Privacy Policy

 

Effective Date: March 27, 2026

1. Introduction & Scope

This Privacy Policy explains how GROENINGEN ApS (“GROENINGEN,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data when you access or use our websites, cloud-based platforms, mobile applications, APIs, and related products and services (collectively, the “Services”).

The Services include, but are not limited to, smart charging management, charging infrastructure operations, analytics, roaming and interoperability services, customer support, newsletters and marketing communications, and artificial intelligence–powered features.

GROENINGEN ApS acts as the Data Controller for the processing activities described in this Privacy Policy.

Where required by applicable law, regional or jurisdiction-specific privacy notices may apply. In the event of a conflict, such notices shall prevail over this Privacy Policy.

2. Notice at Collection (Global Transparency Summary)

In accordance with the EU General Data Protection Regulation (GDPR), EU transparency requirements, and applicable U.S. state privacy laws (including the California Consumer Privacy Act and California Privacy Rights Act), GROENINGEN provides the following summary of how personal data is collected and used at or before the point of collection.

GROENINGEN collects identifiers, such as name, email address, and phone number, primarily to create and manage user accounts, authenticate users, provide customer support, process billing, deliver newsletters, and send essential service communications. These identifiers may be shared with trusted third parties such as cloud infrastructure providers, email delivery platforms, and payment-related service providers, strictly to operate the Services.

GROENINGEN processes precise geolocation data where users enable location-based features. This data is used for charger discovery, navigation, charging session verification, and fraud prevention. Location data may be shared with mapping service providers and roaming or interoperability partners where necessary to deliver charging services.

GROENINGEN collects charging, usage, and technical data, including charging session details, energy consumption, charger identifiers, operational telemetry, and device information. This data is used to operate, secure, analyze, and optimize the Services. Such data is primarily processed internally and may be shared in a limited and controlled manner with roaming partners or technology providers, often in aggregated or non-identifying form.

Financial and billing information is processed to enable payment for charging sessions, invoicing, accounting, and fraud prevention. Payments are handled by certified third-party payment providers, and GROENINGEN does not store full payment card or bank account details.

GROENINGEN may also process marketing and communication-related data, such as contact details and communication preferences, to send newsletters, product updates, service announcements, and event invitations. Users may opt out of marketing communications at any time.

GROENINGEN does not sell personal data and does not share personal data for cross-context behavioral advertising or similar commercial purposes.

3. Categories of Personal Data Processed

3.1 Account & Platform Data

GROENINGEN processes personal data necessary to create, manage, and secure user accounts, including:

  • Name, email address, and phone number

  • Login credentials and authentication tokens

  • User roles, permissions, preferences, and settings

Purpose:
Account administration, service delivery, security, and customer support.

Legal Basis:
Performance of a contract (GDPR Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)).

3.2 Charging, Usage & Technical Data

GROENINGEN processes data generated through the use of the Services, including:

  • Charging session start and end times, duration, and energy consumed

  • Charger identifiers and operational logs

  • Device and technical information such as IP address, operating system, and application version

Purpose:
Service operation, diagnostics, fraud prevention, analytics, and performance optimization.

Legal Basis:
Performance of a contract and legitimate interests (GDPR Art. 6(1)(b) and (f)).

3.3 Precise Location Data

Where enabled, GROENINGEN may process precise geographic location data.

  • Location access is requested through explicit, just-in-time consent within the mobile application

  • Users may revoke location access at any time through device or application settings

Purpose:
Locating nearby charging stations, verifying physical presence at a charging location, fraud prevention, and technical compatibility.

Legal Basis:
Consent (GDPR Art. 6(1)(a)) and performance of a contract.

3.4 Payment & Billing Data

Payments are processed by certified third-party payment providers. GROENINGEN does not store full credit card or bank account details.

GROENINGEN retains only transaction identifiers, payment status information, invoices, and legally required billing records.

Purpose:
Billing, accounting, legal compliance, and fraud prevention.

Legal Basis:
Performance of a contract and compliance with legal obligations (GDPR Art. 6(1)(b) and (c)).

3.5 Newsletters, Marketing & Communications

GROENINGEN may process personal data for newsletters, marketing communications, and promotional activities, including contact details, communication preferences, and engagement data.

Purpose:
Sending newsletters, product updates, service announcements, educational materials, and event invitations.

Legal Basis:
Consent where required (GDPR Art. 6(1)(a)) and legitimate interests for existing customer relationships where permitted by law (GDPR Art. 6(1)(f)).

Users may opt out of marketing communications at any time using the unsubscribe mechanism provided or by contacting GROENINGEN. Service-related and transactional communications will continue where necessary to deliver the Services.

4. Integrations, APIs & Roaming (OCPI)

GROENINGEN supports interoperability with third-party systems and charging networks through standardized protocols such as the Open Charge Point Interface (OCPI).

Shared data may include charger availability, location data, pricing and tariff information, and encrypted transaction identifiers.

This data sharing is strictly limited to what is necessary to enable seamless charging across GROENINGEN-operated and third-party networks and is subject to contractual, technical, and organizational safeguards.

5. Artificial Intelligence & Automated Processing

5.1 AI-Powered Features

GROENINGEN uses artificial intelligence technologies (“GROENINGEN Intelligence”) to support features such as charging optimization, analytics, operational insights, and customer support.

AI processing may involve trusted third-party technology providers acting solely as data processors.

Safeguards include data minimization, use of aggregated or pseudonymized data where possible, exclusion of sensitive financial data, prohibition on training public models using personal data, and robust technical and organizational security measures.

5.2 Automated Decision-Making

Certain features may involve automated processing, such as recommendations related to charging times or energy efficiency.

These processes do not produce legal or similarly significant effects. Users may override or disable recommendations at any time, and human oversight is available where required by law.

6. International Data Transfers

Personal data is primarily processed within the EU/EEA. Where international transfers occur, GROENINGEN applies appropriate safeguards, including Standard Contractual Clauses, adequacy decisions, encryption, and additional technical protections.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data, withdraw consent, opt out of marketing communications, and receive equal service regardless of exercising your rights.

GROENINGEN does not engage in cross-context behavioral advertising.

8. Sale or Sharing of Personal Data

GROENINGEN does not sell, rent, or trade personal data and does not share personal data for advertising or profiling purposes.

9. Data Retention

Personal data is retained only as long as necessary:

  • Account data: for the duration of the customer relationship

  • Billing and financial records: 5–10 years as required by law

  • Operational and security logs: limited retention periods

  • Support and AI interaction logs: anonymized or deleted within 30 days after case closure

10. Contact Information & Complaints

For questions or to exercise your privacy rights, contact:

Email:info@groeningen-energy.com

You also have the right to lodge a complaint with your local supervisory authority.
For Denmark, this is the Danish Data Protection Authority (Datatilsynet).