Data protection information for the IONITY websites

1. Subject matter of this data protection notice
In the following, we would like to inform you in detail about which personal data (hereinafter referred to as "data") is collected when you visit our website and its subpages and use our offers there and how it is processed or used by us in the following. In addition, we would like to inform you about the rights to which you are entitled and the technical and organisational protective measures we have taken with regard to the processing of your data.
2. Name and address of the data controller and service provider
The controller within the meaning of Art. 4 No. 7 of the General Data Protection Regulation ("GDPR") is IONITY GmbH, Moosacher Straße 84, 80809 Munich, see our legal notice.
If you have any questions or comments about this data protection notice or about data protection in general, please send them to the above address or by e-mail to dataprotection@ionity.eu.
You can contact our data protection officer as follows:
IONITY GmbH
Data Protection Officer
Moosacher Strasse 84
80809 Munich
Germany
dataprotection@ionity.eu
3. Data processing, purposes, legal bases
The scope and type of collection and use of your data differ depending on whether you visit our website only to retrieve information or whether you use offers on our website that require you to provide further data about yourself.
3.1 Informational use
It is generally not necessary for you to provide personal data in order to use our website for information purposes only.
Rather, in this case we only collect and use the data that your internet browser automatically transmits to us, such as:
- Date and time of access to one of our Internet pages
- Your browser type
- The browser settings
- The operating system used
- The amount of data transferred and the access status (file transferred, file not found etc.)
- Your IP address
This is done to enable you to use the websites you have accessed and to check whether our websites are displayed to you in the best possible way.
In this context, your IP address is stored in logfiles in order to enable conclusions to be drawn and security gaps to be closed in the event of security-relevant incidents such as hacking attacks.
The processing is carried out on the legal basis of Art. 6 (1) (f) GDPR and in our interest to be able to display our website to you reliably and with as little disruption as possible.
3.2 Use of the contact forms
If you wish to contact us via the contact forms provided on our website, we collect the following data from you:
- The category of your enquiry
- Your name
- Your company (optional)
- Your e-mail address
- In the contact form for new locations, add your telephone number, your relationship to the location (optional), information about the location
- Your message to us
We use this data to answer your enquiry by e-mail. In this context, we use the category of your enquiry in order to be able to allocate your enquiry directly internally according to your request.
If your enquiry relates to an existing contractual relationship or you are interested in concluding a contract, the data processing is carried out on the legal basis of Art. 6 (1) (b) GDPR (contract initiation and implementation). Otherwise, the data processing is carried out on the legal basis of Art. 6 (1) (f) GDPR and in our interest in order to be able to answer your enquiry with the information relevant to you.
The data collected via the contact forms and the communication to answer your enquiry will not be stored on the web server.
We will delete the data that you send us via our contact forms once the respective purpose has been achieved.
3.3 Customer service
When you contact our customer service, we process personal data in order to be able to process your enquiry.
If you contact us by telephone, we may also ask you for general information about the charging conditions (e.g. the vehicle model, the RFID of your mobility service provider). If you wish to receive feedback from us, we will process either your telephone number or your e-mail address in order to contact you. If you are an IONITY customer and need help with the charging process, we process your data in accordance with Art. 6 (1) (b) GDPR (fulfilment of contract) and Art. 6 (1) (f) GDPR (legitimate interest). We process other requests in accordance with Art. 6 (1) (f) GDPR (legitimate interest). Our legitimate interests are to support our customers during the loading processes and to optimise our company processes and quality.
If you contact us by e-mail, we process the following categories of data:
- Name
- E-mail address
- Your request
- Metadata: Date and time of your enquiry, language
All tickets are deleted after the statutory retention periods have expired
To improve our customer service, we ask in advance whether we may record the call. If you consent to the recording, we will use the recording for training purposes for our customer service staff and to improve our customer service. The processing of your data is based on Art. 6 (1) (a) GDPR (consent). The recording is stored for 30 days. You have the right to withdraw your consent at any time with effect for the future and to have the recording deleted by sending an email to support@ionity.eu.
3.4 Newsletter
You have the option of subscribing to a newsletter on our website. Your data is collected and stored for the purpose of sending and delivering the newsletter. For this purpose, we collect your e-mail address to which we should send the newsletter, the date and time you subscribed to the newsletter. This serves as proof that you have subscribed to the newsletter.
In the newsletter, the display and click behaviour as well as the time of day and time of day are tracked with the help of a tool from Braze Inc, 28 East 28th St., 12th Floor Mailroom, New York, NY 10016, USA. Based on the display and click behaviour of the newsletter recipient, future newsletter content and transmission times are determined so that we can optimise the effectiveness of our advertising measures. If the IONITY app is used, the newsletter subscription is linked to the IONITY account in order to personalise newsletter content according to interests and usage habits.
