Last Updated and Effective April 27, 2023
This Product or Service is operated by Emporia Corp ("Emporia," "us," "our," or "we") with its principle place of business at 7901 Shaffer Pkwy, Littleton, CO 80127. This Privacy Policy ("Privacy Policy") explains how we collect, process, and share your Personal Data (defined below) when you use our Products and Services. We also describe your rights and choices with respect to your Personal Data and other important information. Please read this Privacy Policy carefully before using our Services and/or providing us with your Personal Data. You can download a copy of this Privacy Policy by clicking here.
This Privacy Policy applies to Personal Data collected through Emporia's hardware and devices, e.g. our chargers, smart plugs, batteries, and energy monitors ("Products"), and our "Services" that link to/post this Privacy Policy, which include: the Emporia corporate website at emporiaenergy.com (including any subdomains or mobile versions, the "Website(s)"); our web and mobile applications ("Apps") and web portals (collectively, our "Platform"); and our support services ("Support").
This Privacy Policy applies only to Emporia, our Products, and the Services that Emporia provides to you. We may partner or integrate with programs or services ("Third-Party Integrations"), for example: "Utility Integrations" -- Programs, devices, or services provided by or in partnership with your electric utility ("Utility"); or "Provider Integrations" -- Programs, devices, or services provided by or in partnership with third-party hardware or service providers ("Third-Party Provider(s)").
Note, Emporia engages with numerous Third-Party Providers, and these Third-Party Providers may include, for example, third-party technology platforms, as well as managed service providers or installers that use Emporia products or services. Where you participate in a Third-Party Integration, we may receive data from a Utility or Third-Party Provider ("Inbound Integration"), or the Utility or Third-Party may receive or have access to data collected through our Products and Services ("Outbound Integration"). In each case, your data may be subject to separate third-party privacy policies, and you may have additional or different rights in your data when processed by those parties. The processing of your Personal Data by Utilities and Third-Party Providers is outside the scope of this Privacy Policy, and is not under the control of Emporia.
Similarly, this Policy does not apply to, and we are not responsible for, Personal Data processed by other third parties, for example, when you visit a third-party website or service, unless and until we receive your Personal Data from those parties or request that such third-party process Personal Data on our behalf. Any processing of Personal Data not done at the direction or on behalf of Emporia is outside the scope of this Privacy Policy.
The "Business" or "Controller" processing your Personal Data subject to this Privacy Policy is Emporia Corp. Utilities and Third-Party Providers are separate Businesses/Controllers.
If you have any comments or questions about this Privacy Policy or Emporia's privacy practices, or to exercise your rights as described below, please contact us at:
"Personal Data" refers to data that relates, or that is linked or linkable, to an identified or identifiable individual or household. Personal Data includes data that directly identifies you -- such as your name -- as well as data that does not directly identify you, but that can reasonably be used to identify you -- such as the serial number of your device.
The categories of Personal Data we collect and use include the following (specific data elements are examples that may be subject to change):
We collect Personal Data from various sources, which vary depending on the context in which we process that Personal Data:
Our use of Personal Data depends on who you are and how you interact with us. When you use our Products and Services, we process Personal Data in specific contexts and for certain specified purposes, as well as for our general Business Purposes. Residents of certain jurisdictions may be entitled to additional notices under applicable law; see the "Supplemental Privacy Rights and Notices" section below for more information.
We collect certain Personal Data when you install and use our Products. For example, we may process Identity Data, Power Data, and Device Data from the Product you are using, or other devices connected/integrated with our Products. We may also create Inference Data derived from the data collected through your use of our Products.
We generally use this Personal Data in order to provide our Products and Services, to integrate Products with your User Account and our Platform, or (subject to any necessary consents) for certain telemetry, bug fixing, crash reporting, and similar logs and metrics relating to the performance and operation of the Service or Product. We may also push or make available updates to our Products.
We may also process Personal Data collected via our products and software for our other Business Purposes. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
We generally process Identity Data, Payment Data, Device Data (relating to your device), and Commercial Data when you engage in a purchase transaction. Our shop may allow you to pay using third-party payment or ordering/fulfillment providers (such as Venmo, PayPal or Amazon). If you use a third-party payment processor or ecommerce platform where you have an account, your Personal Data will be processed by the third-party as set forth in the third-party's privacy policy.
