1. Preamble
This document applies to the website www.charge-keeper.com as well as to the Chargekeeper supervision platform and its associated mobile applications (together, the « Services »). It sets out the identity of the Services' publisher, the terms of use of the website, and the personal data processing policy implemented by Chargekeeper as data controller, in accordance with Regulation (EU) 2016/679 (« GDPR ») and the amended French « Informatique et Libertés » law.
Consulting and using the Services implies full acceptance of this document. Chargekeeper reserves the right to amend it at any time; the version applicable is the one in force at the date of consultation or contract conclusion.
2. Publisher of the website and Services
Chargekeeper SAS, simplified joint-stock company with share capital of €10,000, registered with the Aix-en-Provence Trade and Companies Register under number 922 055 496, with registered office at:
Pôle Morandat
1480 Avenue d'Arménie
13120 Gardanne — France
Publication Director: Christopher Ney, in his capacity as President.
Contact: via the contact form on the website.
3. Hosting
The website and the Chargekeeper supervision platform are hosted within the European Union by DigitalOcean LLC, in datacenters located in Frankfurt (Germany). Backups and associated services are operated entirely from within the European Union.
DigitalOcean LLC — 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA. For EU operations, see www.digitalocean.com.
4. Intellectual property
All elements composing the Chargekeeper website and platform — including without limitation text, illustrations, photographs, logos, trademarks, videos, diagrams, interface source code, data structures and databases — are the exclusive property of Chargekeeper SAS or are used under licence. Any reproduction, representation, modification, publication, transmission, adaptation or exploitation, whether total or partial, without prior written authorisation from Chargekeeper, is strictly prohibited and would constitute infringement punishable under articles L.335-2 et seq. of the French Intellectual Property Code.
The Chargekeeper trademark and its associated logo are registered trademarks. Any unauthorised use may be prosecuted.
5. Personal data — controller & purposes
Chargekeeper SAS acts as data controller for data collected via its website and consumer-facing applications, and as data processor within the meaning of the GDPR for data processed in the context of the supervision service supplied to its professional operator clients (CPOs, eMSPs, installers, fleet managers) — who remain data controllers in that case.
5.1 Categories of data subjects
- Website visitors www.charge-keeper.com (audience measurement, navigation)
- B2B prospects who have filled in a sales or support form
- Drivers (B2C) using the mobile application and the charging payment service
- Professional users of the supervision platform (operator administrators, technicians, fleet managers)
5.2 Purposes, legal bases and retention periods
| Purpose | Legal basis | Retention |
|---|---|---|
| Response to sales / support requests via form | Pre-contractual measures taken at the data subject's request | 3 years from last contact |
| Creation and management of driver account (B2C) | Performance of a contract | Account duration + 3 years after inactivity |
| Invoicing, collection, accounting | Legal obligation (French Commercial Code) | 10 years (accounting records) |
| Charging sessions (OCPP CDRs), technical supervision | Performance of the service contract / legitimate interest (quality, security) | Duration of client contract + operational archiving as per contract |
| Website audience measurement (Google Analytics) | Consent (CNIL) | 13 months maximum |
| Fraud prevention and security | Legitimate interest | Duration necessary for the purpose, generally 1 year for logs |
6. Data specific to the supervision service
In the context of the Chargekeeper supervision service (CPMS), the following categories of data are likely to be processed on behalf of our operator clients (who are data controllers):
- Charging sessions (Charge Detail Records — OCPP CDRs): charger ID, session ID, kWh delivered, start and end timestamps, authentication identifier (RFID badge, roaming eMSP badge, or Plug & Charge).
- Technical badge identifiers: named or anonymised numbers, associations with a company vehicle or end user, depending on the operator's configuration.
- Charger geolocation: fixed position of the supervised charging points. No continuous geolocation of the driver is performed — the mobile app may use the device's location punctually to show nearby chargers on the map, subject to the user's consent via their operating system settings.
- OCPI roaming: transmission of pseudonymised data (badge token, CDR) between partner operators via interoperability hubs (GIREVE, HUBJECT) or peer-to-peer, strictly for roaming billing purposes.
- OCPP technical logs: events emitted by chargers (errors, start, stop), retained for diagnostics and service improvement.
Operator clients are required, in their capacity as data controllers, to inform their end users of the use of Chargekeeper and to obtain any consents that may be necessary.
