Privacy Policy 

Updated 8 February 2021

 

  1. Introduction
    Zaptec AS (hereinafter referred to as “Zaptec”) is committed to protecting the privacy of its customers. This policy sets out how we process personal data. This Privacy Policy describes how we collect and use personal data when Zaptec is the Data Controller or in other situations to which this policy applies. “Personal data” refers to information about you or another person that can be identified.

    2. Data Controller
    Zaptec’s CEO is the Data Controller for all data and determines the purpose of the processing of personal data. However, the Data Controller may assign tasks to subordinates and may delegate the day-to-day responsibility for the processing of personal data where necessary to comply with the General Data Protection Regulation (GDPR), the Norwegian Personal Data Act and the provisions set down in this policy.

    Please to do not hesitate to contact us if you have any questions about this policy or about our processing of personal data in general:

    E-mail address: gdpr@old.zaptec.com

Postal address: Zaptec Charger AS, PO Box 8034, 4068 Stavanger, Norway

Zaptec recommends that you do not send any sensitive or confidential information via e-mail.

3. Collection and use of personal data
Zaptec’s processing of personal data is based either on contractual fulfilment or legitimate interest.  The personal data that we collect is used solely for the purposes described in this Privacy Policy. Zaptec shall ensure that any personal data processed is not subsequently used for purposes that are not in accordance with the original purpose of the collection of such personal data, unless the customer consents to such use.

The personal data that we collect and use shall be adequate and relevant for the purpose of the processing and shall be correct and up-to-date.

Zaptec’s procedures for the processing of personal data are secure. Data is stored securely so that it cannot be used improperly and so that the requirements concerning privacy, confidentiality and accessibility set down in the Norwegian Personal Data Act are met.

Only selected Zaptec employees have access to personal data. Access is managed using password-based access control. Zaptec has proper access control procedures in place.

We collect personal data for the purposes specified below. 

3.1 Registration and use of ZapCloud
When you create a ZapCloud user account and use ZapCloud, we will collect and store the data you provide to us. This data includes:

  • name
  • e-mail address
  • mobile telephone number (optional)
  • location data and language
  • charging history

 

Personal data is processed in relation to ZapCloud features. This is necessary to enable users to confirm their identity, both when creating a user profile and when logging in to use the profile. Zaptec may also use your personal data in order to contact you in connection with customer support queries if necessary.

Zaptec processes your charging history. This processing is necessary for us to be able to fulfil our obligations under the agreement entered into with the customer. This ensures that you are able to charge using chargers and installations that require internal approval, manage installations and charging stations, view the charging history for an installation, view your own charging history and log into the app. The app uses the same login details and database as ZapCloud.

3.2 Purchases
When you purchase a product or service from Zaptec, we will record the following data:

  • name
  • billing address
  • payment information
  • mobile telephone number (optional)
  • e-mail address
  • purchase history
  • product type and serial number

 

When you purchase a product or service from Zaptec, we process your personal data so that we can process the order, finalise and complete the transaction and issue invoices. We store your purchase history in order to be able to confirm your rights under warranty.

3.3 Support inquiries
When you contact our support team, we may store personal data such as

  • customer name
  • telephone number
  • address
  • e-mail address
  • location
  • Diagnostics and meter readings

 

Zaptec may use personal data to customise user support and improve customer service by means of complete data on usage, error messages, etc.

3.4 Zaptec.com
When you visit www.old.zaptec.com, we collect data about

  • the pages you visit
  • how you use the pages

 

We use cookies to collect this data. Cookies are standard form of technology used by most websites today. A cookie is a small text file that is retained by your web browser. It allows us to see what users look at, how they navigate the website and how the website content works. We also collect data about navigation, the time of visits and your web browser version and similar so that we can customise the website content for you as a user. You can read more about cookies and the cookies we use at Zaptec.com/cookies/.

We collect and process data about what you look at in order to improve the performance and visibility of the website.

3.5 Customer contact
We may collect the following data when you contact Zaptec via e-mail or chat:

  • name
  • e-mail address

 

Zaptec may use the e-mail address of an existing customer to provide information about Zaptec’s services and products. We will only use the personal data we have about you to send offers and information about our products if you have explicitly consented to this. In this regard, we will, among other things, use the data we have about your previous purchases to provide you with offers that we think you may be interested in. You can withdraw your consent at any time by contacting gdpr@old.zaptec.com.

