Respect for privacy is an important part of Mer’s corporate culture. This culture facilitates that customers, suppliers and other stakeholders can have confidence that Mer processes their personal data in a proper manner. We work continuously to ensure compliance with applicable privacy laws, as well as our internal guidelines for privacy and protection of personal data. This privacy statement explains how, why and for how long Mer processes personal information about you.
WHO IS RESPONSIBLE FOR PROCESSING PERSONAL DATA
Mer Charging UK Limited (Mer UK – Public Charging) and Mer Fleet Services Limited (Mer UK – Fleet, Workplace & Home Charging) are controllers and responsible for ensuring that personal data is processed in compliance with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR), and national data protection laws. Mer UK – Public Charging and Mer UK – Fleet, Workplace & Home Charging may be joint controllers together with one or more companies within Mer Group.
THE PERSONAL DATA WE PROCESS
We process personal data in order to operate efficiently and provide the necessary services to our customers. We process the following personal data:
- contact information
- user account information
- charging consumption and consumption pattern
- financial information: for example payment card number
- details of what rights you have on behalf of the company you represent
WHY WE PROCESS PERSONAL INFORMATION
We process personal data to provide or procure products or services to or from you or your organization.
This includes the following purposes:
- Security and availability of our services
- Improving our service and communication channels
- Direct marketing
- Customer service
- Communication and social media
- Audits, inspections and reviews
- Due diligence
- Purchasing and procurement
HOW WE COLLECT PERSONAL DATA
We collect personal data from various sources. Below you will find some situations where we collect personal data. Data you provide to us, for example when you:
- enter into contracts or agreements with us
- submit forms to us
- access our websites or use our social media platforms
- establish a customer or supplier account with us
- send us emails or contacts us through other channels
Data collected from your activity, for example when you
- use our websites
- use our services app and/or portal
- order products or services from us
- location data once you have given consent
Data collected from third parties, for example from:
- public authorities
- credit institutions
- other publicly available information
STORAGE OF PERSONAL DATA
We store personal data for as long as is necessary to fulfill the purpose of the processing or to fulfill our legal obligations. Your personal data is stored and deleted in accordance with applicable laws.
WHO WE SHARE PERSONAL DATA WITH
We share personal data with:
We use a number of suppliers who provide services within IT, cloud computing, etc. We allow such suppliers to access / receive your personal data to the extent that it is necessary to provide the services. We enter into data processor agreements with our suppliers in order to protect your personal data. We use data processors outside the EU / EEA only if there is a legal basis for transferring personal data.
We will also disclose personal data where there is a legal requirement, i.e. where it follows from a judgment, ruling or decision of a court or administrative authorities, or as part of a legal process.
HOW WE SECURE YOUR PERSONAL DATA
We commit to protecting your personal data:
- We ensure that personal data is correct, accessible and protected according to the degree of sensitivity and risk
- We use a variety of security technologies and information security procedures to protect your personal data from unauthorized access, use or disclosure.
- We restrict access to your personal information to the staff or third parties who process the information on Mer’s behalf. These parties are subject to strict confidentiality requirements and Mer may take disciplinary action or terminate the agreement if these requirements are not complied with.
LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION
Mer processes personal data only if, and to that extent, at least one of the following situations applies:
- the data subject has consented to the processing of his or her personal data for one or more specific reasons
- the processing is necessary for the performance of a contract to which the data subject is a party, or to take the necessary measures prior to the conclusion of the contract at the request of the data subject
- the processing is necessary for compliance with a statutory obligation to which Mer is subject
- the processing is necessary to protect the life and health of the person to whom the information relates or other individuals
- the processing is necessary for the performance of a task in the public interest or in the exercise of official authority assigned to the Mer
- the processing is necessary for purposes related to a legitimate interest promoted by Mer or by a third party, with the exception of cases where such a legitimate interest is overridden by the interests or the fundamental rights and freedoms of the data subject and which require privacy
You have the right to ask us, at any time, to:
- give you further details on how we process your personal information
- give you a copy of the data we process relating to you
- update / correct your personal data
- provide you with information about the logic of automated processing of your personal data in cases where we use automated decisions
- delete personal data that we no longer have a legal basis to process
- provide you with your personal data in a structured, well-known and machine-readable format or transfer the information to another data controller
- stop a specific processing of personal data that is based on a legitimate interest, except if our purpose of the processing does not outweigh the consideration of your data protection rights
- restrict how we use your personal data
- complain via the contact information in this privacy statement or to the relevant judicial authority
If you have any queries, questions or complaints in connection with this privacy statement or our use of personal information you can contact us at [email protected]. You may also contact our Data Protection Officer via [email protected] .
If you believe that we process personal data in breach of the data protection legislation and your rights as a data subject, you also have the right to file a complaint to the local data protection authority, Information Commissioner’s Office using this contact form.
ABOUT THIS PRIVACY STATEMENT
This privacy statement is based on the transparency requirement of Regulation (EU) 2016/679 (General Data Protection Regulation). We will update this privacy statement when necessary. Changes will be published in this document.