7. Sub-processors & data recipients
To deliver the Services, Chargekeeper relies on the following sub-processors, selected for their GDPR compliance and security guarantees:
| Sub-processor | Purpose | Location |
|---|---|---|
| DigitalOcean LLC | Application infrastructure hosting | Frankfurt (EU) |
| MongoDB, Inc. (MongoDB Atlas) | Database hosting | Frankfurt (EU) |
| Elasticsearch B.V. (Elastic Cloud) | Log indexation and search | Frankfurt (EU) |
| Stripe Payments Europe Ltd. | Payment processing (PCI-DSS Level 1) | Ireland (EU) |
| Brevo (formerly Sendinblue) | Transactional email delivery | France (EU) |
| Google Ireland Ltd. | Audience measurement (Google Analytics 4), on consent only, IP anonymised | Ireland (EU) — transfers governed by Standard Contractual Clauses and Data Privacy Framework |
Each sub-processor is bound to Chargekeeper by a contract compliant with Article 28 of the GDPR, imposing a level of protection at least equivalent to that applied by Chargekeeper. The list above is updated in case of changes.
Apart from these sub-processors, Chargekeeper does not sell or rent any data to third parties for commercial purposes.
8. Transfers outside the European Union
All processing operated directly by Chargekeeper takes place within the European Union. The rare indirect transfers (Google Analytics, on consent) are subject to appropriate safeguards within the meaning of articles 44 et seq. of the GDPR: Standard Contractual Clauses approved by the European Commission and adherence to the EU — US Data Privacy Framework where the recipient is a signatory.
9. Data security
Chargekeeper implements technical and organisational measures designed to guarantee the confidentiality, integrity and availability of the data processed:
- Systematic TLS encryption of communications in transit, including OCPP exchanges with chargers
- Encryption of sensitive data at rest
- Strict partitioning of data between clients and granular role-based access control
- Strong user authentication and robust password policies
- Daily backups and documented disaster recovery plan
- Access logging and continuous monitoring
- Regular security updates and vulnerability testing
- Formal procedure for breach notification, compliant with Article 33 of the GDPR (CNIL notification within 72 hours where applicable)
For more details on our security architecture, see our Security & Compliance page.
10. Cookies & trackers
The www.charge-keeper.com website uses a minimal number of cookies. No audience-measurement or third-party cookie is set before the user's consent has been obtained, in accordance with CNIL guidelines.
- Essential cookies for site operation (e.g.: consent preference) — exempt from consent
- Audience measurement (Google Analytics 4) — set only after explicit acceptance via the consent banner, IP anonymised, 13-month duration
Consent can be withdrawn at any time via the « Cookie preferences » link available at the bottom of every page.
11. Your rights
In accordance with the GDPR and the French « Informatique et Libertés » law, you have at all times the following rights over your data:
- Access — obtain confirmation that your data is being processed and receive a copy
- Rectification — correct inaccurate or incomplete data
- Erasure (« right to be forgotten ») — subject to legal retention obligations
- Objection — object to processing based on legitimate interest
- Restriction — request the temporary suspension of processing
- Portability — receive your data in a structured and commonly used format
- Issue directives on the fate of your data after your death
- Withdraw your consent at any time, where processing is based on consent
To exercise these rights, contact us via our contact form or by post at our registered office address (see section 2). A response will be provided within a maximum of one month.
If, after contacting us, you consider that your rights are not being respected, you may lodge a complaint with the French Data Protection Authority (CNIL).
12. Limitation of liability
Chargekeeper endeavours to ensure the accuracy and currency of the information published on the website, without however guaranteeing its completeness. The website may evolve or be interrupted for technical or maintenance reasons, without notice or compensation.
Chargekeeper cannot be held responsible for the content of third-party websites linked from this site. The user remains solely responsible for the use made of the information consulted.
The terms of use of the supervision platform and associated services are the subject of a separate service contract concluded between Chargekeeper and each professional client. In case of divergence, the terms of that contract prevail over this document for matters relating to service execution.
13. Applicable law & competent jurisdiction
This document is governed by French law. Any dispute relating to its interpretation or execution shall, failing amicable resolution, fall under the exclusive jurisdiction of the courts within the Aix-en-Provence Court of Appeal, subject to public-policy rules of jurisdiction applicable to consumers.
Last updated: 22 May 2026. Chargekeeper undertakes to update this document in case of changes to its processing operations, applicable regulations or sub-processors.