• Charging programs
  • Companies
  • Households
  • Cities
  • Dashboard
  • About us
  • Client Zone

Privacy policy

In relation to the provision of our electromobility products and services, we acquire and use personal data of interested parties, customers, newsletter subscribers, app users and potentially other natural persons (“customers”). We want to give our customers an overview of what data we use, what we do with them, who we disclose them to, and we also want our customers to understand their rights, which they can exercise to have control over their personal data.

This document contains information on the terms and conditions of processing personal data of customers in line with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and the Act No. 18/2018 Z.z. on Personal Data Protection and on amendment of certain acts (“Act”).


1 TERMS AND DEFINITIONS

We believe that more information leads to better understanding of the rules of processing personal data. In the following part, we therefore explain the most important terms used in relation to personal data protection.

Personal data – means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject – is identified or identifiable natural person who is the subject of personal data. Data subjects are all ZSE Customers – natural persons (including self-employed entrepreneurs).

Controller – is the subject who determines the conditions of personal data processing and is responsible for personal data processing.

Processor – means the subject who processes personal data on behalf of the controller. The controller may authorise the processor to process personal data without the data subject's consent, however, the controller must verify that the processor provides sufficient guarantees to ensure compliance of personal data processing with the GDPR.

Processing - means any operation which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


2 RESPONSIBILITY FOR PERSONAL DATA PROCESSING

Západoslovenská energetika, a. s., with registered office at Čulenova 6, 816 47 Bratislava, CRN: 35 823 551, registered in the companies register of Municipal Court Bratislava III, Section: Sa, File No.: 2852/B (“ZSE” or “we” in the applicable form), www.skupinazse.sk, processes personal data of customers in the scope and under conditions indicated in this document and as a controller, is responsible for their protection and processing. Unless otherwise stated in legal regulations, ZSE is also responsible for the processing of personal data by processors appointed by ZSE for this purpose.


3 CONDITIONS OF PERSONAL DATA PROCESSING


3.1 PERSONAL DATA CATEGORIES

Depending on the specific purpose of processing and the legal basis, we process the following categories of personal data (specific scope of personal data used for given purpose is indicated in Clause 3.2):

a) Identification data (name, surname, title, date of birth, Business ID, data on listing in a registry or other records);

b) Contact data (address of residence/place of business, mailing address, telephone number, email address);

c) Bank details;

d) Charging card information (holder, card ID number);

e) Information on the vehicle to which the charging card is assigned (brand, model, type, year of registration, licence plate);

f) Information on the use of products and services, especially what type of products is used and how (e.g. data on the place, time and duration of the charging or contractual performances provided);

g) Other data provided by the customer related to the use of products and services or handling of the customer's requests;

h) Customer zone credentials (email, password);

i) Information on the user's activity in the Customer zone (user's preferences and interests);

j) Information on the customer's interaction and feedback (viewed an offer, showed interest in a certain product, experiences with the product, requests, complaints);

k) Audio recordings of calls;

l) Other data necessary to comply with legal requirements, and defend, exercise and prove legal claims.

 

3.2 LEGAL BASIS AND PURPOSE OF USING PERSONAL DATA

We use personal data of customers only if it necessary for the performance of the contract and within pre-contractual relations if mandated by applicable laws, if necessary to protect our legitimate interests or if the customers granted us valid consent.

Data processing based on consent is characterised by voluntariness, meaning that customer as the data subject may withdraw the consent at any time. In such case we will stop using personal data and if there is no other legal basis to use or store them, they will be destroyed without undue delay.

Provision and processing of personal data for purposes of contract performance and pre-contractual relations is contractually required. If personal data are not available in the necessary scope (especially to verify the identity and acquire data necessary for the contract performance), we are unable to conclude the contract.

We want to protect certain interests which are important for our usual business (e.g. collecting debts, defending other legal claims), and we use personal data of customers for this purpose. We always take care not to make our legitimate interests excessive. If, despite this, the customers are concerned that data processing prevails over their basic rights and liberties, they may object to it.

