Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

deny icon
Deny
allow icon
Accept
Cookies

Privacy Policy

Preliminary remark**

With the following data protection declaration we clarify the processing of personal data when using the Cariqa offers and related services.

For better readability, we use the terms "we", "us" or "Cariqa" to describe our company.

When we speak of "you", "your" or "user" we expressly mean the users of Cariqa offers.

Name and contact details of the person responsible for processing

The contact person and person responsible for the processing of your personal data is KZY Marketplace Solutions GmbH, Chausseestr. 41B, 10115 Berlin (hereinafter "we", "us" or "Cariqa").

Email: help@cariqa.com

If you have any questions on the subject of data protection and the assertion of data subject rights in connection with Cariqa offers, please use the email address provided above.

Collection and storage of personal data and the type and purpose of their use

We can process the following data for the use of our offers:

Personal data for user identification that you make available to us when using our offers, e.g. by registering or filling out your user profile, such as name, e-mail address, address, telephone number.

Additional information that you provide when completing your profile, such as vehicle information, gender, date of birth.

Information about your access device and your visits to our website or the use of our mobile offers, such as date and time and length of access, IP address of the accessing device, website from which access is made (referrer URL), browser used and, if applicable, the operating system of your computer and the name of your access provider.

Information you provide to us when subscribing to our newsletter, such as name and email address.

For the use of our offers -mobile offers included, your device location, vehicle data, information about charging transactions and your usage behavior with regard to our mobile app can also be processed.

The data mentioned are processed for the following purposes:

  • Ensuring a smooth connection to the website;
  • Ensuring comfortable use of the website and mobile applications (e.g. app) and all related offers;
  • Communicate with you, e.g. by sending you communications or requested newsletters;
  • provision of routing and charging services;
  • Anonymize the data to use them for statistical purposes;
  • Evaluation of system security and stability as well
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 S. 1 lit. f GDPR. The legitimate interest follows from the data collection purposes listed above.

Some data processing is required to fulfill the contract and is used exclusively for this purpose (Art. 6 para. 1 S. 1 lit. b GDPR).

Some data processing operations (such as sending our newsletter or using location data) are only possible with your express consent (Article 6 para. 1 S. 1 lit. a GDPR). You can revoke any consent you have already given at any time. An informal message by e-mail is sufficient for this. The legality of the processing of the data that took place up until the revocation remains unaffected before the revocation.

In addition, cookies and analysis services are used when visiting the website and using the mobile offers. You will find more detailed explanations on this below in this data protection declaration.

Use of the contact form

We offer you the opportunity to contact us via a form provided on our website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.

The data processing for the purpose of contacting us takes place in accordance with Art. 6 para. 1 S. 1 lit a GDPR on the basis of your voluntary and revocable consent.

The personal data collected for the use of the contact form will be automatically deleted after the request you have made has been dealt with.

Sharing of Data

Your personal data will not be transmitted to third parties for purposes other than those listed below.

Your personal data will only be passed on to third parties if:

  • you have given your express consent to this in accordance with Article 6 para. 1 S. 1 lit. a GDPR;
  • the disclosure is necessary in accordance with Article 6 para. 1 S. 1 lit. f GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data;
  • in the event that there is a legal obligation for disclosure in accordance with Article 6 para. 1 S. 1 lit. c GDPR or
  • this is legally permissible and required for the processing of a contractual relationship in accordance with Article 6 para. 1 S. 1 lit. b GDPR.

Sharing Data with Charge Point Operators: 

When you use our offers, we share certain personal data with the respective Charge Point Operator (CPO), in order to facilitate the provision of our services, to process payments for the energy used during the charging session and to generate accurate billing records. The data shared with the CPO include your name/surname, address as well as all details related to energy recharge transactions. The legal basis for this data sharing is Art. 6 para. 1 lit. b GDPR (contractual necessity), Art. 6 para. 1 S. 1 lit. c GDPR (legal obligation), and Art. 6 para. 1 S. 1 lit. f GDPR (legitimate interest). Any further processing of your personal data by the CPOs lies outside of the control of Cariqa. The CPO acts as independent data controller and is therefore responsible for complying with applicable data protection laws and ensuring the security and confidentiality of your personal data. If available, please read the Privacy Policy of the relevant CPO to understand how they process your personal data. 

