Privacy Policy

---

Grine Technologies Ltd - Website Privacy Policy

Last updated: 26 October 2025

This Website Privacy Policy explains how Grine Technologies Ltd ("Grine", "we", "us") collects and uses personal data when you visit our public informational Website at www.gt-powerbank.com, submit a contact/feedback form, or interact with website features. It does not cover the App (including the web‑based login), which is governed by our separate App Privacy Policy.

For privacy queries: privacy@gt-powerbank.com. Postal: 86‑90 Paul Street, London, EC2A 4NE, UK. We comply with the UK GDPR and Data Protection Act 2018. We also comply with the Privacy and Electronic Communications Regulations (PECR) for cookies and direct marketing.

1. Controller

Grine Technologies Ltd is the controller of personal data collected via the Website.

2. What we collect via the Website

Depending on your interactions, we may process:

• Technical data: IP address, device/browser type and version, time zone, referrer URL, pages viewed, and interactions necessary to serve pages and ensure security (via essential cookies/logs).
• Contact/feedback data: name, email, phone (optional), message content, time/date, and any attachments you submit.
• Analytics data (optional): if we enable website analytics in future, we will collect aggregated usage information (e.g., page performance, session duration). We will obtain consent where required before setting non‑essential cookies/identifiers.
• Marketing preferences: if you opt into newsletters or updates (if offered), we record your consent and preferences. We do not intentionally collect special category data via the Website.

3. Sources

• Direct: information you provide via forms or email links.
• Automated: logs and essential cookies created by our hosting and security stack. Non‑essential cookies only with your consent (see Cookie Policy).

4. Purposes and lawful bases

Purpose

Lawful basis

Serve and secure the Website (load pages, prevent abuse, detect faults)

Legitimate interests (operate a secure website)

Respond to enquiries submitted via the contact/feedback form

Legitimate interests (respond to requests) and/or contract where our reply is needed to take steps at your request prior to entering a contract

Maintain records of communications and triage internally (email inbox or CRM)

Legitimate interests (quality assurance, training, audit)

Run optional analytics to improve content and performance

Consent (PECR/UK GDPR)

Send optional marketing communications (if offered)

Consent (PECR soft opt‑in may apply to existing customers)

5. How we handle form submissions (dual route)

Submissions may either (i) be delivered to our support inbox; or (ii) be stored in our internal dashboard/CRM accessible only to authorised personnel for triage and follow‑up. In both cases, we apply access controls and retention rules (see Section 10).

6. Sharing of personal data

We may share Website‑collected data with:

• Service providers: website hosting (e.g., GoDaddy or equivalent), email delivery, CRM/helpdesk platforms, IT security and maintenance. They act as processors under our instructions.
• Group companies/affiliates: as needed to operate our business.
• Professional advisers: lawyers, auditors, insurers.
• Authorities: where required by law or to protect rights, safety, or property. We do not sell personal data.

7. International transfers

If we transfer Website data outside the UK, we will ensure an appropriate safeguard such as a UK adequacy regulation, the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, with transfer risk assessments.

8. Security

We implement technical and organisational measures appropriate to the risk, including HTTPS/TLS, access controls, logging/monitoring, least‑privilege access, and regular updates. No method of transmission over the internet is 100% secure.

9. Cookies and similar technologies

Essential cookies are used for core functionality (e.g., load balancing, session security). Non‑essential analytics/marketing cookies will only be set with your consent via our cookie banner and preferences centre. See our separate Cookie Policy for a cookie table and granular controls.

10. Retention

• Contact/feedback records: normally 12 months from resolution, or longer if needed to manage a complaint or establish/defend legal claims.
• Technical logs: up to 12 months (shorter for some security logs), unless needed for incident investigation.
• Marketing data: until you withdraw consent or we cease such activity. We may retain data longer if required by law or necessary for legal claims. After expiry we will delete or anonymise.

11. Your rights

You have rights to access, rectify, erase, restrict, object, and portability, and to withdraw consent where relied upon. You also have the right to complain to the Information Commissioner’s Office (ICO). Contact us at privacy@gt-powerbank.com to exercise rights. We may require reasonable identity verification.

12. Children

The Website is not intended for children under 13. If you believe a child has provided personal data via the Website, contact us so we can delete it. Users aged 13–17 should only contact us with appropriate parental knowledge where relevant.

13. Third‑party sites

Where the Website links to third‑party sites (including the App stores, social media, or mapping providers), their privacy practices govern those sites. We are not responsible for third‑party privacy practices.

14. Changes to this policy

We may update this Website Privacy Policy to reflect changes in law or our operations. The latest version will be posted here with a new “Last updated” date. Material changes will be flagged on the Website where appropriate.

15. Contact

Questions about this policy: privacy@gt-powerbank.com or by post to the address above.