Personal data are processed and disclosed to other subjects if there is a legal requirement stipulated by law.

Acquired personal data can subsequently be processed for statistical purposes in a manner compatible with the original purpose, whereas ZSE shall ensure that personal data are only used to the necessary extent, or that only information which is not deemed personal data is processed.

 

3.2.1. Contract performance and pre-contractual relations

ZSE processes personal data as part of pre-contractual relations, e.g. to send the contract, handover protocols and other documents, if the customer shows interest via the contact form, email or phone call; or to provide requested additional information to a product or service; to conclude, change and terminate the contract in line with applicable laws; deliver goods or provide services depending on the subject of the contract; for the use of ZSE apps; registration in the Customer zone at www.zsedrive.sk; invoicing; handling the customer's requests and communication with the customer in other matters.

For this purpose we process personal data categories indicated in Clause 3.1 a) – h), whereas the exact scope of data depends on the applicable contractual documentation and other documents. The duration of the processing is limited by the term of the respective contractual relationship. After the contract termination, we store and process personal data for purposes of fulfilling legal obligations and our legitimate interests in line with Rules and Plan of Company Records for up to 10 years from the termination of contractual relationship, unless a justified need arises in the future to store the data for longer (e.g. due to ongoing court or other proceedings). Personal data will only be used to fulfil the purposes of processing which remain even after the termination of the contractual relationship, and will not be used in any other way.

 

3.2.2 Legal obligation

As part of compliance with the obligations stipulated by law, we process personal data (including their disclosure to other subjects) especially for the following purposes:

− resolving legal disputes (Act No. 160/2015 Z. z. Code of Civil Contentious Procedure, Act No. 162/2015 Z. z. Code of Administrative Court Proceedings and related laws);

− disclosure of information for purposes of criminal proceedings (Act No. 301/2005 Z. z. Criminal Procedure Code, Act No. 171/1993 Zb. on Police Force and related laws);

− disclosure of information required for the evaluation of the state of facts (Act No. 160/2015 Z.z. Code of Contentious Civil Procedure and related laws);

− alternative resolution of consumer disputes (Act No. 391/2015 Z.z. on Alternative Resolution of Consumer Disputes),

− resolving distrainment (Act No. 59/2018 Z.z. Code of Distrainment Procedure),

− bankruptcies and restructuring (Act No. 7/2005 Z.z. on Bankruptcies and Restructuring),

− registry administration – recording, creation, storage, protection of registry records, access to them and ensuring of their elimination (Act No. 395/2002 Z.z. on Archives and Registries),

− resolving administrative proceedings (Act No. 71/1967 Zb. Administrative Procedure Code and related laws),

− offence proceedings (Act No. 372/1990 Zb. on Offences and related laws),

− handling complaints (Act No. 250/2007 Z.z. on Consumer Protection),

− handling data subject requests to exercise rights under GDPR and the Act,

− notification of infringement of personal data protection under GDPR and the Act,

− processing of accounting documents (Act No. 431/2002 Z.z. on Accounting, Act No. 222/2004 Z.z. on Value-Added Tax),

− tax administration (Act No. 563/2009 Z.z. Tax Procedure Code, Act No. 595/2003 on Income Tax),

− compliance with relevant legal or regulatory requirements in special cases under other applicable laws.

For this purpose we use personal data categories under Clause 3.1 a) – g), k) and l), whereas the exact scope of personal data depends on the applicable laws and specific situation.

Time of personal data processing is based on applicable laws. If, in the specific case, there is no justified need to retain the data over a longer period, they are stored for no longer than 10 years from the termination of the contractual relationship.

Personal data are disclosed to public authorities and other authorised entities under applicable laws. These are particularly courts of law, lawyers, distrainors, notaries, trustees in bankruptcy, law enforcement authorities, tax administrator, district authorities, Office for Personal Data Protection of the Slovak Republic, Labour Inspectorate, Ministry of Interior of the Slovak Republic.

