Last Updated 24 Apr 2024
GENERAL “POWER UP” LLC
PERSONAL DATA PROTECTION POLICY
(PRIVACY POLICY)
This personal data protection policy (privacy policy) (“Privacy Policy” or “Policy”) set up rules and conditions how personal data should be processed by POWERUP SOLUTIONS PTE. LTD. (Singapore) or entities from the same group of companies (“Company” or “Controller”) that own “PowerUP” mobile application (“App” or “PowerUP”).
The Company respects and protects privacy and collecting, using, retaining, sharing, and/or disclosing personal data fairly, transparently, and securely.
The Company respects data subject rights and respond to queries and requests made by individuals about their personal data.
The Company operates in different countries where privacy regulations can be different and contradict one another that is why this policy set up rules for data protection that can the requirements of applicable laws and regulations. Local laws and regulations that apply to the activities described in this Policy may be more restrictive than this Policy. Where that is the case, the more restrictive rules must be followed. Specified conditions are set up in privacy notices that reflect actual and more detailed rules in dedicated jurisdictions.
1. Definitions
The Privacy Policy contains different terms that are defined below:
“App” and “PowerUP” mean “PowerUP” mobile application.
“Company” and “Controller” mean POWERUP SOLUTIONS PTE. LTD. (Singapore).
“Partner” means dedicated legal entity that provides operational support to the Company in country/region generally without access to Personal Data. The Partner is can be empowered (see your Notice) to collect and transfer data subjects’ requests to the Company and communicate back to data subjects upon Company’s notification.
“Personal Data” means any information about an identified or identifiable natural person (including but not limited to our employees, patients, shareholders, contractors, or the staff of our suppliers, visitors to our buildings, or website users).
“Policy” and “Privacy Policy” mean present personal data protection policy (privacy policy).
“Privacy notice” means dedicated e-document with detailed information about Personal Data processing within process and/or country/jurisdiction.
2. Personal data collected by the Company
The Company processes the following types of Personal Data of the App for the appropriate purposes only as it is reflected below
Name
Preparing, conclusion and execution of the user agreement.
Providing user (data subject) with access to the App and its functionality.
Contacting user in case of any errors and/or issues.
Providing support for registered users.
Phone number
Preparing, conclusion and execution of the user agreement.
Providing user (data subject) with access to the App and its functionality.
Contacting user in case of any errors and/or issues.
Providing support for registered users.
Informing users about charging terminals in the area.
Preparing, conclusion and execution of the user agreement.
Providing user (data subject) with access to the App and its functionality.
Contacting user in case of any errors and/or issues.
Providing support for registered users.
Informing users about charging terminals in the area.
Payment details
Execution of the user agreement (payment processing).
Date of birth
Preparing, conclusion and execution of the user agreement.
App usage information
Providing users with full functionality of the App.
Providing raw data for statistics research of anonymized data.
Errors analysis for further improvement.
Device IDs (MAC, IP)
Providing users with full functionality of the App.
Providing raw data for statistics research of anonymized data.
Errors analysis for further improvement.
Informing users about charging terminals in the area.
Device details (type of the device, etc.)
Providing users with full functionality of the App.
Providing raw data for statistics research of anonymized data.
Errors analysis for further improvement.
Informing users about charging terminals in the area.
GPS location
Informing users about charging terminals in the area.
3. Questions and Concerns
3.1 Data Minimisation: Company collects and uses the as minimum as possible Personal Data to operate, provide users with services and support functionality of the App, and support business activities.
3.2 Access limitation: Company segregates access to your personal data inside the Company (within employees) and does not sharing your data with any companies that are not mentioned in this Policy or Privacy notice.
3.3 Accuracy: Company makes its best to keep Personal Data accurate and up-to date. When user detects that any piece of Personal Data is inaccurate or outdated Company blocks access to the data until it is updated and validated.
3.4 Legitimacy: Company uses Personal Data where it has a legitimate business need or a legal obligation.
3.5 Security: Company protects any personal data collected, used, retained, and disclosed by following the relevant usage, technical, and organizational internal documents. Safeguards must be put in place to protect Personal Data against a variety of threats, including:
Loss or theft;
Unauthorized access, use, or disclosure;
Improper copying, modification, or tampering;
Improper retention or destruction; and
Loss of integrity, availability, and access to Personal Data.
Processors, employees or any other persons and entities empowered to process Personal Data must take appropriate steps to prevent the misuse or loss of Personal Data, to prevent unauthorized access to it, and to report any known or suspected instance of misuse, loss, or unauthorized access to Company’s management and local Partners.
3.6 Data Subject Rights and Requests: individuals can file requests to the Company about their Personal Data, and, where required by law, Company provides them with the ability to access, correct, and delete their Personal Data. Requests can be files to the Company directly (via contact details in the App) or through the Partner.
3.7 Retention: Personal Data is kept only if necessary to support a specific business activity or legal or regulatory requirement.
3.8 Sending your Personal Data abroad: as soon as the Company is domiciled in Singapore and the App is being hosted on Singapore’s servers, users’ Personal Data is transferred and stored there in accordance with applicable legal regulations.
3.9 Third parties: the Company utilizes Partner’s technical infrastructure (in Singapore) for hosting purposes, this Partner is legally engaged for data processing as a data processor. The Company before engaging the Partner has assessed technical and organizational data protection measures taken by it.
3.10 Data subjects: the Company processes Personal data of its employees and App users, this Privacy Policy covers only users’ data processing.
3.11 Legal obligations: the Company has legal obligations to disclose, block, or somehow suspend Personal Data processing. If the Company is obliged to share Personal Data or process it exceed of purposes mentioned above under legal requests of state or municipal authorities, courts, or other bodies or entities it will do this, but keep track record of such processing.
4. Personal Data protection
4.1 The Company has adopted both organizational and technical data protection measures.
4.1.1 Organizational measures include:
Treating all Personal Data as highly confidential information and applying measures applicable for highly confidential information;
Restricting access to Personal Data for employees and third parties that do not need it;
Restricting usage of Personal Data in purposes other than mentioned in this Policy and Notice;
Imposing local acts on data protection;
Training of employees;
Restriction copying, sending and/or printing of Personal Data (exception – urgent situation when any other alternative imposes higher risks for data subject and/or the Company);
Transferring data only on a basis of legal document (contractual clauses).
4.1.2 Technical measures include:
Segregation of accesses to data bases that contain Personal Data;
Using anti-virus and anti-spy software;
Transferring Personal Data via protected encrypted channels (at least protected by the password);
Assessing of the Partner’s technical infrastructure.
4.2 Lists below are high-level description of adopted measures that aim to protect Personal Data, exact list of such measures is confidential information that cannot be discloses due to security reasons. If data subject needs more detailed description, he/she needs to reach out to the Company (send a request).
4.3 The Company re-assessing own data protection measures and sometimes upgrading its approaches. Such changes are usually become parts of general measures mentioned above that is why such changings/updated are not triggers for changing the Policy.
5. Data subjects’ requests
5.1 Data subjects can ask a question about Personal Data processing or request access to his/her Personal Data that is processed by the Company (or its copies) when he/she needs it (“Data requests”).
5.2 The Company in each case will try to provide as much information as possible considering jurisdiction and kind of Data request. If there are any burdens for Data request fulfillment the Company notifies data subject about such burdens.
5.3 Data subject can file his/her request via e-mail support@wepowerup.io or through the Partner that operated in data subject’s area. For more details see your Notice.