Privacy Policy
Last updated: May 15, 2026
1. Introduction
Synleap Limited ("Synleap," "we," "our," or "us") provides the Synleap mobile application (the "App"), a platform for managing, monitoring, and configuring electric vehicle (EV) charging equipment. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our App and related services (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Information You Provide
- Account Information: When you register, we collect your email address and a password.
- Profile Information: You may optionally provide your name, phone number, or other profile details.
- Communications: Information you provide when contacting support, including emails and feedback.
2.2 Information Collected Automatically
- Device Information: Charger identifiers, model information, charging session data (power, duration, status), and configuration settings.
- Technical Data: App version, operating system version, device model, IP address, and crash diagnostics used to maintain service stability and security.
2.3 Information Collected Through Device Permissions
- Bluetooth: With your permission, we use Bluetooth to scan for, pair with, and communicate with compatible EV chargers. Bluetooth scanning may require location permission on Android devices.
- Camera: With your permission, we access your device camera to scan QR codes on charging equipment for device identification and setup.
- NFC: With your permission, we use NFC to read tags on compatible charging equipment for device identification and configuration.
- Location: On Android, Bluetooth scanning requires approximate location permission. We do not collect precise location data or track your movements. Location data is used solely to enable Bluetooth device discovery as required by the Android operating system.
2.4 Information We Do Not Collect
We do not collect or process:
- Payment card information (the App does not process payments)
- Precise geolocation data
- Health or biometric data
- Contacts or call logs
- Content of your private messages or files
3. How We Use Your Information
We use the information we collect for the following purposes:
- Account Management: To create, maintain, and authenticate your account.
- Device Operations: To discover, pair, configure, monitor, and control compatible EV charging equipment via Bluetooth, QR code scanning, or NFC.
- Charging Monitoring: To display real-time charging status, power metrics, and session history.
- Customer Support: To respond to inquiries, troubleshoot issues, and provide technical assistance.
- Service Improvement: To analyze aggregated, anonymized data to improve app performance and reliability.
- Security: To detect, prevent, and respond to fraud, unauthorized access, or other harmful activities.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
4. Legal Basis for Processing (EEA/UK Users)
For users in the European Economic Area (EEA) and the United Kingdom, we rely on the following legal bases under the General Data Protection Regulation (GDPR):
- Performance of a Contract: Processing necessary to provide the Service you requested.
- Consent: Processing based on your explicit consent (e.g., for Bluetooth, camera, and NFC permissions). You may withdraw consent at any time through your device settings.
- Legitimate Interests: Processing for service security, fraud prevention, and app improvement, where such interests are not overridden by your data protection rights.
- Legal Obligation: Processing required to comply with applicable law.
5. How We Share Your Information
We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:
5.1 Service Providers
We use Amazon Web Services (AWS) for cloud infrastructure and data hosting. AWS processes data on our behalf under strict contractual terms that prohibit use for any other purpose.
5.2 Legal Requirements
We may disclose information if required to do so by law or in response to valid legal requests by public authorities (e.g., courts, regulatory agencies, or law enforcement).
5.3 Business Transfers
In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
6. International Data Transfers
Your information may be transferred to and processed on servers located in countries outside your country of residence, including servers operated by AWS in various global regions. We ensure that appropriate safeguards are in place to protect your information in accordance with applicable data protection laws, including the use of Standard Contractual Clauses approved by the European Commission where required.
7. Data Retention
We retain your personal information only as long as necessary to fulfill the purposes described in this Privacy Policy:
- Account Data: Retained while your account is active. Upon account deletion, your personal data is deleted or anonymized within 30 days.
- Charging Session Data: Retained for the duration of your account plus 30 days after deletion.
- Technical Logs: Retained for a maximum of 30 days.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:
- Encryption of data in transit (TLS/SSL)
- Encryption of data at rest
- Access controls and authentication requirements
- Regular security assessments
However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.
9. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
9.1 GDPR Rights (EEA/UK Users)
- Right of Access: Request a copy of your personal data.
- Right to Rectification: Correct inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): Request deletion of your data.
- Right to Restrict Processing: Limit how we use your data.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests.
- Rights Regarding Automated Decision-Making: We do not engage in automated decision-making or profiling.
9.2 California Residents (CCPA/CPRA Rights)
- Right to Know: Request disclosure of categories and specific pieces of personal information we collect.
- Right to Delete: Request deletion of personal information we have collected.
- Right to Correct: Request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
9.3 Exercising Your Rights
To exercise any of these rights, contact us at synleap@synleap.eu. We will respond to verified requests within the timeframe required by applicable law (typically 30 days, extendable as permitted). We may need to verify your identity before processing your request.
10. Children's Privacy
Our Service is not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information promptly.
11. Third-Party Links
The App may contain links to third-party websites or services. We are not responsible for the privacy practices of such third parties. We encourage you to review the privacy policies of any third-party services you access.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the App or via email. Your continued use of the Service after such notification constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.
13. Contact Us
If you have questions, concerns, or wish to exercise your privacy rights, please contact us:
Synleap Limited
Rm D07, 8/F, Kai Tak Factory Building Stage 2
99 King Fuk Street, San Po Kong
Hong Kong
Email: synleap@synleap.eu
Website: https://synleapenergy.com/
For users in the EEA/UK, you also have the right to lodge a complaint with your local data protection supervisory authority.