 

3.2.3 Legitimate interest

Legitimate interest is the basis for processing personal data if we follow certain interests crucial for us, whereas the personal data processing is required to protect and perform these interests. As prior consent is not required for using customer data, personal data processing has to be done in an adequate manner, which the data subjects can expect in connection with relations concerning ZSE, and in a manner that prevents excessive interference with interests and basic rights of data subjects.

You have the right to object to the processing of data for purposes of justified interests. In that case we may still process your personal data only if we prove necessary justified reasons for processing which prevail over your interests, rights and liberties.

ZSE processes personal data for purposes of legitimate interests, which are:

− protection of property and property rights,

− proving the compliance with legal and contractual obligations,

− ensuring and improving quality of services,

− customer care,

− building our relationship with the customer and increasing customer satisfaction.

Personal data are processed for these purposes in the following cases:

− Recording data subject's requests for execution of their rights. Personal data categories under Clause 3.1 a) – b), g) are processed for 5 years from the handling of the request.

− Exercising, defending and proving legal claims (e.g. to recovery of receivables, compensation for damage). Scope of processed personal data categories as per Clause 3.1 a) – g). Period of storing depends on legal periods of limitation. Unless longer storage can be justifiably assumed in the specific case, data are stored for 10 years from the termination of the contractual relationship.

− Records of incoming and outgoing mail. Scope of processed personal data categories as per Clause 3.1 a) – b). Retention period is 5 years from when the mail was received or sent.

− Administration and records of contracts and other agreements. Scope of processed personal data categories as per Clause 3.1 a) – e) depending on the document. Data are stored for no longer than 10 years from the contract termination.

− Direct marketing - sending information on offers on our goods and services in cases when we assume that such information is interesting to the customer, as they have been using a similar product or service. Direct marketing can only be done by means of mail or email (not via phone), whereas customers are entitled to object to it any time. In case of objections, personal data shall not be further used for direct marketing. Scope of personal data processing: name, surname, residence / registered office, mailing address, email address, information on products used. Personal data are retained no longer than the contractual term (meaning we do not use direct marketing with former customers).

− Customer satisfaction surveys regarding products and services, and their evaluation in order to increase the quality of services and customer satisfaction in cases when customers—due to their contractual relationship with ZSE—may reasonably expect that they will be contacted (e.g. new customers who recently complained, started using a new product or service or used some of the benefits offered by the service or product). Scope of processed personal data categories as per Clause 3.1, a), b), f), g). Data are stored for the duration of the contractual relationship.

− Statistical purposes. Personalised data and data regarding the contractual relationship with ZSE are processed only in justified cases and in the necessary extent; and statistical outputs do not contain personal data. Data are processed during the preparation of statistical data.

− Answering user reactions via social networks. Name of the user account is processed (name, surname). ZSE does not retain data.

− Sending greetings and other non-marketing information on special occasions, such as important holidays, name day, birthday. Scope of personal data processing: name, surname, date of birth, email address. Data are processed for the duration of the contractual relationship.

− Organising competitions for customers, their evaluation and announcement of results. Scope of processed personal data categories as per Clause 3.1 a), b). Exact scope of data may differ depending on the type of competition. Personal data will be processed until the evaluation of the competition and announcement of results. Personal data of winners who will take over their prizes are further processed for purposes of contract performance (see Clause 3.2.1) and fulfilment of legal obligations (see Clause 3.2.2).

− Identification and resolution of anomalies in processes and systems concerning the customer. Scope of processed personal data categories as per Clause 3.1, a), b), d), f) and h). Personal data are processed for the duration of the contractual relationship between the customer and ZSE.

 

3.2.4 Consent to process personal data

Consent to process personal data is required if processing cannot be done under one of the aforementioned legal bases. The customer, in his/her position of a data subject, may express his/her consent by various means, particularly in writing, verbally or by electronic means (e.g. ticking a web form field).

