Privacy and Cookies Policy
Last Updated: 1/5/2018
You can specify whether you would like to receive direct marketing communication from us and can withdraw your consent and unsubscribe by clicking the ‘unsubscribe’ link in the footer of the emails we send.
Please do not supply any other person’s data to us unless we prompt you to do so.
2. How we use your data
We process several types of personal data, in order to administer our business and services and/or fulfil our contract with you. The different categories of data we process, the reasons why we process, and our legal basis are detailed below:
|Type of data||Purpose||Type of data/source||Lawful basis for processing|
|Website and services usage data||To enable us to improve our website, app and services to better fit your needs.||IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, the timing, frequency and pattern of your service use gathered from our analytics tracking systems.||
|Account and services data||To enable us to operate a secure website and app and provide our services to you.
Also to maintain backups of databases and to communicate with you.
|Name, address, email, telephone number, username, password, signature, vehicle registration number, VIN number (ID number of your vehicle found on the chassis), MPAN number (serial number for every Pod Point meter), IP address, MAC address (the device ID which you use to access our website, app or services) and account number.
We get this information from you or your employer may provide data too if they have an account with us, namely your business address, email, telephone, driving licence details, job title and employers name.
If you use the app the data may include your mobile device ID, account name and password.
|Publication data||To enable us to publish information that you post on our website or app.||Information that you post on our website, app or through our services.||
|Enquiry data||To offer, market and sell relevant services to you.||Any data you provide in your enquiry.||
|Transaction data||To allow us to process your purchases, and keep proper records.||Your contact details, your card details and the transaction details.||
|Notification data||To send the emails or newsletters that you’ve subscribed to.||Your contact details.||
|Correspondence data||To communicate with you and to keep proper records.||The communication content and metadata associated (if communication is via our website contact form).||
We may also process and disclose any of your data identified in this policy to protect the legal rights of you, us and any other individual. This is because we have legitimate business interests to:
- Establish, exercise or defend legal claims, in court or an out-of-court procedure.
- Obtain or maintain insurance cover, manage risk or obtaining professional advice, in order to properly protect our business against risk.
- Comply with any legal obligation to which we are subject, or in order to protect the vital interests of you or any other person.
3. Providing your personal data to others
We may provide your personal data to any member of our group of companies (this means our subsidiaries and our holding company).
We may disclose personal data, on a “need to know” basis to:
- Our insurers and professional advisors.
- Our installation engineers and operations team, who may be subcontractors, to enable them to install the equipment you need to use our services.
- Our payment services provider Stripe Payments Europe Ltd to enable them to process your payments. Data is limited to transaction data and is used to process or refund payment and to deal with complaints and queries. You can find more information here: https://stripe.com/gb/privacy
- Our IT service providers from whom we license technology. This enables us to carry out essential business operations.
- Any organisations who may offer funding or grants to you in respect of the services we provide.
4. International transfers of your personal data
We have offices and facilities in the United Kingdom and Norway, both subject to the European Union’s (EU) high standards of data protection and the hosting facilities for our website and app are situated with the EU.
Some of our IT service providers are situated in the United States of America (US). Transfers to the US will be protected by appropriate safeguards, either:
- Standard data protection clauses adopted by the European Commission; or
- Self certification of compliance with the Privacy Shield programme designed by the EU and US government to demonstrate a company’s compliance with EU data protection standards.
You acknowledge that personal data you provide us for publication through our website, app or services may be available via the internet around the world. We cannot prevent the use (or misuse) of this personal data by others.
5. Retaining and deleting personal data
Personal data will not be kept by us for longer than is necessary to meet the purpose stated. We will however need to retain your personal data where such retention is necessary for compliance with a legal obligation, or in order to protect the vital interests of you or any other person.
6. Security of personal data
We will take appropriate precautions to keep your personal data safe and prevent the loss, misuse or alteration of that data. For example:
- We will store all your personal data on secure servers, personal computers and mobile devices in secure record-keeping systems. All emails we send are encrypted.
- We do not store any of your credit card information. All financial transaction data including cardholder details are stored by our payment processor.
You acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure and we cannot guarantee the security of data sent over the internet.
If you have a password to log into your account on our website or app, you should ensure that it is not easy to guess (by a person or computer programme). You are responsible for keeping the password confidential and we will not ask you for it (except when you log on to the website or app).
8. Your rights
This is a summary of your rights under data protection law. Some of these rights are very complex so we have just summarised them. You may obtain guidance from the ICO for a more detailed explanation.
|Your Rights||What are they?||What will we do?|
|Access||To know whether or not we process your personal data and have access to that data.||Providing the rights of others are not affected, we will supply you a copy of your personal data free of charge. Additional copies may be subject to a reasonable fee.|
|Rectification||You have the right to have any inaccurate personal data about you rectified and have any incomplete personal data about you completed.||When you communicate with us, we will check the data we have stored and rectify any errors when proof is provided.|
|Erasure||You have the right to erasure of your personal data when:
||We will erase the data as requested on validation of the claims, however data cannot be erased if processing is necessary for exercising the freedom of expression; for compliance; for legal obligation or to establish, exercise or defence against legal claims.|
|Restrict Processing||You have the right to restrict processing of your personal data in the same circumstances as described under ‘right to erasure’ where you oppose erasure or have objected to processing and the decision is pending.||Where processing is restricted, we will continue to store your personal data, but will only process it for legal claims, for the protection of another person’s rights or for reasons of public interest.|
|Object to Processing||
|Data Portability||You have the right to receive your data if we have processed it under your consent or as part of performing the contract with you (if carried out by automated means).||We will provide your data to you in a commonly used and machine-readable format. This right does not apply if it adversely affects the right of others.|
|Complain||You have the legal right to lodge a complaint to a supervisory authority responsible for your data protection.||We will be bound by the decision of the supervisory authority.|
|Withdraw Consent||You can withdraw consent at any time from processing of publication and notification data.||Email us at email@example.com to exercise any of your rights in relation to personal data.
Please note that we will attempt to reply within 14 days but during busy periods, it may take up to 30 days.
9. Personal data of children
Our website, app and services are targeted at people over the age of 17. If we have reason to believe we are holding data of anyone under that age in our databases, we will delete that personal data.
10. Updating information
Please let us know if the personal information that we hold about you needs to be corrected or updated.
A cookie is a file containing an identifier (a string of letter and numbers) sent by a web server to a web browser and stored by the browser. This identifier is then sent back to the server each time the browser requests a page.
Cookies can either be ‘persistent’ when a cookie is stored by the browser until its set expiry date (or when deleted by the user) or ‘session’ when the cookie expires at the end of the session when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
12. Cookies that we use
|Reason||Purpose||Type of cookie|
|Authentication||To identify you when you visit the website and as you navigate round.||Session ID|
|Status||To determine if you are logged into our website.||Session (expiry date and time)|
|Personalisation||To store information about your preferences and to personalise our website for you.||Locale|
|Security||As part of the security measures to protect user accounts and our website, including preventing fraudulent use of login credentials.||Session (expiry date and time) Session ID and XSRF tokens|
|Advertising||As a way to display advertisements that will be relevant to you.||See privacy links below|
|Analysis||To help analyse the use and performance of our website and services.||See privacy links below|
13. Cookies used by our service providers
We use analytics cookies to analyse the use of our website. The information gathered relating to our website is used to create reports about the use of our website. The privacy policies of our analytics providers are available through the following URLs:
14. Managing cookies
Most browsers allow you to refuse to accept cookies and to delete cookies but blocking all cookies will have a negative impact upon the usability of many websites (including ours).
The methods to do so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via the following links:
15. Our details
This website is owned and operated by Pod Point Limited. We are registered in England and Wales under registration number 06851754, and our registered office and principal place of business is at 28-42 Banner Street, London, EC1Y 8QE.
You can contact us;
- by post, to the postal address given above;
- by telephone, on the contact number published on our website from time to time; or
- by email, using firstname.lastname@example.org
16. Data protection registration
We are registered as a data controller with the UK Information Commissioner’s Office as our lead supervisory authority. Our data protection number is Z2282125.