EVBox's Commitment to the GDPR law
The General Data Protection Regulation (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the 1995 Data Protection Directive. The GDPR enhances EU individuals’ privacy rights and places significantly enhanced obligations on handling data. The regulation will become effective and enforceable on the 25th May 2018.
Our commitment: EVBox is fully committed to achieving compliance with the GDPR. Here at EVBox, we care about being compliant with regulations and ensure the right use of data. More importantly, we care about you, your business, and your privacy.
What changes is EVBox doing to be GDPR compliant?
We are taking many steps across the entire company to ensure we will be ready for the GDPR. One of the first step was to appoint a Legal & Data Protection
- We are updating all our marketing and content consumption process to be consent-focused, meaning you provide consent to what you want us to send to you.
- We are also updating our business development and sales process to ensure potential customers give us consent to share their personal data with partners and installation companies prior to contacting you.
- We are improving anonymity within our EV charging management software platforms.
- We're also working on the connectivity of our different tools to work together and ensure a professional contact database management so that you can request your data at any point in time.
Based on the research conducted by both our inside and outside counsels we are confident these changes will address the requirements of GDPR.
What does EVBox do with customers data?
We only collect information which will allow us to perform our job on your behalf, in the most efficient manner possible. Which is why we collect your personal, professional, for the purposes of sending you the content or marketing collateral you give consent to or getting to you the quotation you requested. We also collect charging and financial data only for the purposes of creating an account, providing charging insights on your sessions, and invoicing you.
What do EVBox Customers need to do?
Depending on your situation, there are different things you might need to do. Below are the two most impactful changes that we can foresee that might affect you as a result of being an EVBox customer:
If you are in the European Union you’ll likely want to sign a Data Processing Agreement with EVBox. We’re happy to do so. You can review and digitally sign a copy of the Data Processing Agreement here. We will countersign it and provide you with a fully executed downloadable copy via email within 3 business days. If you have any questions about its contents simply email firstname.lastname@example.org.
You may contact our Legal & Compliance Manager, Audrey Poelaert, by email: email@example.com.
What does the GDPR regulate?
The GDPR regulates the processing of a data subject’s personal data in the European Union including its collection, storage and transfer or use. The GDPR gives data subjects more rights and control over their data by regulating how you should handle and store any personal data they collect.
Who does the GDPR apply to?
The provisions of the GDPR apply to any entity that processes personal data of individuals in the European Union (EU), including tracking their online activities, regardless of whether the entity has a physical presence in the EU.
We are not based in the EU. Do we still need to comply?
Yes! If you are an entity outside the EU, you should still be aware of the GDPR and comply with it if you process personal data of individuals in the EU.
What happens if we don’t comply with the GDPR?
Lack of compliance can result in fines of up to 4% of annual global turnover or €20 Million (whichever is largest) for breaching GDPR.