Privacy Policy
EV Network Intelligence — Privacy Policy
1. Introduction
The Policy contains information on the processing of personal data of contact persons of our clients within EV Network Intelligence, which is a monitoring and automation system for electric vehicle charging infrastructure, based on advanced artificial intelligence algorithms, available as a web application and via API-first and Agentic AI-first models (the "System").
Our clients with regard to the System are any legal entities or organizational units, in particular:
- managing EV charging stations (Charge Point Operator - CPO)
- providing EV charging services to EV drivers (Electromobility Service Provider - eMSP)
- supplying EV charge point management systems (CPMS)
- constituting an e-roaming hub,
which executed with us the Terms & Conditions applicable for the System ("Clients" or the individually "Client" and "T&C").
This Policy applies to:
- persons representing the Client irrespective of the legal basis of such representation,
- persons designated for contact or making ongoing arrangements on behalf of the Client in connection with the T&C,
- persons whose data appear in the company name of the Client
(including: members of the management board, power of attorneys and proxies, employees, associates, partners) (the "Contact Persons" or individually "Contact Person").
Solidstudio acts as data controller of Contact Persons necessary for the execution and performance of the T&C (contacts, settlements, etc.).
With regard to other personal data transmitted or uploaded into the System by the Client, including within input data, the Client remains the data controller of those data and Solidstudio acts as a processor on behalf of the Client. Therefore, those data are not the subject of this Policy.
2. Basic Information on Data Processing
2.1 Personal Data Controller
The controller of your personal data is Solidstudio Sp. z o.o. with its registered office in Kraków, ul. Karmelicka 27/101, 31-131 Kraków, NIP: 6762513853, KRS: 0000638097, share capital: PLN 56,700 fully paid.
You may contact Solidstudio by e-mail: gdpr@solidstudio.io and rodo@solidstudio.io.
2.2 Where do we obtain your data?
We obtain your data from you through setting up an account within the System, your subsequent entry/modification of data in the System account, you providing us with data within the individually set remuneration plan, as well as from public sources. i.e. the National Court Register and the website of the Client.
We may also obtain personal data – subject to your consent – because of using analytical and marketing tools and their cookies within the System.
2.3 How do we protect your personal data?
The protection and security of your personal data is our priority. That is why we use technical and organizational measures to ensure data protection in accordance with applicable regulations, including the GDPR. The measures are adequate to the risk of violation of your rights and freedoms. We protect your data against unauthorized access, alteration, loss, damage, destruction and other types of processing in violation of the regulations. We disclose data to third parties only to the necessary extent, in compliance with the law and following an appropriate legal basis. We ensure that people who have access to your data have been duly authorized and have undertaken to protect and maintain the confidentiality of the data. Our technical solutions are state-of-the-art. We have also implemented procedures in case of a breach of personal data protection.
2.4 Legal basis and purposes of personal data processing
Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ["GDPR"] and the Personal Data Protection Act of 10 May 2018.
| Legal basis | Purpose of processing |
|---|---|
| Art. 6(1)(f) GDPR (legitimate interest) | execution and performance of T&C with our Client, including party verification, settlements, documentation of the process and necessary contact |
| Art. 6(1)(f) GDPR (legitimate interest) | analytics and statistics (researching how the System is used) |
| Art. 6(1)(f) GDPR (legitimate interest) | ensuring IT security and functionality of the System (including protection against cyber-attacks, fraud detection) |
| Art. 6(1)(f) GDPR (legitimate interest) | establishing, pursuing, or defending of possible mutual claims between us and the Client |
| Art. 6(1)(c) GDPR (legal obligation) | tax and accounting obligations |
| Art. 6(1)(c) GDPR (legal obligation) | ensuring the legality of the System and its functionalities |
2.5 Data obtained from sources other than yourself
We process the following data which have been obtained from sources other than yourself: name and surname, business contact details (telephone number, e-mail address), position/function, other data if publicly available in the National Court Register or on the Client's website.
2.6 Criteria for determining the period for which personal data will be stored
The data processed based on legitimate interest will be stored for the period necessary to achieve the purposes covered by our legitimate interests, unless we are obliged to cease processing the data earlier due to your objection.
The data processed based on a legal requirement will be stored for the period required by tax and accounting regulations – the general rule here is 5 years from the end of the calendar year in which the tax payment deadline expired.