We process Personal Data in this context as necessary to perform or initiate a contract with you, process your order and payment, and carry out fulfillment and delivery. In addition, we may also collect or create Device Data (relating to the Product purchased) and Inference Data in connection with your transaction. Where permitted by law, we use the Identity Data, and Contact Data collected from your purchase to provide you with information regarding the Products you purchased, and we may send you marketing communications (subject to your consent where required by law) as described further below.
In some cases, if your purchase is made through a supplier, or in connection with a Third-Party Integration, then we may share certain Identity Data, Device Data (relating to our Product) and other Commercial Data with the Utility or Third-Party Provider participating in the Third-Party Integration or otherwise managing the purchase or installation of the Product/Service on your behalf. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
When a User account is created on our Platform ("User Account"), we process Identity Data, Device Data, and Contact Data. We also allow for the creation of master customer accounts relating to an end customer ("Customer Accounts"), and partner accounts for Third-Party Providers that are granted access to Customer Accounts as part of a Third-Party Integration ("Partner Accounts").
When our Products, or other devices, hardware, or services (e.g. via a Third-Party Integration) are associated with a Customer Account, we will collect and link to the Customer Account additional Device/Network Data relating to the connected hardware (including our Products), as well as relevant Power Data, and we may generate Inference Data (such as power generation and usage trends, hardware consumption analytics, etc.)
We process Personal Data in relation to User Accounts and associated information primarily to create, maintain, and provide you with information about your User Account, provide the Platform, deliver the features, functionality, and any other Services you request, and provide you with information about the Products associated with your User Account. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
We collect Identity Data, Power Data, Device Data, and we may generate Inference Data, when you initiate Inbound Integrations. Similarly, we may share Identity Data, Power Data, and Device Data when you initiate Outbound Integrations.
If you initiate or authorize an Outbound Integration, you direct us to share certain data with the relevant Utility or Third-Party Provider. As part of certain Outbound Integrations, designated Third-Party Providers may access our Portal to access or retrieve your Personal Data through a Partner Account, or we may share this information automatically (e.g. via API). Utilities and Third-Party Providers may use your Personal Data for additional purposes, and may have supplemental privacy notices that apply to data collected or processed through our Services.
Generally, when a customer authorizes an Outbound Integration via a Partner Account, we may grant the Third-Party Partner access to certain Identity Data, Device Data, Power Data, and Inference Data related to the Customer Account. We do not grant Partner Accounts access to Identity Data other than user-generated channel names. Utilities generally can see only Power Data at the resolution specified by the Utility. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
When you use our Apps and Websites, we automatically collect and process Identity Data and Device Data. We use this data as necessary to provide the service you request, initiate or fulfill your requests for certain features or functions through our Apps and Websites, such as keeping you logged in, delivering pages, etc. We process Personal Data collected from our Apps and Websites as necessary to ensure the security of our Apps and Websites, to prevent fraud, and to analyze the use of our Apps and Websites and help us develop new features, products, or services. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
We use cookies and similar technologies (such as scripts or web tokens) on our Apps and Websites. These technologies may be used to collect or create Device Data relating to the device you used to access our Apps/Website, certain Identity Data (e.g. device identifiers), or Inference Data. Third parties may be allowed to view, edit, or set their own cookies or place web beacons on our Apps and Websites on our behalf.
Specifically, we and authorized third parties may use cookies and similar technologies for the following purposes:
We may send you automated marketing and promotional messages via email, SMS, or (if you use our App) via push notification. We may process Identity Data, Device Data, Inference Data, and Commercial Data to send and customize these messages. You may receive these messages if you are a registered user (subject to your consent where required by law), or if you consent to such communications. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
When you contact us (e.g. as part of a contact us form, online chat, or Support request) we may collect and process Identity Data, including the Contact Data you provide, Device Data, and any Audio/Visual data or User Content you provide. We use this Personal Data as necessary to address your request, fulfill the purpose for which that information was provided, or for other related purposes, including but not limited to communicating with you about our Service or Emporia. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
We may process Identity Data, Contact Data, Inference Data, and User Content collected in connection with user surveys or questionnaires. We generally process this Personal Data as necessary to respond to user requests/feedback, and create aggregate analytics regarding user opinion or satisfaction. We may store and analyze feedback for our purposes, for example, to personalize the Products and Services, or to improve our Products and Services. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
If you have a warranty claim regarding a Product you purchased, or if you submit a product for return/repair, we may collect additional Device Data, as well as Identity Data and Contact Data in connection with the submission and processing of such claim. If you are entitled to refund, we may collect Payment Data in order to process the refund transaction. We do not sell or share (as share is defined in CCPA) Personal Data collected in this context.
