Privacy Policy for akkuplan

akkuplan is a smart EV charging optimization service that manages your electric vehicle charging based on electricity prices and your usage patterns. This privacy policy explains how Invisible Computers GmbH uses the personal data we collect from you when you use our website and service.

Legal Basis for Processing Your Data

We process your personal data based on the following legal grounds under Article 6 of the GDPR:

• Contract Performance (Art. 6(1)(b) GDPR): We process your account data, vehicle data, charging preferences, and optimization history because this processing is necessary to provide the akkuplan service you have signed up for. Without this data, we cannot deliver the charging optimization service.
• Legitimate Interests (Art. 6(1)(f) GDPR): We process server and monitoring logs to ensure service security, prevent abuse, and troubleshoot technical issues. These are legitimate interests that do not override your fundamental rights and freedoms.
• Legal Obligation (Art. 6(1)(c) GDPR): We retain certain financial records to comply with tax and accounting obligations under German law.

We do not use your data for advertising, tracking, or selling to third parties. We only process data necessary to provide and improve our charging optimization service.

What data do we collect, how do we use it and what is the purpose of collecting this data?

• When you sign up for akkuplan, we collect and store your email address for account authentication and service notifications.
• We collect and store OAuth tokens that provide access to your vehicle manufacturer's API (e.g., BMW, Tesla, Volkswagen). These tokens allow us to read your vehicle's state of charge, charging status, and control charging behavior on your behalf.
• We collect vehicle data including battery state of charge (SoC), charging status, vehicle range, and charging patterns. This data is necessary to optimize your charging schedule and ensure your vehicle is ready when you need it.
• We store your charging preferences including target state of charge, departure times, and any manual overrides you configure. This is necessary to provide the charging optimization service.
• We may collect electricity pricing data based on your configured tariff provider to optimize charging times for cost savings.
• We retain logs containing the time and content of data transfers between your vehicle, our service, and third-party APIs, as well as logs containing events that occur within our server application. If you are logged in, we may link these logs to your account. However, we will not store authentication credentials.
• We collect charging session data including start/end times, energy consumed, and estimated costs for historical analysis and service improvement.

How do we store your data?

We retain your personal data as follows:

• Account data (email, settings): Until you close your account or request deletion
• Vehicle data (connectivity, charging status, SoC, usage patterns): Retained for as long as your account is active and the vehicle is connected, as this data is necessary to provide our charging optimization service. Deleted when you remove the vehicle or close your account.
• Vehicle credentials and API tokens: Until you remove the vehicle from your account or close your account
• Charging preferences and optimization history: Until you close your account or request deletion
• Server and monitoring logs: 30 days for security, troubleshooting, and abuse prevention
• Financial records (if applicable): 10 years as required by German tax law

Invisible Computers GmbH securely stores your personal data in the data centers of our third-party data processors.

Our third-party data processors are:

• Hetzner Online GmbH - Server infrastructure (Germany)
• Mailgun (Sinch MessageMedia) - Email notifications (EU servers)

Third-Party Services You Authorize:

To provide charging optimization, you authorize us to connect to your vehicle manufacturer's services (e.g., BMW, Tesla, Volkswagen) on your behalf. Depending on the manufacturer, this may involve OAuth authorization or providing your vehicle account credentials. Important points:

• We act as your agent to access vehicle data and control charging on your behalf
• We only access the minimum data needed (vehicle state, charging status) and only send commands based on your configured preferences
• The vehicle manufacturer is an independent data controller with their own privacy policy and terms of service
• You are responsible for ensuring your use of akkuplan complies with your vehicle manufacturer's terms of service
• We store your vehicle account credentials, but you can revoke access anytime by removing the vehicle from akkuplan
• We are not responsible for the manufacturer's data practices, service availability, or how they process data from their APIs

International Data Transfers

Our data processors (Hetzner, Mailgun) operate within the European Economic Area (Germany and EU servers). However, some vehicle manufacturers are located outside the EEA:

• Tesla Inc. - United States
• Other manufacturers may also be based in non-EEA countries

When you authorize us to connect to a vehicle manufacturer outside the EEA, your vehicle data may be transferred to and processed in countries that may not offer the same level of data protection as the EEA.

For transfers outside the EEA, the following safeguards apply:

• Our data processors (Hetzner, Mailgun) use Standard Contractual Clauses (SCCs) approved by the European Commission
• When you authorize connection to a vehicle manufacturer outside the EEA, you explicitly consent to this data transfer as it is necessary for the service you requested
• Vehicle manufacturers operate as independent data controllers under their own privacy policies and transfer mechanisms (such as Privacy Shield successor frameworks or their own SCCs)

What are your data protection rights?

Invisible Computers GmbH would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

• The right to access – You have the right to request Invisible Computers GmbH for copies of your personal data. We may charge you a small fee for this service.
• The right to rectification – You have the right to request that Invisible Computers GmbH correct any information you believe is inaccurate. You also have the right to request Invisible Computers GmbH to complete the information you believe is incomplete.
• The right to erasure – You have the right to request that Invisible Computers GmbH erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that Invisible Computers GmbH restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to Invisible Computers GmbH's processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that Invisible Computers GmbH transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: info@invisible-computers.com

Cookies

Our website uses minimal cookies necessary for basic functionality. We do not use tracking or advertising cookies without your explicit consent.

Changes to our privacy policy

Invisible Computers GmbH keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on November 9, 2025.

How to contact us

If you have any questions about Invisible Computers GmbH's privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: info@invisible-computers.com

Or write to us at:

Invisible Computers GmbH
Friedhofstraße 4d
24937 Flensburg
Germany

How to contact the appropriate supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority. As Invisible Computers GmbH is based in Schleswig-Holstein, Germany, the competent supervisory authority is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98
24103 Kiel
Germany

Email: mail@datenschutzzentrum.de
Website: www.datenschutzzentrum.de

If you are located in another EU member state, you may also contact your local data protection authority.