2.7 Information about categories of recipients of personal data
The recipients of your personal data are entities cooperating with us as part of our business activities on the basis of entrusting them with the processing, on our behalf, of the data at our disposal, i.e.: suppliers of software supporting business processes (email, CRM software), hosting services providers, companies providing software and hardware maintenance, providers of the services used within the System: analytical tools, the cookie consent tool, electronic payments intermediary.
2.8 Information about the possible obligation to provide data and the consequences of not providing it
Providing personal data required by the System for setting up the account or for setting the individual remuneration plan is necessary to use the System and its functionalities. Providing data for analytical purposes is fully optional.
2.9 Information about the rights of the data subject
You have the right to:
- access your personal data,
- request rectification, erasure or restriction of the processing of such data,
- withdraw your consent to the processing of such data at any time (if and to the extent the data is processed based on a consent); consent revocation does not have a retroactive effect, i.e. it influences only future processing,
- transfer such data (the right to receive it from us and send it directly to another controller),
- object to the processing of such data based on Article 6(1)(f) of the GDPR,
- lodge a complaint regarding the processing of such data.
To exercise these rights, please contact us at the address provided in section 2.1 of this Policy.
2.10 Right to object
To the extent that your personal data is processed under Article 6(1)(f) (our legitimate interest), you have the right to object at any time – for reasons relating to your particular situation. We are then no longer permitted to process your data — unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or grounds for establishing, pursuing, or defending legal claims.
2.11 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the European Union of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of your data violates the GDPR. In Poland, the supervisory authority is the President of the Personal Data Protection Office.
2.12 Automated actions
Your interactions within the System regarding the execution and performance of the T&C, as in many other cases where services are provided in electronic form, are automated, including the execution of the T&C and further actions (contacts, settlements) connected therewith. This automation is necessary for the execution and performance of the contract between us and our Client.
Automated processing, too, takes place regarding the use of our analytical tools (described in point 4.1 below). However, this does not affect you in any significant way and is subject to your consent.
All automation is overseen by our team. You may always contact us directly if you feel that any of your rights have been violated by automated actions.
For the sake of clarity, we explain here that due to the nature of the System, which is artificial intelligence powered, the provision of services therewith (providing output and chatbot conversations) is inherently based on automation. However, with regard to those actions, we act as the Client's data processor not data controller.
2.13 Territorial scope of data processing
Your data will be processed within the European Economic Area (EEA).
3. Functionalities of the System Which Gather Data
3.1 Cookie consent tool
We use a cookie consent tool (the "Cookie Bot") to effectively obtain your consent to cookies.
The Cookie Bot appears as an interactive interface when you start using the System. Via the Cookie Bot you may consent to optional cookies by checking the appropriate box. Optional cookies are only uploaded if you agree to them by checking the appropriate box. The tool sets essential cookies to save your cookie preferences.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest): ensuring the legality of the System and its functionalities.
3.2 Contact via contact addresses
You can contact us using the addresses provided in this Policy. By providing us with information using the available addresses, you consent (within the meaning of the Electronic Communications Law) to us contacting you back using the same or another communication channel indicated in the information provided to us (email, SMS, phone conversation, electronic communicators). This consent is voluntary and you may revoke it at any time by contacting us using the addresses available in this Policy. The revocation of consent is effective for the future.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest): execution and performance of T&C with our Client.
3.3 Account in the System
To use the System, an account needs to be set up therein on behalf of our Client. In the process your data may appear as the Client's Contact Person.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest): execution and performance of T&C with our Client.
3.4 Cookies
Cookies are small text files stored on your device (computer, smartphone) when you use the System. They allow us to 'recognize' the user of the System and remember his/her preferences or activity history.
Our website utilizes the following categories of cookies (scopes) to manage user experience, analytics, and advertising preferences. This configuration is aligned with Google Consent Mode v2.
Necessary
Essential for the website's basic operation, like navigation and security. These cookies are crucial for the website to function properly. They enable basic features like page navigation, accessing secure areas of the website, protecting against malicious attacks (e.g., CSRF/XSS), and remembering your cookie consent preferences. The website cannot function correctly without these cookies, and they cannot be disabled by users.