The legal basis for the processing of your data for the newsletter dispatch and the evaluation of the display and click behaviour is Art. 6 (1) (a) GDPR (consent). You must therefore expressly consent to the sending of the newsletter before it is sent. The newsletter will only be sent after explicit confirmation (double opt-in).
Your data will be stored until you unsubscribe from the newsletter.
To unsubscribe from the newsletter and revoke your consent, either click on the unsubscribe link in a newsletter or send an e-mail to marketing@ionity.eu.
3.5 Customer surveys
By participating in our surveys, we collect your opinion about our services in order to improve them. It cannot be ruled out that it will be possible to trace you personally. Optionally, you can also provide your email address in some of our surveys so that we can contact you to improve our customer service in individual cases. Before each survey, we will always obtain your consent in accordance with Art. 6 (1) (a) GDPR. You can withdraw your consent at any time by sending an email to dataprotection @ionity.eu.
Furthermore, technical data is collected by your browser. This is necessary for technical reasons in order to display the website, carry out the survey and ensure stability. For this purpose, we collect, for example, your IP address, time zone or data about your browser. The legal basis is Art. 6 (1) (f) GDPR. This personal data is required to conduct the survey. They are only used temporarily and are not the subject of the survey analysis.
3.6 "WINGS" customer community
If you use the customer community purely for information purposes, the provisions in 3.1. In this case, your IP address is stored in non-personalised form in server access log files.
Only registered users can participate in projects (such as surveys, discussions, etc.) in the customer community. As soon as you create an account and participate in the customer community, we process the following data:
- Data for registration (e.g. name, postcode, e-mail address)
- Verification of the minimum age of 18 years
- Profile data (e.g. address, age, occupation, socio-demographic data)
- Content and results from projects (e.g. survey results)
The "WINGS" customer community platform is used for dialogue between you and us about the design of our products and services. Our new products and services are to be developed together with you and/or existing products and services are to be improved or optimised by us. To this end, we will publish certain topics within the framework of projects on the customer community platform. After registering once, you can participate in these projects during the period specified there and submit contributions such as ideas, suggestions, opinions, evaluations, comments, sketches, images, moving images and files. When registering, you consent to the processing of your personal data in accordance with Art. 6 (1) (a) GDPR. This consent extends to the registration and use of the community platform, as well as the invitation or participation in the projects in the community. The data entered in your profile will be reused for new projects and linked to new projects so that you do not have to enter the information again. Your profile will be visible to other community users, but your contact details will not be visible to other community users.
We only store your data for as long as it is required for the above-mentioned purposes. Your community account can be deleted at any time. Please send an e-mail to wings@ionity.eu for this purpose. The statistical analyses of anonymised data records remain stored. Posts that you have written before the deletion remain without personal reference or reference to the user.
For technical reasons, certain technical data such as the date and duration of the visit, details of the browser and operating system, etc. must be processed or technically necessary cookies set when visiting the platform. This serves to ensure that visitors and users are shown the content correctly and can use the platform without disruption. This is done in accordance with Art. 6 (1) (f) GDPR.
4. Use of third-party services, cookies and similar technologies
We use cookies and other technologies on our websites to secure and continuously improve the website, to display adverts based on user interests and to offer third-party services. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored on your computer, tablet computer or smartphone for later retrieval.
We use essential cookies and services without requesting consent because they are necessary for the presentation and functionality of our website.
An overview of all cookies used and further information on this can be found in the cookie settings, which you can access at the bottom of the website. Alternatively, click on the following link: https://www.ionity.eu/policies/privacy?show_consent=true
Deactivating cookies
You can determine yourself whether cookies can be set and retrieved using the settings in your browser. For example, you can completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback. You can block or delete individual cookies. For technical reasons, however, this may result in some functions of our website being impaired and no longer functioning fully.
Revoke or change cookie consent in general
To change or remove your cookie consent settings for our website, please go to your web browser and remove the page permissions or page cookies from ionity.eu. Depending on your browser, this setting can be found in the Cookie and site permissions, Security settings or Data protection/privacy menu.
After reopening our website, you will be shown the cookie consent selection menu again, in which you can specify your desired settings. Alternatively, please scroll to the bottom of our website and call up the cookie settings or click on the following link: https://www.ionity.eu/policies/privacy?show_consent=true.
5. Social Media
We operate online presences on various social media platforms (see list below). This allows us to communicate with users and represent our company.
We would like to point out that user profiles can be created in social media, e.g. to show you customised advertising. However, we have no influence on this data processing. When using such a platform, the data is collected and processed by the respective platform operator. This may also occur if you do not have a profile on a platform.
