Your privacy is important to us. In order to protect your privacy, weprovide you with the following information about how we process your personaldata when using the TURBOVOLT Charging Services.
We process your personal data solely on the basis of legal requirements, in particular the General Data Protection Regulation ("GDPR"), relevant national data protection laws (“DSG”).
For better understanding, we would like to explain the most important GDPR terms according to their legal definition:
2.2.1 When continuing with payment, you will be forwarded to a payment page, where you will be asked to enter your bank card details. The data of the provided bank card will then be processed in order to ensure that the reis sufficient funds for the charging session (pre-authorization). Within the scope of the authorization, the card data provided by you will be transmitted to the payment service provider of your card in order to carry out the (pre-) authorization of the payment. This information is required to fulfil the contract, thus the legal basis is Art. 6 para. 1 lit b GDPR. If you do not provide the aforementioned data, you will not be able to use our charging services.
2.1.1 After the completion of the charging session, to access and download your invoice you must either scan the appropriate QR code, provided on the charger and the payment terminal, and i) input the date of the charging session and ii) last four digits of the bank card used for the payment of the charging session or visit the webpage https://www.enio.at/etsweb3/?lang=en&provider=turbovolt and i) input the date of the charging session and ii) last four digits of the bank card used for the payment of the charging session to get access to the charging session invoice. When you open this website, personal data such as your IP address and date and time of access is transmitted to us. The data provided, in particular the last four digits of the bank card, are required in order to be able to correctly allocate the respective charging session and to search for and prepare the corresponding invoice. The legal basis is Art. 6 para. 1 lit bGDPR. If you do not provide the aforementioned data, we will not be able to provide this billing service.
2.3 Enquiry via contact form, email or telephone
2.4.1 If you send an enquiry to us via the contact form on the website, by email, or if you contact us by telephone, we will process the following personal data to respond to the enquiry in order to fulfil pre-contractual measures, to fulfil the contract(Art. 6 para. 1 lit. b GDPR) or on the basis of our legitimate interests in being able to process your enquiry (Art. 6 para. 1 lit. f GDPR): Name; email address; content of the enquiry; other information you provide to us voluntary.
2.4.2 The provision of the above information is voluntary. However, if you do not provide certaininformation (such as your email address), we may not be able to process your enquiry.
2.5 Marketing communication
2.5.1 We send our customers communications (by e-mail) to advertise our services or products("promotional messages"). For this purpose, we process your name, contact details and other information that you provide to us in connection with the receipt of promotional messages. The customer can object to the sending of promotional messages at any time by sending an email to [email protected] will also give you the opportunity to opt out of receiving further promotional messages with each promotional message. The legal basis for sending promotional messages is Section 174 (4) TKG 2021. For users in Croatia, the sending of promotional messages is being done in line with Section 50 (5) of theCroatian Electronic Communications Act and the users can also object to the use of their email for promotional messages at the moment their email address is being collected.
2.5.2 If you voluntarily provide us with your contact details and other data for the purpose of provision ofinformation materials or sending newsletters, we process your data on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent atany time without giving reasons by sending an email to [email protected].
2.6 Legal prosecution
2.6.1 If an administrative or judicial dispute arises, the personal data necessary for the appropriate legal prosecution will be processed and, if necessary, transmitted to legal representatives, courts and administrative authorities. In this context, your contact details (name, address) and other data in connection with the legal dispute in question (your behaviour in relation to the use of our services)will be processed. The aforementioned personal data is processed on the basis of our legitimate legal interests in legal prosecution in accordance with Art.6 para. 1 lit. f GDPR and Art. 9 para. 2 lit. f GDPR.
3.1 We transmit your personal data to third parties as far as this is necessary to provide the requested TURBOVOLT services. Such third parties are in particular First Data GmbH, with registered address in Marienbader Platz 1, 61348Bad Homburg v. d. Höhe, Germany, with company registry number: 14567 (the payment service provider), ENIO GmbH, with registered seat in Geyschlägergasse14, 1150 Vienna Austria, company registry number: 407383 v (the back office provider), and Significo d.o.o., with registered seat in Zagreb (Grad Zagreb), Radnička cesta 80,Croatia, personal identification number: 52435554303 (the customer service provider).
3.2 We transfer your personal data to such processors in accordance with Art. 28 GDPR. We use processors to perform services on our behalf. The processors may only process the personal data provided to them in accordance with our instructions and to the extent necessary to perform the services for us. We contractually require these processors to ensure the confidentiality and security of the personal data they process on our behalf.
3.3 If an administrative or judicial dispute arises, the personal data necessary for the appropriate legal prosecution will be processed and, if necessary, transmitted to legal representatives, courts and administrative authorities. In this context, your contact details (name and email address) and other data in connection with the legal dispute in question (your behavior in relation to the use of our services) will be processed. The aforementioned personal data is processed on the basis of our legitimate legal interests in legal prosecution.
4.1 We store your personal data for as long as is necessary to provide our services or for aslong as is necessary to pursue or defend against legal claims or to fulfil statutory retention obligations (please see details in this section below).
4.2 In relation to your registration, your personal data will only be stored for as long as isnecessary to fulfil the relevant purpose, in particular as long as for example to:
4.3 We will storey our data if and insofar as this is necessary to fulfil statutory retention obligations (Pursuant to Section 132 para. 1 Federal Fiscal Code (“BAO”);Sections 190, 212 Austrian Commercial Code (“UGB”): 7 years) or to pursue or defend against legal claims (generally for a period of 3 years), whereby longer processing of the data may be necessary in the event of imminent or specific proceedings.
4.4 If data processing is based on your consent, we will process your data until your consent is revoked. You can withdraw your consentat any time by sending an email to [email protected]. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
5.1 Your personal information is protected by appropriate organisational and technical measures. These measures relate in particular to protection against un authorised, unlawful or accidental access, processing, loss, use and manipulation. We protect your personal data with the utmost care and in accordance with applicable data protection laws, including the GDPR.
6.1 You have the following rights in relation to your personal data:
6.2 In addition, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR) if you consider that the processing of your personal data by us is in breach of the GDPR. In Austria, the competent supervisory authority is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna (https://www.dsb.gv.at/).
In Croatia, thecompetent supervisory authority is the Croatian Data Protection Authority (Agencijaza zaštitu osobnih podataka), Selska cesta 136 10000 Zagreb, Croatia, email: [email protected], website: https://azop.hr/.
6.3 If you have any questions in connection with the processing of your personal data or wish to assert any rights under the GDPR, such as your right to erasure or your right of access, please contact TURBOVOLT as described above in point 1.3.