Skip to main content
Zingrev

Privacy Policy

Effective Date: October 2025

Last Updated: October 2025

1. Introduction

1.1 This Privacy Policy (“Policy”) describes how Zingrev OÜ, registry code 17315908, a private limited company incorporated in Estonia with registered office at Tuukri tn 19-202, Kesklinna linnaosa, Tallinn, 10120, Estonia (“Zingrev”, “we”, “our”, or “us”), collects, uses, stores, discloses, and protects the personal data of Users (“you”, “your”) when you access or use our website at https://zingrev.com, our mobile application (“Zingrev App”), and our web application (together, the “Platform”).

1.2 This Policy is drafted in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Estonian Personal Data Protection Act, and applicable European Union and national legislation governing privacy, electronic communications, and data security.

1.3 We recognise that personal data is a valuable asset belonging to our Users. Protecting your privacy is not only a legal obligation but also a core commitment of our business.

2. Data Controller

2.1 For the purposes of Article 4(7) GDPR, the data controller responsible for processing your personal data is:

  • Zingrev OÜ
  • Registry code: 17315908
  • Registered Office: Tuukri tn 19-202, Kesklinna linnaosa, Tallinn, 10120, Estonia
  • Email: legal@zingrev.com

2.2 In certain cases, such as payment processing, independent data controllers (e.g., our licensed Payment Provider) will also process your data. In those cases, both Zingrev and the Payment Provider may act as independent controllers in accordance with Article 26 GDPR.

2.3 Where Zingrev acts as a data processor (for example, processing data on behalf of Charger Providers), we do so strictly in accordance with written instructions and with appropriate contractual safeguards in place.

3. Categories of Personal Data Collected

We collect and process the following categories of personal data:

3.1 Identification and Contact Data

  • Full name, phone number, email address.
  • Date of birth, national ID/passport details, address (where identity verification is required).

3.2 Account & Profile Data

  • EV Driver: vehicle make, model, registration number, battery details.
  • Charger Provider: charger location, capacity, technical specifications, availability, and pricing.

3.3 Financial & Transaction Data

  • Bank account and payout details (for Charger Providers in the Payment Providers system).
  • Payment method details (processed securely by Payment Providers; Zingrev does not store
    store any payment method related
    data).
  • Records of payments, reservations, invoices, and receipts.

3.4 Location Data

  • GPS data when EV Drivers
    or Charger Provider creates, updates, and deletes any data
    .
  • Address and geolocation of chargers listed by Charger Providers.

3.5 Communication Data

  • In-app chat messages and metadata (time, sender, recipient)
    stored by the Third-Party Providers
    .
  • Call metadata (duration, timestamp; NOT the call content).
  • Customer support requests and responses.

3.6 Technical & Device Data

  • IP address, device identifiers, operating system, browser type, app version.
  • Log data, cookies, and analytics information.

3.7 Special Categories of Data

We do not intentionally collect special categories of personal data (Art. 9 GDPR). If such data is inadvertently shared by Users, we will process it only where lawful and will minimise retention.

4. Purposes of Processing and Legal Bases

In accordance with Article 6 GDPR, we process personal data only where a lawful basis exists.

4.1 Account Creation and Management

  • Purpose: To register you on the Platform, create and manage your profile, and authenticate you when logging in.
  • Legal Basis: Performance of a contract (Art. 6(1)(b) GDPR).

4.2 Provision of Services (Reservations & Charging Sessions)

  • Purpose: To enable EV Drivers to reserve chargers, enable Charger Providers to offer services, and to facilitate the execution of Charging Sessions.
  • Legal Basis: Performance of a contract (Art. 6(1)(b) GDPR).

4.3 Payments and Payouts

  • Purpose: To process payments from EV Drivers and payouts to Charger Providers.
  • Legal Basis: Performance of a contract (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)) for accounting compliance.

4.4 Identity and KYC Checks

  • Purpose: To verify the identity of Users where required (particularly EV Driver and Charger Providers).
  • Legal Basis: Legal obligation (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f)) in fraud prevention.

4.5 Location-Based Services

  • Purpose: To provide navigation, display nearby chargers, and ensure service availability.
  • Legal Basis: Consent (Art. 6(1)(a)).

4.6 Communications

  • Purpose: To enable in-app communication between Users and to provide customer support.
  • Legal Basis: Performance of a contract (Art. 6(1)(b)).

4.7 Security and Fraud Prevention

  • Purpose: To detect, prevent, and investigate misuse or fraud.
  • Legal Basis: Legitimate interests (Art. 6(1)(f)).

