KUKO Charge Privacy Policy
Updated Date: March 16, 2026
Effective Date: March 16, 2026
This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use this App and related services, as well as your rights as a data subject. Please read this Privacy Policy carefully before using our services.
1. Data Controller Information
Data Controller: Shanghai E-Mobility Technology Co., Ltd.
Company Address: Room 1001, Building 1, No. 299 Longcao Road, Xuhui District, Shanghai, China
Email: support@kukowallbox.com
2. Personal Data We Collect and How We Collect It
2.1. Data You Provide Directly
- 2.1.1. Account Registration Data: Email address, verification code, login password.
- 2.1.2. Profile Data: Optional information such as profile photo and nickname.
- 2.1.3. Wallbox Device Information: Device identifier (when adding a device) and parameters (when configuring it).
- 2.1.4. Email Address & License Plate Number: Email addresses of others (for device sharing) and license plate numbers (for license plate recognition).
- 2.1.5. Communication Data: Contents and contact details when you contact us via email, phone, online chat, or forms.
- 2.1.6. Survey and Promotion Data: Information you provide when you voluntarily participate in our user surveys, contests or promotional activities.
2.2. Data We Collect Automatically
- 2.2.1. Device and Technical Data: Device model, OS, device identifier, software version.
- 2.2.2. Charging Records: Electrical parameters (current, voltage, etc.) for real-time display; start time, energy consumed, etc., for charging history.
2.3. Device Permissions Requested
- 2.3.1. Location Permission: Used only for Bluetooth connection to the Wallbox. We do not collect your location information.
- 2.3.2. Camera Permission: For QR code scanning (to bind Wallbox) or taking profile photos.
- 2.3.3. Photo Library Permission: For uploading profile photos.
- 2.3.4. Bluetooth Permission: For connecting to the Wallbox.
2.4. Data Collected from Third Parties
- 2.4.1. Partners: With your consent, we may receive your contact information from business partners to provide complete services.
- 2.4.2. Public Sources: Publicly available feedback or comments you post about us (e.g., on social media).
3. Processing Purposes and Legal Basis
We only process your personal data on valid legal grounds. The main purposes of our data processing and corresponding legal basis are set out below:
| Processing Purpose |
Types of Personal Data Processed |
Legal Basis (GDPR) |
| Performance of Contract and Service Provision: Account creation/management, charging services, customer support, service notifications. |
Account registration data, charging records, communication data. |
Art. 6(1)(b): Necessary for the performance of a contract with you. |
| Based on Your Consent: Sending marketing communications, accessing specific device permissions (e.g., camera for QR code scanning, photo library for uploading images). |
Email address, device permissions, voluntary feedback. |
Art. 6(1)(a): You have given consent to the processing of your personal data for specific purposes. |
| Based on Legitimate Interests: Improving and optimizing App performance and user experience, analyzing usage trends to develop new features, ensuring service security and integrity, detecting and preventing fraud, and handling general requests. |
Device and technical data, usage data, charging session data (in anonymous or aggregated form), communication data (for service improvement). |
Art. 6(1)(f): Necessary for the pursuit of our legitimate interests or those of a third party, provided that your fundamental rights and freedoms do not prevail. |
4. Data Sharing and Disclosure
We never sell your personal data. We may share it only in these cases:
- 4.1. Service Providers (Data Processors): We cooperate with trusted third-party service providers to process data on our behalf, e.g.:
- 4.1.1. Cloud Service Providers: Our data is stored on servers or equivalent data centers.
- 4.1.2. Customer Support Tools: Used to manage your inquiries and work orders.
- 4.1.3. Push Notification Services: Used to send you critical service notifications.
- 4.2. Business Partners: We may share data with partners with your explicit consent.
- 4.3. Legal Requirements and Protection: We may disclose necessary personal data when required by laws, regulations, judicial decisions or administrative orders, or to safeguard the public interest and protect the legitimate rights and interests of us or others.
- 4.4. Corporate Transactions: In the event of a merger, acquisition or asset transfer, your information may be transferred as part of the transaction. We will notify you of any such change of ownership.
5. International Data Transfers
5.1. Our servers are located in Frankfurt, Germany. We may however use service providers based outside the European Economic Area (EEA). For such data transfers, we will implement adequate safeguards recognized by the GDPR:
- 5.1.1. The transfer destination has received an adequacy decision from the European Commission (if applicable).
- 5.1.2. Alternatively, we will sign the European Commission-approved Standard Contractual Clauses (SCCs) with the data recipient.
6. Data Storage and Retention Period
We only retain your data for the period necessary to fulfill the purposes stated, unless a longer period is required by law (e.g., accounting, dispute resolution).
- 6.1. Account Data: We will retain your account information as long as your account remains active. After account cancellation, your account information will be deleted or anonymized within a reasonable period (unless legal retention applies).
- 6.2. Transaction and Payment Data: Typically retained for 10 years (for commercial/tax documents).
- 6.3. Communication and Marketing Data: Your data in our marketing list will be retained until you unsubscribe. Communication records (e.g. customer support emails) are generally retained for 3 years.
- 6.4. Log and Analysis Data: Log data used for security and performance monitoring is generally retained for a maximum of 6 months. Anonymized statistical data may be retained indefinitely.
7. Your Rights
7.1. Under the GDPR, you have the following data subject rights:
- 7.1.1. Right of Access: You have the right to request access to the personal data we hold about you and obtain a copy thereof.
- 7.1.2. Right to Rectification: You have the right to request us to correct inaccurate or incomplete personal data about you.
- 7.1.3. Right to Erasure (Right to be Forgotten): You have the right to request us to delete your personal data in circumstances such as when the purpose of data processing has been fulfilled, except where retention is required by law.
- 7.1.4. Right to Restriction of Processing: In certain circumstances, you may request us to restrict the processing of your personal data.
- 7.1.5. Right to Data Portability: You have the right to obtain your data in a structured, commonly used and machine-readable format, and to transmit it to other service providers.
- 7.1.6. Right to Object: You have the right to object at any time to the processing of your personal data for analytics or marketing purposes that based on our legitimate interests.
- 7.1.7. Right to Withdraw Consent: If our processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- 7.1.8. Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority if you believe your data is processed in violation of GDPR.
7.2. How to exercise your rights: You can directly manage or correct your data via the in-App settings. To exercise other rights, please contact us via the methods set out in the "Contact Us" section. For security, we may request proof of identity. We will respond within 30 days.
8. Data Security
8.1. We implement appropriate technical and organizational security measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures include:
- 8.1.1. Technical Measures: Encryption during transmission and storage.
- 8.1.2. Organizational Measures: Restricted employee access to personal data.
- 8.1.3. Emergency Response: In case of a personal data breach, we will promptly notify the relevant authorities and you (if the breach is likely to pose a high risk to your rights and freedoms), and take necessary remedial measures.
9. Protection of Minors
Our services are not intended for individuals under the age of 16. We do not knowingly collect or process personal data of minors. If you are the legal guardian of a minor and discover that the minor has used this App and provided personal data without your consent, please contact us and we will promptly delete the relevant data.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you via in-app notice, email, or a prominent notice on our website. Your continued use of the App after such changes constitutes acceptance of the revised policy. If you do not agree, you may stop using the App and cancel your account.
11. Contact Us
If you have any questions about this Policy or our services, please contact us via the following methods:
Email: support@kukowallbox.com
Company Name: Shanghai E-Mobility Technology Co., Ltd.
Company Address: Room 1001, Building 1, No. 299 Longcao Road, Xuhui District, Shanghai, China