Sharing Data with Third-party Providers:  

Parts of our data processing are carried out by external third-party providers and service providers. This includes, among other things, credit card processing, provision of certain technologies such as route planning, charging infrastructure, software applications, logistics and other services that are required for the operation, provision and maintenance of our offers and the fulfillment of data processing purposes. If data is passed on by us to such third-party providers and service providers, there is a proper data processing relationship between us and the respective partners within the meaning of Art. 28 GDPR and we’ve concluded respective Data Processing Agreements (DPA) with them as per Art. 28 para. 3 GDPR. This means that the respective third-party providers and service providers may only use the data passed on by us to fulfill their tasks as per our instructions. The providers named were selected by us with the utmost care and are contractually bound to our instructions within the framework of the respective DPA. We regularly check that the protection of the rights of data subjects is complied with by our processors.

We use the services of Stripe Payments Europe Ltd., The One Building, 1 Grand Canal Lower, Dublin 2, Ireland (hereinafter Stripe) to process payments. The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR (contractual necessity) and Art. 6 para. 1 S. 1 lit. f GDPR (legitimate interest). We ourselves do not store any credit card information in connection with the processing of a payment. The corresponding payment information (such as credit card data or bank details) is sent directly to Stripe. Information on data processing by Stripe can be found in Stripe's data protection declaration, available at: https://stripe.com/en-it/privacy

Cookies

We use cookies on our website and when using our mobile offers. These are small files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site or use mobile offers. Cookies do not damage your end device and do not contain viruses, Trojans or other malware.

Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity.

Some cookies are necessary for the use of our website. These cookies are not used for analysis, tracking or advertising purposes. Some of these cookies only contain information about certain settings and are not personalised. They may also be necessary to enable user guidance, security and operation of the website. We use these cookies on the basis of Art. 6 para. 1 S. 1 lit. f GDPR, based on our legitimate interest in being able to offer basic functions of the website in order to ensure the maintenance of functionality.

Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. You can object to the use of cookies on the corresponding button. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

In addition, we also use technically non-essential cookies on our website on the basis of your consent. These cookies serve to make the use of our offers more pleasant for you and to optimise user-friendliness. We can also use cookies to statistically record the use of the website and the mobile offers and to evaluate them for the purpose of optimising the offer for you. This processing will only be carried out if you have given your explicit consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR and § 25 para. 1 TDDDG (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz). You can revoke your consent at any time. To do so, click on the “Cookies” icon at the bottom of the screen and make the desired settings in the cookie consent banner that opens.    

Google Analytics / Firebase

Our website and mobile offerings use Google Analytics Firebase (Google Firebase), an app analysis service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). The various functions of Google Firebase enable us to analyze your behavior when using our app. This enables us, for example, to draw conclusions about your screen views, clicks on certain buttons or in-app purchases and determine which functions in our app are used more or less frequently. For this purpose, Google Firebase stores a range of data such as the number and duration of your sessions, the operating system, device information or the access region. A dedicated overview of the data collected by Google Firebase can be found at: https://support.google.com/firebase/answer/6318039?hl=de. In the future it is possible that your personal data will be transmitted to the USA for the use of Google Firebase. At the moment, however, your data is only stored in Germany. Your data will be stored here permanently for the use of Google Firebase and will be deleted upon request or account deletion etc. The integration of Google Firebase serves to optimize our app and to improve our offers and is based on your consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR and § 25 Para. 1 TDDDG. You can revoke your consent at any time by clicking on the “Cookies” icon at the bottom of the screen and making the desired settings in the cookie consent banner that opens. Further information on Google Firebase is available at: https://firebase.google.com/ (basic information) and at: https://firebase .google.com/support/privacy (privacy policy).

