BM Energy & Charging Privacy Policy
Last modified: November 12, 2023
This privacy policy (“Privacy Policy” or “Policy”) governs the data processing practices of Bm Energy & Charging Ltd. (“Company”, “we”, “us”, or “our”) when you ("user" or "you") install and use our mobile application (“App”) and the services provided through the App (collectively the App and the services will be defined herein after as the “Services”).
This Privacy Policy constitutes an integral part of our End user license agreement (“Terms”), and it governs the data collection, process and transfer in respect with our Services, all in accordance with the relevant data protection and privacy laws and regulations. Definitions used herein but not defined herein shall have the meaning ascribed to them in our Terms.
This Privacy Policy does not cover your interaction with third-party content available in through the Services, this Privacy Policy may be different from third parties' privacy practices and we shall not be liable or responsible for the acts of those third parties.
POLICY AMENDMENTS:
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you to review this Policy periodically to ensure that you understand our most updated privacy practices.
CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:
BM Energy & Charging Ltd., is incorporated under the laws of the State of Israel, is the Data Controller of (as such term is defined under the GDPR or equivalent privacy legislation).
For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows:
- Email: info@energia.co.il
- Tel:
- Address: Hartom 10, Jerusalem
WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?
Non-Personal Data
During your interaction with our Services we may collect aggregated, non-personal non-identifiable information which may be made directly or indirectly through your use of the Services (“Non-Personal Data“). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data which is being collected may include your aggregated usage information and technical information transmitted by your device, such as: browser version, operating system type and version, mobile network information, internet service provider, mobile carrier, device settings, etc.
Personal Data
We may also collect from you, during your access or interaction with the Services, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data” or “Personal Information”).
For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.
We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).
You are not obliged to provide us with any of your Personal Data. However, if you refrain from doing so, we may not be able to provide all of our Services to its full extent.
The following table describes the Personal Data we may process if you install our App and use our Services:
DATA SETS | PURPOSE AND OPERATIONS | LAWFUL BASIS UNDER THE GDPR |
User Account If you are or wish to become a user of the Services, you will be required to provide us with certain information such as: · Identification and contact data: Full name, Email address, password, etc. · Your address and parking space · Payment (Credit Card) information | We will use this data to designate your App account and allow you to use the App supporting its operation, including exercising payments in consideration of your electricity consumption. Also, your email address will be used to send you needed information related to our App (e.g., statements, notify you regarding any updates to our App, etc.) and promotional and marketing emails. | If your use of our App is subject to the GDPR, our lawful basis for collecting this information is the performance of a contract (i.e., providing you the Services as per your request). We will further retain your transactional and usage data as a user of our services under our legitimate interest. Also, some data (such as invoices and payment records) shall be kept under our legal obligations. |
Charging Data Data which will be fed to the system from your charger: · When you plug in and plug out your vehicle into the charger · Amount and rate of energy provided to your vehicle by the charger | We collect and analyze this data to calculate the cost of charging so we can bill you for the Service. We also may use this data for upgrading and developing our Services. | If your use of our App is subject to the GDPR, the lawful basis for collecting this information is the performance of a contract (i.e., providing you the Services as you requested). We will further retain your transactional and usage data as a user of our services under our legitimate interest. Also, some data (such as invoices and payment records) shall be kept under our legal obligations. |
Contact Us If you voluntarily contact us in any manner, whether for support, to submit a request, or for other inquiries, whether by sending us an email or through other means of communications, you may be asked to provide us with your contact information such as your full name, email address, and country | We will use this data and our contact history solely to respond to your inquiries and provide you with the support or information you have requested. We will retain our correspondence with you for as long as needed subject to applicable law. | The lawful basis for processing your inquiries information as an active user will be the contract between you and us, meaning we will use the data for addressing your requests and inquiries. After completing any such request, we will retain your information as part of our business records under our legitimate interest. |
When you interact with our App, we may collect certain online identifiers, including your Advertising ID, and IDFA. We may also collect technical Non-Personal Data transmitted from your device.
| We use this data for our legitimate interests of (i) operating, providing, maintaining, protecting, managing, customizing, and improving the Website and how we offer it; (ii) enhancing your experience; (iii) auditing and tracking usage statistics and traffic flow; (iv) protecting the security of the App, as well as our and third parties rights (subject to applicable law requirements); and (v) advertising purposes | Such processing is part of our legitimate interests as a commercial business.
|
HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with the Services, we may collect information as follows:
- Automatically – we may collect directly or indirectly (i.e., by getting access permissions to certain process and information stored in your mobile device) gather information automatically, such as Non-Personal Information as well as Online Identifiers.