We will store personal data such as name, address and/or telephone number, gender, date of birth, interests, etc. only if you explicitly consent to participate in a survey, competition, promotion or similar on our website and depending on what is requested in the promotion or user survey in question.

4. Sharing of personal data
In certain cases, your personal data may be shared with other companies or organisations, provided that there is a lawful basis for doing so. 

 

4.1 Other companies within the Group
We may share personal data with other companies in the Zaptec Group if this is necessary to fulfil Zaptec’s contractual obligations to you. The data shared by Zaptec will not be used by the receiving company for any purpose other than those specified in this policy.

4.2 Third parties and external suppliers
We use the following types of external suppliers:

  • Service providers
  • Maintenance companies
  • Carriers
  • Electrical installers 

 

We may disclose your contact details and other relevant data we have recorded about you to a supplier if you order external services.

If you have consented to electronic marketing, we also use the following types of external service providers:

  • Ad networks, such as Google and Facebook
  • Agencies, such as marketing agencies, statistics agencies and analytics agencies

 

Your contact details and other relevant data we have recorded about you may be disclosed to these service providers. We use this type of service provider to provide you with relevant ads, offers, content and recommendations and to perform analytics in order to improve and further develop our services. We also measure how well we succeed in this using, among other things, questionnaires.

 

4.3 Installation owners

The charging history for charging stations operated by Zaptec can be viewed by users assigned to an owner role for the charging stations. These owners can view and export (download) usage data for their charging stations. Usage data may include personal data, such as e-mail address, name, user ID and the charging cards used. Owners may use usage data for e.g. billing, monitoring and statistical purposes. Zaptec requires owners to process exported data prudently and to delete the data when it is no longer required. Zaptec is not liable for owners’ use of such data. Please contact the installation owner if you require further details about how they use and process exported usage data.

4.4 Public authorities, etc. 
In special cases, personal data may be disclosed to a relevant public authority or other agencies where required by law. 

5. Storage and deletion of personal data
Zaptec uses Microsoft Azure’s European data centres for all of our services and for storage. All communications to and from Azure are encrypted.

Personal data is stored in Azure SQL until the account is deleted. Your charging history is permanently linked to your user account. If you change your personal data or ask for your profile to be deleted, the changed data may remain accessible through security back-ups of the database for the period for which we retain such back-ups, up to five weeks.

Charging point records are permanently stored in Azure Table Storage.

Your e-mail address, IP address and other non-personal data are stored in log files on the web servers. We use these logs to track errors, potential security threats and misuse. Logs may be stored for up to five weeks before they are permanently deleted.

Your personal data linked to purchases will generally be deleted when it is no longer necessary to store such data in order to respond to your inquiries, if the product warranty period has lapsed or unless we require the data for a longer period of time in order to fulfil other legitimate purposes such as contractual obligations or statutory obligations, for example in accordance with accounting legislation.

We will delete personal data that we process on the basis of your consent if you withdraw your consent.

In certain cases, it may be necessary to anonymise the personal data instead of deleting it. Anonymisation refers to removing all identifying or potentially identifying characteristics from the datasets that are kept.

6. Your rights
You have the right to know which personal data Zaptec holds about you and you have the right to access the data. You have the right to update incomplete, incorrect, unnecessary or outdated personal data. You have the right to request that your personal data be deleted and to request a copy of the data in a machine-readable format. You have the right to object to or restrict data processing under certain circumstances, such as if you believe that the data contains errors or that the processing is unlawful.

Please do not hesitate to contact us if you have any questions or wish to exercise your rights as a Data Subject.

7. Complaints
You have the right to complain to the Norwegian Data Protection Authority if you believe that we have violated data protection legislation, but we encourage you to contact us before submitting such a complaint.
You can find information about how to contact the Norwegian Data Protection Authority on the authority’s website: www.datatilsynet.no.

8. Changes to this Privacy Policy
We periodically need to update this Privacy Policy in order to provide correct information about how we process your personal data. We will inform you separately in the event of significant changes. You consent to the new Privacy Policy by continuing to use Zaptec’s products and services.

Updated information is available on our website. 

Zaptec AS
Professor Olav Hanssens vei 7A

4021 Stavanger
Norway
E-mail: gdpr@old.zaptec.com