The consent is particularly characterised by the fact that it has to be freely given (you cannot force the data subject to grant consent) and voluntary. Voluntary means that the granted consent may be withdrawn at any time in a manner equally simple as granting it was (which does not mean that it has to be the same manner). If the consent is withdrawn, personal data cannot be further processed and have to be discarded (under the assumption there is no further purpose for processing based on a different legal basis). Withdrawal of the consent has no effect whatsoever on the legality of processing prior to the withdrawal.

ZSE processes personal data of customers under granted valid consent for the following purposes:

− Informing on news in the field of electromobility by means of an electronic newsletter. The newsletter can contain also advertising information on own ZSE products and services (new products, advertising campaigns, special offers, discounts, bonuses). Newsletter subscribers are only provided with general information, without specific individual consideration of their preferences. Scope of processed personal data categories: email address. Data are retained during the term of the valid consent, which is granted for 2 years.

− Informing on ZSE’s own products and services (marketing campaigns, special offers, discounts, bonuses) via mail, phone or email. Customers are only provided with general information, without specific individual consideration. Scope of processed personal data categories as per Clause 3.1 a) and b).

− Informing on ZSE’s own products and services (marketing campaigns, special offers, discounts, bonuses) tailored to the customer’s individual interests based on analysis of information on the use of products and services, preferences and interests of the customer (e.g. viewing of a certain offer, showing interest in a product, etc.). Scope of processed personal data categories as per Clause 3.1, a), b), f), i), j).

− Analysis of customer experience with ZSE products and services and its evaluation in order to optimise and increase the quality of provided services and customer satisfaction. Scope of processed personal data categories as per Clause 3.1, a), b), f) and g). Data are retained during the term of the valid consent.

 

3.3 SOURCE OF PERSONAL DATA

ZSE collects personal data particularly from customers in their position of data subjects, from public authorities and other subjects specified in Clause 3.2.2., as well as publicly available sources. If personal data are to be collected from another natural person, we require previous written consent of the data subject, save for cases when applicable laws specify otherwise.

 

3.4 AUTOMATED DECISIONS, PROFILING, COOKIES

We do not make automated individual decisions including profiling without human intervention which would have any legal effects or other significant impact on the customers.

ZSE-operated websites (www.zsedrive.sk, www.kdenabijat.sk and others) use cookies. Cookies are files stored by the server in the browser of the device of the visitor when entering a website or using the website (hereinafter only as “cookies”). Cookies enable e.g. the collection of data on the use of websites, data on selections, preferences and website settings of the visitors. You can find more information in the conditions for using cookies on the respective websites.


3.5 PERSONAL DATA TRANSFER

Transfer of personal data to third countries (outside EU/EEA) will only take place if according to the decision of the Commission (EU) the third country provides adequate protection or the controller and/or processor who imported the data offered adequate guarantees of personal data protection (e.g. through standard clauses on data protection).

 

4 DATA RECIPIENTS

Customers' personal data are provided to processors who were authorised by us to process them on our behalf. These are particularly ZSE Group companies (www.skupinazse.sk), printing companies, call centre service providers, consulting companies and agencies, collection companies, suppliers of RFID cards, providers of IT services and other persons whose services we use during the provision of our services. We carefully choose our processors to be able to ensure that the legal requirements for data protection are met.

ZSE provides personal data of customers also to parcel and courier companies, state authorities and other subjects in the scope of legal obligations (see Clause 3.2.2) and in the event of using electromobility services abroad, necessary data are exchanged with the applicable roaming partner.

If the subject of the contract with the customer is the provision of the Assistance services benefit via a third party, personal data of the customer may be disclosed to such third party.


5 JOINT CONTROLLERS

ZSE and W.A.G. payment solutions, a.s., Na Vítězné pláni 1719/4, 14000, Prague, Czech Republic, CRN: 264 15 623, registered in the Companies Register of the Municipal Court Prague under number B 6882 

as the so-called joint controllers under Article 26 (2) of the GDPR process personal data in the following scope:

a)       identification data (name, surname)

b)       contact data (phone number, email)

c)       transaction and accounting data concerning the charging

The purpose of processing is the provision of electronic trip logbook services to the client and vehicle charging data.

