1.1. Why do we process your personal data?
When you use Spirii’s website, if you are a Spirii customer, if you apply for a job at Spirii, if you are affiliated with one of our suppliers and partners or otherwise have contact with Spirii, we collect and process information about you. We record and process personal data in connection with the fulfilment of our agreement with you, for our communication and cooperation and for the general operation of Spirii’s business activities. Spirii is the data controller for the processing of your personal data.
1.2. When you use the website
Our collection and processing of personal data from cookies depends on which cookies you allow and is either based on your consent as set out in Article 6(1)(a) of the EU General Data Protection Regulation (“GDPR”) or our legitimate interest in presenting a functional website to our visitors, as set out in Article 6(1)(f) of the GDPR.
The website also has contact and order forms that you can fill in if you would like us to contact you. The data we collect from our contact forms is registered in our Customer Relationship Management (CRM) system and is only used to register your inquiry and to enable our customer service or sales department to contact you and process your order with the necessary information.
1.3. As a customer
We collect and process your personal data to create and manage your user account with Spirii (as a user via app or website). The processing is carried out to perform our subscription agreement on the basis of Article 6(1)(b) of the GDPR. In addition, the processing is carried out to comply with our legal obligations in relation to tax and accounting rules under Article 6(1)(c) of the GDPR, as well as to pursue our legitimate interest in analysing data to adapt and further develop our products and services under Article 6(1)(f) of the GDPR.
User account management includes: setting up, maintaining and managing your subscription, contact identification and servicing, diagnosing and repair of faults on charging equipment, recording and invoicing consumption, arranging payments and assisting with handling refunds and subsidies, operating and maintaining charging points and safeguarding against misuse.
As our customer, we collect and process the following information about you: name, address (for invoicing and installation), business information (workplace or own business), contact information (email, phone number, etc.), type of payment method, which products you have purchased, your power consumption, information about charging key or card, car model (if provided), charging data (location, type of plug, charging power, consumption, time and duration).
We will store your personal data for as long as necessary to provide you with the service you subscribe to or for as long as required under applicable law. Your personal data will be erased or anonymised when it is no longer necessary.
1.4. As a job applicant
We collect and process information about individuals who apply for work at Spirii or whom we identify as part of the search for suitable candidates.
The information we collect includes name, contact details, application and CV, references, certificates, grades and test results and - if you give permission - statements from previous employers and criminal records.
We process the data in order to pursue our legitimate interest in processing job applications and conducting a recruitment process under Article 6(1)(f) of the GDPR, as well as to fulfil our legal obligations in relation to recruitment under Article 6(1)(c) of the GDPR. The data we process on the basis of your consent is processed on the basis of Article 6(1)(a) and Article 9(2)(a) of the GDPR.
If you are not hired, we will delete your application and related data six months after the end of the recruitment process. However, we may keep the information for a longer period for future use if you consent to this. If you are employed, the data will be kept in accordance with the rules applicable to your employment.
1.5. As a supplier, partner or contact person
We collect and process information about the persons we otherwise communicate and work with, including our suppliers and partners. The information is collected as part of our communication and collaboration and includes name, title, work address, email address, phone number, correspondence and other information about our relationship (e.g. when we have been in contact and what we have communicated about).
We process the data in order to pursue our legitimate interest in communicating, maintaining and developing our relationships with suppliers, business partners and other contacts under Article 6(1)(f) of the GDPR, as well as to comply with our legal obligations in relation to tax and accounting rules under Article 6(1)(c) of the GDPR.
We store and process information about our business partners, suppliers and other contacts for as long as is relevant and necessary to communicate with them. We will delete requests and correspondence, including personal data, when it is no longer relevant for the purposes for which we collected the information. We generally keep the data for at least five years after our last interaction. We will retain information relevant for tax or accounting purposes for as long as required by applicable law.
1.6. Recipients and third countries
Spirii may entrust the processing of personal data to Spirii’s suppliers and business partners, including customer service and IT suppliers. These businesses are data processors and may not process data for their own purposes and may only process personal data in accordance with our instructions. When a subscription is created or a product or service is ordered, data is disclosed to our business partners if this is necessary for the delivery. Spirii has signed data processing agreements with these business partners.
We may transfer personal data to recipients outside the EU and EEA. Wherever we transfer the data, we ensure that it is done with appropriate safeguards and that the GDPR is complied with. We ensure an adequate level of security in accordance with the GDPR, for example by applying the EU Standard Contractual Clauses as set out in Article 46(2)(c) of the GDPR. For more information, please write to firstname.lastname@example.org.
In special cases, we transfer data to authorities, such as tax authorities or the police. If we receive a request to disclose information from a public authority, we will assess the request and only disclose the information if we assess that we are under an obligation to do so. In such cases, you will be informed in accordance with applicable law.
1.7. Data controller
The data controller of the processing of your personal data is Spirii ApS, Bragesgade 8B, DK-2200 Copenhagen N.
1.8. Your rights
According to the GDPR, you have a number of rights as a customer, including the right of access, rectification, erasure and restriction of processing and the right to object against Spirii’s processing of your personal data and to lodge a complaint with the Danish Data Protection Agency. These rights are described in more detail on the website of the Danish Data Protection Agency and below.
In addition to the above, you have the following rights which you may exercise by writing to us at email@example.com:
• You may request access to the personal data we process about you
• You may ask us to rectify or erase your personal data
• You may object to or ask us to restrict our processing
• You may ask for your personal data to be provided in a structured, commonly used machine-readable format (data portability)
• You may at any time withdraw any consent you have given to the processing of your information
• You may complain about our processing of your personal data. You are always entitled to complain to the Danish Data Protection Authority, for example if you are dissatisfied with our handling of your complaint. You can read more on datatilsynet.dk
1.9. Participation in customer surveys
If you participate in a Spirii customer survey, we may in some cases use your response to customise our communication to you. In this connection, your response is anonymous.
1.10. Contact in relation to data protection
If you have any questions or queries in relation to our data protection, please contact our Data Protection Officer by email: firstname.lastname@example.org, telephone: +45 32 266 299 or by letter to: Attn.: Data Protection Officer, Bragesgade 8B, DK-2200 Copenhagen N
2. Social media policy
2.1. How do we process your data via social media?
Our social media partners collect statistical data about visitors’ behaviour for their own purposes. This is done via cookies and pixels on your device when you visit the pages. For further information on the processing of personal data by social media, please refer to their privacy policies (Facebook and LinkedIn) and their cookie policies (Facebook and LinkedIn).
2.2. How do we share your personal data?
We will never sell your personal data collected via social media to third parties.
The social media may share your personal data internally with their affiliates and externally with their business partners for analysis and advertising purposes as well as with other individuals, research partners and researchers and academics. For further information, please refer to the social media’s terms and privacy policies (see links above).
2.3. How can I exercise my social media rights?
The general setup of the social media platforms requires you to contact the social media in question if you wish to exercise your rights. This is because only social media can take the necessary measures to respond to most of your requests. However, if you think we can accommodate your request, you are also always welcome to contact us.
If you are a Facebook user, you can exercise your rights by changing your privacy settings (link) or configure your preferences (link) so that you can control how your personal data is collected and processed when you visit and use our Facebook page. If you are a LinkedIn user, click here (link) to change your settings or here (link) to exercise your rights.