The confidentiality and integrity of your data is a top priority for us.
This section describes our condition for the use of Flexibility Software.
Flexibility – Data protection – December 2020
LEGAL INFORMATION ON DATA PROTECTION.
We aim to create and maintain the basis for a trusting business relationship with our customers.
WHICH ENTITY IS RESPONSIBLE FOR DATA PROCESSING?
Flexibility AS, Oslo (after this «Flexibility»), is the provider of the website www.flexibility.no and is also responsible for data processing with the use of the APP solution
WHICH DATA PROVIDED BY YOU DO WE PROCESS AND WHAT DO WE USE IT FOR?
Unless stated otherwise in detail in the relevant sections of the website, personal data generated from the use of our website and APP is processed as follows:
B. Optimizing charging and making predictions as a part of our charging service
We process personal data – for example, when it is needed store or handle battery and car data from your car that makes it possible to personalise the optimisation to your needs, including the following activities:
- storing and processing your charging preferences
- storing and processing related car and battery data to verify proper function of charging systems and to be able to forecast your future charging needs
- making prediction models that predict your charging needs
- backup and recovery of data processed in IT systems,
- logging and monitoring of your charging to verify proper functioning of charging systems and to be able to forecast your future charging needs,
- detection and prevention of unauthorised access to personal data,
HOW DO WE STORE YOUR DATA?
We utilise state-of-the-art technology to store your data. The following safeguards are used, for example, to protect your data from misuse or any form of unauthorised processing:
- We restrict access to personal data to a minimal number of authorised persons for the stated purposes.
- The data collected is only transmitted in encrypted form.
- Sensitive data is also only stored in an encrypted form.
- The IT systems used for optimising the data are technically isolated from other systems, to prevent unauthorised access and hacking.
- We monitor IT systems regularly to detect and prevent misuse in the early stages.
WHOM DO WE SHARE DATA WITH?
Flexibility is a Norwegian company.
We process your data in countries inside of the European Union and in UK.
By using our service you accept that we can share your data with the partners that provide you with the APP or charging solution, so we in a best possible way can offer you a good charging experience.
We will try to limit the sharing of data and just in a limited way will we share data with your/our partners:
- Your charger provider (can see when your charger starts & stops, and what energy you charge.
- Your car manufacture (can see your charging plans)
- Your energy company (can get information about your energy usage)
CONTACT DETAILS, RIGHTS OF THE DATA SUBJECT AND YOUR RIGHT TO COMPLAIN TO A SUPERVISORY AUTHORITY.
RIGHTS OF THE DATA SUBJECT.
As the party affected by the processing of your data, you may claim certain rights under the GDPR and other relevant data protection regulations. Under the GDPR, you are entitled to claim the following specific rights vis-à-vis Flexibility as the data subject:
RIGHT OF ACCESS BY THE DATA SUBJECT (ART. 15 GDPR):
You have the right to request information on the data we hold about you from us at any time. This information includes, but is not limited to, the categories of data we process, the purposes for which data is processed, the source of the data if not collected directly from you, and, if applicable, the recipients with whom we have shared your data. You can obtain a copy of your data from us free of charge. If you require additional copies, we reserve the right to charge you for these copies.
RIGHT TO RECTIFICATION (ART. 16 GDPR):
You have the right to request that we rectify inaccurate data relating to you. We will take appropriate steps to keep the data we store and process on an ongoing basis accurate, complete and current, based on the most up-to-date information available.
RIGHT TO ERASURE (ART. 17 GDPR):
You have the right to request that we erase your data, as long as the legal requirements for this are satisfied. This may be the case under Art. 17 GDPR if
- the data is no longer required for the purposes for which it was collected or otherwise processed;
- you withdraw the consent on which data processing is based, and there is no other legal basis for processing;
- you lodge an objection to the processing of your data, and there are no legitimate reasons for the processing, or you object to data processing for direct marketing purposes;
- the data was processed unlawfully,
and provided that processing is not required
- to ensure compliance with a legal obligation that requires us to process your data
- especially concerning statutory retention periods;
- to establish, exercise or defend legal claims.
RIGHT TO RESTRICTION OF PROCESSING (ART. 18 GDPR):
You have the right to request that we restrict processing of your data if
- you dispute the accuracy of the data – in which case processing may be restricted during the time it takes to verify the accuracy of the data;
- processing is unlawful, and you reject erasure of your data, requesting that its usage be restricted instead;
- we no longer need your data, but you need it to establish, exercise or defend your rights;
- you have lodged an objection to its processing, as long as it is not certain that our legitimate reasons outweigh yours.
RIGHT TO DATA PORTABILITY (ART. 20 GDPR):
You have the right to request that we transfer your data – if technically possible – to another responsible party. However, you may only enforce this right if data processing is based on your consent or is necessary for the performance of a contract. Rather than receiving a copy of your data, you may also ask us to submit the data directly to another responsible party specified by you.
RIGHT TO OBJECT (ART. 21 GDPR):
You have the right to object to the processing of your data at any time for reasons that arise from your particular situation, as long as data processing is based on your consent, on our legitimate interests or those of a third party. In this case, we will cease to process your data. This does not apply if we can show that there are compelling legitimate grounds for processing that outweigh your interests, or if we need your data for the establishment, exercise or defence of legal claims.
TIME LIMITS FOR COMPLIANCE WITH THE RIGHTS OF THE DATA SUBJECT.
We make every effort to comply with all requests within 30 days. However, this period may be extended for reasons relating to the specific right or complexity of your request.
RESTRICTION OF INFORMATION FOR COMPLIANCE WITH THE RIGHTS OF THE DATA SUBJECT.
In certain situations, we may be unable to provide you with information about all your data due to legal requirements. If we are unable to fulfil your request for information in such a case, we will notify you of the reasons.
COMPLAINT TO SUPERVISORY AUTHORITIES.
Flexibility takes your concerns and rights very seriously. However, if you believe that we have not responded appropriately to your complaints or concerns, you have the right to complain to your local data protection authority.