Google AdSense

Our website and our mobile offers use Google AdSense, a service for integrating advertisements from Google. For this service to integrate advertisements, Google AdSense also uses cookies and text files, which are stored on your end device and which enable an analysis of the use of the website. In addition, Google AdSense also uses web beacons (invisible graphics). Due to the web beacons, information such as visitor traffic on websites can be evaluated. Cookies and web beacons are used to generate information about the use of our website, including your IP address. The delivery of advertising formats is then transmitted to a Google server in the USA and stored there, as with Google Analytics. The stored information can then be passed on by Google to their contractual partners. Nevertheless, the information collected by Google about your IP address will not be merged with other data stored by you. The use of Google AdSense is based on your consent in accordance with Art. 6 para. 1 S.1 1 lit. a GDPR and § 25 para. 1 TDDDG. You can revoke your consent at any time by clicking on the “Cookies” icon at the bottom of the screen and making the desired settings in the cookie consent banner that opens. 

Push-Notifications

When you first open our app, you will be asked if you want to receive push notifications. Such notifications allow us to notify you of various events or features related to our offerings while the app is running in the background. You can change the notification options at any time via the settings options of your end device. Messages are sent via the Google Firebase Cloud Messaging service (Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA). Further information on Google Firebase Cloud Messaging can be found at: https://firebase.google.com/products/cloud-messaging/  (basic information) and at: http://www.google.de/intl/de/policies/privacy  (Data protection).

The legal basis for the push notifications is your consent, which can be revoked at any time, in accordance with Article 6 para. 1 S. 1 lit. a GDPR.

Use of social Media

Among other things, we are represented on social networks to communicate with customers and interested parties and to provide information about our offers.

User data can be processed by the respective social networks for advertising and market research purposes. For this purpose, e.g. cookies are stored on the end devices of the users. On the basis of the information obtained in this way, advertising activities can be carried out within the social networks or on third-party websites, for example. In this context, there is also the possibility that we can access aggregated information.

The legal bases for the data processing carried out by the social networks under their own responsibility can be found in the data protection declaration of the respective services.

Below you will find the relevant links, which you can use to obtain further information on data processing and your rights as a data subject:

  • Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin)
  • Twitter ((formerly known as Twitter, Twitter X Corp.Inc , One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Irland)
  • LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland)
  • Xing (Xing SE, Dammtorstraße 30, 20354 Hamburg, Deutschland)

‍Notes on links to external websites

No liability is assumed for the content of the links (references) provided on this website or in the app to other (external) websites. The respective operators are exclusively responsible.

Transfer of data to third countries

As can be seen from this data protection declaration, we use services whose providers are partly located in third countries - not in the EU or the EEA - or process personal data there. In such countries, there may be a different level of data protection than in the EU. In this case, and if there is no adequacy decision by the EU Commission for the countries, we have taken appropriate measures to ensure an appropriate level of data protection for any third-country transfers. This includes, among other things, the use of the corresponding standard contractual clauses of the EU Commission as well as necessary additional measures.

If data is transferred to third countries without a corresponding adequacy decision or suitable guarantees, there may be a risk that third-country security authorities may gain access to the data transferred and your rights as a data subject will be extremely difficult to enforce.

Rights of the persons affected

You have the right:

  • To request information about your processed personal data in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;
  • pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
  • pursuant to Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this, arising from your particular situation. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

If you would like to make use of your right of revocation or objection, an e-mail to help@cariqa.com is sufficient

Data security

Within the website visit and the use of our mobile offers, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. The security measures are continuously improved in line with technological developments.

Change to the privacy policy

We regularly review our privacy policy and make updates where appropriate.

This data protection declaration was last updated on 27.Aug.2024.

** The English privacy terms are purely for reference. The German privacy terms are legally binding.