Details on the data processing of the individual platforms, objection options and the assertion of your rights as a data subject can be found on the respective platform. We are represented on the following platforms:
- Facebook: https://www.facebook.com/about/privacy
We have concluded a separate agreement on Page Insights with Facebook (information on Page Insights: https://www.facebook.com/legal/terms/information_about_page_insights_data). You can access this agreement at https://www.facebook.com/legal/terms/page_controller_addendum. It regulates, among other things, the respective obligations under the GDPR, such as the fulfilment of your rights as a data subject or security measures by Facebook.
- Instagram: https://instagram.com/about/legal/privacy.
- LinkedIn: https://www.linkedin.com/legal/privacy-policy
- TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/en
- YouTube: https://policies.google.com/privacy
The aforementioned social media process your personal data outside the European Union. Further information on this can be found in the data protection information of the respective platform operator.
Your data will be processed on the basis of Art. 6 (1) (f) GDPR as long as your legitimate interests do not outweigh this. Our legitimate interest is to customise our content to the site visitors and to increase the quality of our content as well as modern public relations work.
6. Service providers and data transfer to third parties
We are supported in the fulfilment of our services by processors and third parties. Processors have been carefully selected by us and integrated by means of contracts for commissioned data processing in accordance with Art. 28 GDPR.
If not already specified, we use the following recipients:
- Service provider for our customer service
- IT service provider
- Marketing service provider
- Advertising agency
Otherwise, your data will only be passed on to other third parties if this is expressly stated in this data protection notice or if we are legally obliged to do so.
We also transfer your data to service providers and vicarious agents who are located in third countries (outside the EU) and carry out data processing there. Compliance with an appropriate level of data protection is ensured by various mechanisms.
- If the level of data protection in the third country is guaranteed by an adequacy decision, this serves as the basis for the data transfer (Art. 45 GDPR).
- If the service provider is certified under the Data Privacy Framework, the adequate level of data protection is ensured by the aforementioned adequacy decision pursuant to Art. 45 (1) GDPR.
- Otherwise, transfers to third countries only take place if the level of data protection is otherwise ensured, such as through standard contractual clauses (Art. 46 (2) (c) GDPR), express consent or in the case of contractual or legally required transfers (Art. 49 (1) GDPR). If the transfer is based on standard contractual clauses, the standard contractual clauses provided by the EU Commission are used for this purpose: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj.
7. Storage duration
Unless specified in the individual data processing operations, the following applies:
- In principle, data is only stored for as long as is necessary to fulfil the purposes for which it was collected or, if you have given your consent, until you withdraw your consent. After these periods have expired, the data will be deleted or anonymised unless there are statutory retention obligations that require longer storage.
- Commercial and tax documents are subject to a retention period of 10 years.
- Other business documents are subject to a retention period of 6 years.
- Data that is required due to potential warranty and compensation claims or similar contractual claims must be retained for 3 years.
8. Your rights as a data subject and your right to lodge a complaint
8.1. Rights of data subjects
With regard to the processing of your personal data, you have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. You also have the right to have data rectified in accordance with Art. 16 GDPR or erased in accordance with Art. 17 GDPR and to restrict processing in accordance with Art. 18 GDPR. Furthermore, in accordance with Art. 20 GDPR, you have the right to demand the return of the personal data you have provided in a structured, commonly used and machine-readable format.
If we process your data on the basis of legitimate interests in accordance with Art. 6 (1) (f) GDPR or for the performance of a public task in accordance with Art. 6 (1) (e) GDPR and if there are reasons against this processing arising from your particular situation, you have the right to object to this processing in accordance with Art. 21 (1) GDPR. In the event of an objection, we will no longer process your data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.
You have the right to object - without restriction - in accordance with Art. 21 (2) and 3 GDPR to any type of processing for direct marketing purposes.
If we process your data on the basis of your consent, you have the right to withdraw your consent at any time. Your data will then no longer be processed for the purposes covered by your consent. Please note that the withdrawal of consent does not affect the lawfulness of data processing that took place prior to the withdrawal. Please refer to the above information or the information in the respective consent for details of how you can declare your cancellation or contact our Customer Service.
To exercise your rights, please contact: support@ionity.eu.
8.2. Complaint to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR).
The competent supervisory authority in Bavaria is Bavarian State Office for Data Protection Supervision, P.O. Box 606, 91511 Ansbach, www.lda.bayern.de.
9. Data security
We and our contractually bound processors use state-of-the-art technical and organisational security measures to protect the data you provide to us from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security measures are continuously improved in line with technological developments.
10. Version and update of the data protection information
We update our data protection information at regular intervals, as our data processing is subject to change. You will always find the latest version of our data protection information here. You can also request the current version of the data protection information by sending an email to dataprotection@ionity.eu.
Last update: December 2024