System Mapping (Google Consent Mode v2): security_storage (always granted)
Analytics
Help us understand how visitors use the site, allowing us to improve it. These cookies collect anonymous statistical data about how visitors interact with the website (e.g., via Google Analytics). This information helps us optimize the user experience, measure time spent on specific pages, and identify technical issues or errors.
System Mapping (Google Consent Mode v2): analytics_storage
Marketing
Used to track users and display more relevant advertisements. These cookies are set by third-party providers (e.g., Google Ads, Meta Pixel) to track user activity across different websites. They are used to build a profile of user interests in order to show personalized, targeted advertisements and to measure the effectiveness of marketing campaigns.
System Mapping (Google Consent Mode v2): Controls three parameters: ad_storage, ad_user_data, ad_personalization
Preferences
Remember your choices, like language, to personalize your experience. These cookies allow the website to remember information that changes the way the site behaves or looks. This includes remembering your preferred language, region, light/dark mode settings, applied search filters, or items in a local shopping cart before logging in.
System Mapping (Google Consent Mode v2): functionality_storage
We divide the technologies used into two main categories:
a) Essential (Technical) cookies: These are fundamental to the operation of the System. Without them, you would not be able to log in to the System management panel, and we would not be able to ensure the System usage security. Their purpose is to ensure the proper functioning of the System. These files are required by default and do not require your consent; they are automatically activated when you enter the System website.
b) Analytical cookies: They allow us to 'see' how and how often users use individual functions of the System. Their purpose is to identify errors in the operation of the System and to optimize its performance. The use of these files depends on your voluntary consent (within the meaning of the Electronic Communications Law) expressed in the cookies consent tool.
Consent is voluntary and you may revoke it at any time by changing the settings in the cookies consent tool or clearing cookies on your device, which will restore the original settings. Revoking consent is effective for the future.
Cookies can also be distinguished based on their storage duration: session cookies — temporary cookies that are stored on the user's end device until logging out, leaving the website, or changing browser settings; permanent cookies — stored on the user's end device for the time specified in the cookie parameters or until deleted by the user.
The maximum storage period for cookies is up to 2 years.
4. Analytical and Marketing Tools (cookie based)
4.1 Analytics tools — Google Analytics, Google Tag Manager
Google Analytics is designed to analyze how you use the System. It collects first-party cookies, which include data related to your device and browser, IP address, and user actions, to measure and report statistics on user interactions with the System. Google Analytics does not record or store IP addresses when collecting data.
We use Google Analytics to analyze how you use the System to improve it. We receive general, anonymized reports that cannot be assigned to a specific user.
We may also use Google Tag Manager, a tool that facilitates the configuration of Google Analytics and other similar tools. GTM operates on data collected by other tools.
Google tools are provided by Google (as a rule, depending on location: Google Ireland Limited, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland – for users of Google services in the European Economic Area and Switzerland, and Google LLC, with its registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA – for users of Google services in the United Kingdom and elsewhere).
Google acts as our processor, which also processes data in third countries through subcontractors. Google LLC, is a member of the Data Privacy Framework.
4.2 Meta Pixel
The Meta Pixel is a tool used to measure the effectiveness of advertisements by analyzing your actions within the System. It collects information about how you use the website, which allows for the tailoring of advertisements displayed to you on social media platforms (Facebook, Instagram) based on your individual preferences, as well as the optimization of marketing campaigns. The data collected via the Pixel is generally anonymous to us as the administrator—we only see aggregated statistics. However, the tool provider may link this information to your account on Meta platforms.
Meta tools are provided by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) for users in the European Economic Area, and Meta Platforms Inc. (1601 Willow Road, Menlo Park, CA 94025, USA) for users in the United Kingdom and elsewhere.
4.3 LinkedIn Pixel (LinkedIn Insight Tag)
The LinkedIn Pixel is an analytical tool that allows us to measure the effectiveness of our advertising campaigns and research the demographics of users visiting the System (e.g., job titles, industries, or company size). It enables us to display personalized advertising content to LinkedIn users who have previously visited our System and helps us optimize our marketing activities. This data is processed in a manner that prevents us from directly identifying a specific user.
LinkedIn tools are provided by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland) for users in the European Economic Area, and LinkedIn Corporation (1000 W. Maude Ave., Sunnyvale, CA 94085, USA) for users in other regions.
