applies if you wish to receive copies of warranties to demonstrate adequate data protection.

In addition, you have the right to object to data processing, which is based on Art. 6 para. 1 lit. e or f GDPR. Finally, you have the right to complain to the Data Protection Authority responsible for us. You can assert this right with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged breach. In UK the competent supervisory authority is: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, U.K.

6. Right of revocation and opposition

If you would like to exercise your right of revocation or objection, it is sufficient to send an informal message to the above-mentioned contact details.

7. Data Security

8. Changes to the data protection policy

Occasionally, we may update this privacy policy, for example, when we adapt our website or change the legal or regulatory requirements.

Version: 2.0 / Status: August 2020