Under Article 15 and following of the GDPR, data subject may exercise their rights concerning such personal data processing against any of the joint controllers. The joint controllers agreed to cooperate in fulfilling such request. For more information on personal data processing see the joint controllers' websites

https://cz.eurowag.com/zasady-ochrany-osobnich-udaju

https://zsedrive.sk/ochrana-osobnych-udajov

 

6 DATA SUBJECT'S RIGHTS AND THEIR EXERCISE


6.1 Customer's rights

Customer as the data subject is entitled to:

− withdraw the consent to process personal data at any time (if the processing is based on their consent),

− obtain from ZSE a confirmation whether personal data relating to him or her are processed and if so, he or she is entitled to access to such personal data, information on personal data processing and a copy of data (ZSE shall be entitled to charge an adequate fee for administrative costs related to issuing additional copies),

− for ZSE to rectify incorrect personal data relating to the data subject without undue delay,

− right to erasure, i.e. right to make ZSE without undue delay erase personal data relating to him or her, and the controller is obliged to erase personal data without undue delay, provided that conditions indicated in Article 17 of GDPR are met,

− right to restriction of personal data processing in cases specified in Article 18 of GDPR;

− right for transferability of data, meaning the right to get personal data related to him/her, which he/she provided to ZSE, in a structured, generally used format that can be displayed on computers, and the right to transfer this data to another controller, if conditions under Article 20 of GDPR are met,

− to object to the processing of personal data related to him/her any time due to reasons related to his/her specific situation, if such processing is being conducted based on a legitimate interest, including objecting to profiling,

− right not to be subject to decisions based exclusively on automated processing, including profiling, which has the legal effects applying to him/her, relates to him/her or significantly impacts him/her,

− seek protection of his/her rights at the relevant court under Article 78 of GDPR;

− file a complaint with the supervisory authority, especially in the member state of his or her habitual residence, place of work or place of the alleged infringement if the data subject assumes that the processing of personal data relating to him or her infringes GDPR. For the Slovak Republic, the supervisory authority is the Office for Personal Data Protection of the Slovak Republic, Budova Park one, Námestie 1. mája 18, 811 06 Bratislava, phone: +421 2 3231 3214, email: statny.dozor@pdp.gov.sk.

 

6.2 How to exercise your rights

In order to protect the rights of customers and prevent potential misuse or leak of personal data, data subjects' rights can be exercised exclusively in the following manner:

− By means of a letter sent or delivered to the registered office / mailing office of ZSE;

− Via email at: elektromobilita@zse.sk.

For the request to exercise the rights to be accepted it is necessary to sufficiently identify the applicant and to clearly specify the subject of the request. Otherwise the request will be rejected. In order to make access to their rights easier for data subjects, we prepared request templates available at www.skupinazse.sk, section “Personal data protection”.

With regard to the right to access to data, the right for transferability of data and right to erasure of data whose misuse could seriously affect the data subject's rights and liberties, we recommend the applicant's signature on the request sent by post or delivered to the mailing room to be officially certified; if the request is sent via email, it should be signed using the applicant's qualified electronic signature.

If the data subject's right is exercised by another person based on the power of attorney, we require the original of the power of attorney with officially certified authorizer's signature; the power of attorney may not be older than 6 months.

 

7 DATA PROTECTION OFFICER

Should you have any questions or comments related to personal data protection, please contact our data protection officer via email at: dpo@zse.sk or by means of letter to Západoslovenská energetika, a.s. – Data protection officer, Čulenova 6, 816 47 Bratislava.

 

8 FINAL PROVISIONS

With effect from 15 January 2025, this document replaces previous information on the protection and processing of personal data.

 

Version: January 2025


Cookies settings

By using our websites you agree with the use of cookies which help us offer you a better browsing experience (more information)

Choose selection