Smart Battery Pass
Terms Privacy DPA Subprocessors Imprint
DE EN
Log in
Privacy under the GDPR

Privacy Policy

This Privacy Policy explains how Smart Battery Pass processes personal data on the website, in the SaaS application, in the Supplier Portal, in newsletter communication and in sales.

1. Controller

Smart Battery Pass Grigor Azati Muradyan
Irma-Keilhack-Ring 25
22145 Hamburg
Deutschland
Email: contact@smartbatterypass.com

No data protection officer has been appointed. Privacy requests may be sent to the address above.

2. Roles

For the website, leads, newsletter, customer account, billing and own communications, Smart Battery Pass acts as controller. For battery, supplier, evidence, passport and audit data processed by customers in the application, Smart Battery Pass generally acts as processor for the respective customer.

3. Categories of personal data

  • Website and security data: IP address, timestamps, URL, referrer, browser/device data, request ID and security events.
  • Lead and readiness check data: company, email address, battery category, form answers, score, recommended next steps and sales notes.
  • Account and organization data: name, email, role, organization, login/security status and settings.
  • Customer product data: battery models, attributes, supplier contacts, documents, evidence files, review comments, passport versions and audit logs.
  • Supplier Portal data: token access, submitted values, documents, comments, declarations and technical access data.
  • Billing data: plan, subscription status, Stripe customer reference, invoice and payment status. Full card data is not stored by Smart Battery Pass.
  • Newsletter data: email address, consent and unsubscribe timestamps, sending and delivery information.
  • Optional analytics data: Google Analytics cookie/client ID, page views, usage events and approximate location/device data where consent has been given.

4. Purposes and legal bases

  • Providing the website and application: Art. 6(1)(b) GDPR; website security: Art. 6(1)(f) GDPR.
  • Sales, readiness check and demo requests: Art. 6(1)(b) GDPR for pre-contractual communication and Art. 6(1)(f) GDPR for B2B sales interests.
  • SaaS contract, user management, supplier requests, evidence management and passport preview: Art. 6(1)(b) GDPR; for customer data as processor: Art. 28 GDPR.
  • Billing and accounting: Art. 6(1)(b) and (c) GDPR.
  • Audit logs, abuse detection, error analysis and IT security: Art. 6(1)(f) GDPR.
  • Newsletter and Google Analytics: Art. 6(1)(a) GDPR and German TDDDG section 25 for optional cookies/device access.

5. Cookies, Google Analytics and newsletter

Necessary cookies are used for session, login, CSRF protection, language settings and cookie consent. Optional analytics cookies for Google Analytics are set only with consent. Newsletters are sent only after subscription or where permitted in a B2B context and include an unsubscribe option.

6. Recipients and processors

Smart Battery Pass uses service providers for hosting, storage, email delivery, billing, monitoring, uptime checks and optional analytics. The current list is available on the Subprocessors page.

7. Third-country transfers

Smart Battery Pass is designed as an EU-hosted SaaS. For some providers, especially Google Analytics, Stripe, Sentry or uptime monitoring, processing outside the EU/EEA cannot be fully excluded. Appropriate safeguards are used in these cases.

8. Retention

  • Lead data is deleted or anonymized when no longer needed for sales purposes, regularly no later than 24 months without relevant contact activity.
  • Customer account and contract data is processed for the contract term and subsequent legal obligations.
  • Commercial and tax-relevant records are typically retained for up to 10 years.
  • Active product data is deleted or anonymized by default within 30 days after contract end unless otherwise agreed.
  • Audit logs are generally retained for compliance and evidence purposes for up to 10 years.

9. Data subject rights

Data subjects have GDPR rights to access, rectification, deletion, restriction, portability, objection and withdrawal of consent. They also have a right to lodge a complaint with a supervisory authority. Requests may be sent to contact@smartbatterypass.com.

10. Automated decisions

Smart Battery Pass generates readiness scores and validation hints as operational guidance. It does not make solely automated decisions with legal effect within the meaning of Art. 22 GDPR.

11. Changes

This Privacy Policy may be updated when the product, service providers, legal situation or technical processing changes. The current version is available on this website.

We use necessary cookies for security, login and language. Optional Google Analytics runs only with your consent. Learn more