- Provided by you voluntarily – we will collect Personal Data if you choose to register or if you contact us for support, make a purchase or any information you uploaded to the App by you.
SHARING DATA – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:
We share your Personal Data with third parties, including with business partners or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.
CATEGORY OF RECIPIENT | DATA THAT WILL BE SHARED | PURPOSE OF SHARING |
Service providers
| All types of Personal Data | We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services. |
Compelled disclosure | Subject to your request | We may share Personal Data, in the event you request us to do so. In such event, the provisions of your Personal Data will be subject to such third parties' policies and practices only. |
Enforcement Of Our Rights and Security Detections. | All types of Personal Data | We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required. |
Any Acquirer of Our Business | All types of Personal Data | We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy. |
Where we share information with services provider and agents, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).
YOUR RIGHTS:
Under EU law, EU residents and individuals have certain rights to apply to us to provide information or make amendments to how we process data relating to them. Those rights might include:
- right to access your Personal Data – you can ask us to confirm whether or not we have and use your Personal Data, and if so, you can ask for a copy of your data;
- right to correct your Personal Data – you can ask us to correct any of your Personal Data that is incorrect, after verifying the accuracy of the data first;
- right to erase your Personal Data – you can ask us to erase your Personal Data if you think we no longer need to use it for the purpose we collected it from you. You can also ask for such erasure in any case in which the process of your data was based on your consent, where we have used it unlawfully, or where we are subject to a legal obligation to erase your Personal Data. any request for such erasure will be subject to our obligations under the law (e.g., our obligation to keep some records for tax or customs purposes);
- right to restrict our use in your Personal Data – you can ask us to restrict our use of your Personal Data in certain circumstances;
- right to object to how we use your Personal Data – you can object to any use of your Personal Data which we have justified by our legitimate interest if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information;
You can always require us to refrain from using your data for direct marketing purposes; you can ask us to transfer your information to another organization or provide you with a copy of your Personal Data (Portability Right);
We may not always be able to do what you have asked. Also, not all those rights apply in every jurisdiction. Yet, we encourage you to contact us with any such request, and we will be happy to assist you.
You have the right to complain at any time before the relevant supervisory authority for data protection issues. However, we will appreciate the chance to deal with your concerns before you approach the authorities, so please feel free to contact us in the first instance.
DATA RETENTION:
In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you will express your preference to opt-out, where applicable.
The retention periods are determined according to the following criteria:
- For as long as it remains necessary in order to achieve the purpose for which the Personal Data was initially processed. For example: if you contacted us, we will retain your contact information at least until we will address your inquiry.
- To comply with our regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance with our bookkeeping obligations purposes.
- To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.
SECURITY MEASURES:
We work hard to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures for the Services that comply with applicable laws and industry. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.
INTERNATIONAL DATA TRANSFER:
The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area ("EEA") is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments and or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.
ELIGIBILITY AND CHILDREN PRIVACY:
The Services are not intended for use by children (the phrase "child" shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a "child" immediately upon our discovery that such a user shared information with us. Please contact us at: info@energia.co.il if you have reason to believe that a child has shared any information with us.
THIRD PARTY LINKS
Our Services may contain links to other online applications and properties of third parties that are not governed by this Privacy Policy. In the event that you click on these links to third party landing pages or applications, their privacy policy and practices will govern, which may differ from ours, and are not under our control or our responsibility. We advise you to review the applicable privacy policy of these third parties to better understand their privacy practices.