4.8 Legal Compliance

  • Purpose: To comply with obligations under Estonian accounting, tax, and regulatory laws.
  • Legal Basis: Legal obligation (Art. 6(1)(c)).

4.9 Marketing and Service Updates

  • Purpose: To send promotional offers, service updates, and newsletters.
  • Legal Basis: Consent (Art. 6(1)(a)); legitimate interest for direct marketing to existing customers (Art. 6(1)(f)).

5. Sharing of Personal Data

We may share personal data in the following circumstances:

5.1 With Other Users

  • EV Drivers: necessary profile details are shared with Charger Providers for Reservations.
  • Charger Providers: charger details are displayed to EV Drivers.

5.2 With Service Providers

We engage third-party processors for:

  • Payment processing (licensed PSD2-compliant providers).
  • Identity verification.
  • Hosting and IT infrastructure.
  • Customer support.

All processors are bound by Data Processing Agreements in accordance with Art. 28 GDPR.

5.3 With Public Authorities

We may disclose personal data where required to comply with legal obligations, regulatory requests, or court orders.

5.4 With Professional Advisors

For legal, financial, and auditing purposes.

5.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the business transaction, in accordance with GDPR.

6. International Data Transfers

6.1 We primarily process personal data within the European Economic Area (EEA).

6.2 If personal data is transferred outside the EEA, such transfers will be made only:

  • To countries with an adequacy decision by the European Commission (Art. 45 GDPR); or
  • Subject to Standard Contractual Clauses approved by the European Commission (Art. 46 GDPR); or
  • Under Binding Corporate Rules.

6.3 Users may request a copy of the safeguards in place for international transfers by contacting us.

7. Data Retention

We retain personal data only for as long as necessary:

  • Account Data: retained for the life of the account. Deleted within 90 days of account closure, unless legal obligations require longer retention.
  • Transaction Data: retained for 7 years (Estonian accounting law).
  • Support Communications: retained for 3 years for dispute resolution.
  • Marketing Data: retained until you withdraw consent or unsubscribe.
  • Technical Logs: retained for 1 year for security purposes.

After the retention period, data will be securely deleted or anonymised.


8. Data Subject Rights

As a data subject, you have the following rights under GDPR:

8.1 Right of Access (Art. 15 GDPR)

You may request confirmation as to whether we process your data and obtain a copy.

8.2 Right to Rectification (Art. 16 GDPR)

You may request correction of inaccurate or incomplete personal data.

8.3 Right to Erasure (Art. 17 GDPR)

You may request deletion of your data where no lawful ground for retention exists.

8.4 Right to Restriction (Art. 18 GDPR)

You may request restriction of processing in certain circumstances (e.g., while accuracy is contested).

8.5 Right to Data Portability (Art. 20 GDPR)

You may receive your data in a structured, machine-readable format and transmit it to another controller.

8.6 Right to Object (Art. 21 GDPR)

You may object to processing based on legitimate interests or direct marketing.

8.7 Right to Withdraw Consent (Art. 7(3) GDPR)

You may withdraw consent at any time, without affecting prior processing.

8.8 Complaint Right (Art. 77 GDPR)

You may lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local supervisory authority.

9. Security Measures

We apply technical and organizational measures under Article 32 GDPR, including:

  • Encryption of data in transit and at rest.
  • Access controls limiting staff access to personal data.
  • Regular audits and security monitoring.
  • Incident response plans for data breaches.

In the event of a data breach likely to result in a risk to your rights and freedoms, we will notify affected Users and supervisory authorities in accordance with Articles 33 and 34 GDPR.

10. Children’s Data

10.1 The Platform is not intended for children under 18.

10.2 We do not knowingly collect data from minors.

10.3 If we become aware of such data collection without parental consent, we will delete it immediately.

11. Cookies and Tracking

Our use of cookies and similar technologies is described in our Cookie Policy, which forms part of this Policy.

12. Marketing Communications

12.1 With your consent, we may send newsletters, promotions, and updates.

12.2 You may withdraw consent or opt-out at any time by:

  • Clicking “unsubscribe” in emails;
  • Adjusting settings in the Platform; or
  • Contacting us directly.

13. Changes to this Policy

We may revise this Policy periodically. Material changes will be notified via the Platform or email.

Continued use of the Platform after changes take effect constitutes acceptance.

14. Contact

For questions or to exercise your rights, please contact:

Zingrev OÜ

📍 Tuukri tn 19-202, Kesklinna linnaosa, Tallinn, 10120, Estonia

📧 Email: legal@zingrev.com 

...