4.4 X Pixel (formerly Twitter Pixel)
We use the X Pixel to measure the effectiveness of our advertising campaigns on the X platform and to understand the actions users take in our System after viewing or clicking on our ads. This tool allows us to track conversions, optimize our advertising spend, and build tailored audiences for remarketing purposes. This data is processed in a way that does not allow us to directly identify individual users.
These tools are provided by Twitter International Unlimited Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) for users in the EEA and Switzerland, and X Corp. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA) for users in other regions.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest): analytics and statistics (researching how the System is used).
4.5 Marketing tools
Google Ads
We use Google Ads to promote our System and display advertisements to users who have previously visited our site or who may be interested in our services. Google Ads uses cookies to track the performance of advertising campaigns, measure conversions, and serve personalized ads based on your previous interactions with our System.
As with other Google tools, these services are provided by Google Ireland Limited (for users in the EEA and Switzerland) or Google LLC (for the UK and elsewhere).
Meta Ads
We use Meta Ads (formerly Facebook Ads) to deliver targeted advertisements to users on Meta platforms, such as Facebook and Instagram. This service uses cookies and tracking technologies to reach users who have previously interacted with our System (remarketing) or who share similar interests with our audience.
These services are provided by Meta Platforms Ireland Limited (for EEA users) and Meta Platforms Inc. (for users in the UK and elsewhere).
LinkedIn Ads
We use LinkedIn Ads to reach a professional audience with relevant marketing content. Through LinkedIn's advertising tools, we can display sponsored content and advertisements to users based on their professional profiles (such as job titles, industries, or seniority) and their previous visits to our System.
These services are provided by LinkedIn Ireland Unlimited Company (for EEA users) and LinkedIn Corporation (for users in other regions).
X Ads (formerly Twitter Ads)
We use X Ads to deliver sponsored content and advertisements to users on the X platform. This service uses cookies and tracking technologies to reach users who have previously visited our System (remarketing) or who may be interested in our services based on their professional interests and activities on X.
These services are provided by Twitter International Unlimited Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) for users in the European Economic Area and Switzerland, and X Corp. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA) for users in other regions.
HubSpot
HubSpot is an integrated marketing, sales, and service platform. We use HubSpot cookies to track your behavior in the System, manage our contact database, and automate our marketing communication. If you provide us with your contact details (e.g., via a form), HubSpot may link your previous anonymous browsing history with your profile to better tailor our communication to your needs.
These tools are provided by HubSpot, Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) and its affiliate, HubSpot Ireland Limited (Ground Floor, Two Dockline, Mayor Street Upper, Dublin 1, Ireland).
ActiveCampaign
ActiveCampaign is a tool used for marketing automation and email communication. It uses cookies to track user interactions with the System and our email messages. This allows us to understand which content is most interesting to you and to send you personalized updates and offers.
These tools are provided by ActiveCampaign, LLC (1 North Dearborn Street, 5th Floor, Chicago, IL 60602, USA).
Pipedrive
Pipedrive is a Customer Relationship Management (CRM) tool. We use Pipedrive cookies and tracking technologies to manage our sales processes and analyze how potential customers interact with our System.
These tools are provided by Pipedrive OÜ (Mustamäe tee 3a, 10615 Tallinn, Estonia) and its global affiliates, including Pipedrive Inc. (460 Park Ave South, New York, NY 10016, USA).
Legal basis: Art. 6(1)(f) GDPR (legitimate interest): marketing activities.
5. External Supplier of Electronic Payments
Payments for the System are made through a third-party payment system provider enabling payments via credit cards. If the Client decides to use the services of this entity, we will provide it with the data necessary for making and settling the payments, which may include your data e.g. e-mail address or credit card details and place of residence — if the card is in your name.
This entity and the Client's/yours bank act as independent controllers of your personal data, if they appear within the payment process. The entity and the bank apply their own data processing policies and principles, and in this respect, they remain responsible for this processing.
6. Final Information
We want to continuously develop to ensure the security of the data entrusted to us. We may change the Privacy Policy if required by applicable law or if it is necessary to improve the standard of information or protection. We may also change the Policy following changes of the System functionalities. We will inform you of any changes when you first use the System after the Policy has been changed.