In addition to the specific processing purposes set out above, we and our service providers process Personal Data as necessary for certain legitimate interests/business purposes, as described below ("Business Purposes"):
Personal Data we collect may be disclosed to or made available to a variety of parties, depending upon the purpose for and context in which that information was provided. We generally disclose Personal Data to the parties and in the contexts described below.
We share Personal Data with relevant Utilities and Third-Party Providers if you elect to participate in Outbound Integrations. Specific Personal Data shared may vary based on the Third-Party Integration. Please note: Utilities and Third-Party Providers are independent from Emporia, and have their own privacy policies that govern the Personal Data they receive via Third-Party Integrations.
In connection with our general business operations, product/service improvements, to enable certain features, and in connection with our other lawful business interests, we may share Personal Data with processors, service providers, or sub processors who provide Products and Services or process data on our behalf. For example, we may use cloud-based hosting providers to host our Websites or Apps, or we may disclose Personal Data as part of our own internal operations, such as security operations, internal research, and other Business Purposes.
Any Personal Data may be disclosed in the event that we go through a business transition, such as a merger, acquisition, liquidation, sale of all or a portion of our assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution, or other transaction.
In order to streamline certain business operations and develop products and services that better meet the interests and needs of our users, we may share your Personal Data with any of our current or future affiliated entities, subsidiaries, investors and/or parent companies.
In limited circumstances, we may, without notice or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other Personal Data that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, or when in the vital interests of us or any person. We may also disclose any Personal Data on relevant public interest grounds.
We may disclose any Personal Data in accordance with your consent or requests to disclose data to third parties.
You may have certain rights and choices regarding the Personal Data we process. Please note these rights may vary based on the country or state where you reside, and our obligations under applicable law. Residents of certain jurisdictions may have additional rights under applicable law; see the "Supplemental Privacy Rights and Notices" sections below for more information.
To exercise your rights under applicable law, you may submit a request by emailing us at RightsRequests@emporiaenergy.com. All rights requests we receive directly must be verified to ensure that the individual making the request is authorized to make that request, to reduce fraud, and to ensure the security of your Personal Data.
Marketing Communications: You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email, following any opt-out instructions in the communication. In some cases, you may be able to opt-out by emailing us at RightsRequests@emporiaenergy.com.
Withdrawing Your Consent/Opt-Out: Where we are processing your Personal Data based on your consent, you may change your mind and withdraw your consent at any time. The consequence of you withdrawing consent might be that we cannot maintain certain Products or perform certain Services for you.
Do-Not-Track: Our Products and Services do not respond to your browser's do-not-track request.
Cookies and Similar Technology: If you do not want information collected through the use of cookies, you can manage/deny cookies (and certain technologies) using your browser's settings menu. Disabling cookies and similar technologies may cause the Service to not function properly and certain features, functionality or Products and Services may not be available.
As a general matter, we retain Personal Data for so long as it, in our discretion, is necessary to achieve the processing purposes described in this Privacy Policy, and in any event, for so long as is required by law. We generally consider the following factors when we determine how long to retain data: retention periods established under applicable law; industry best practices; whether the purpose of processing is reasonably likely to justify further processing; risks to individual privacy in continued processing; applicable data protection impact assessments; IT systems design considerations/limitations; and the costs associated with continued processing, retention, and deletion.
We implement and maintain reasonable security measures to secure your Personal Data from unauthorized access. While we endeavor to protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others. In the unlikely event of a security breach that affects your personal data, Emporia will notify you if required under applicable laws.
If you are located outside the US, your Personal Data may be transferred to and/or processed in the United States, or other locations where we or our Sub processors process Personal Data. For example, Personal Data may be processed by staff operating in the United States engaged in, among other things, the provision of our Products and Services to you, the processing of transactions and/or the provision of support Products and Services.
We do not knowingly collect Personal Data from an individual under age 18, and have no actual knowledge of collecting Personal Data from minors under 18. If you are under the age of 18, please do not submit any Personal Data through our Products and Services. If you have reason to believe that we may have accidentally received Personal Data from an individual under age 18, please contact us.
We reserve the right to change our Privacy Policy from time to time. Any such changes will be posted on this page, and you will be notified if required under applicable laws. Your continued use of our Products and Services constitutes your acceptance of any revised Privacy Policy.
Under the California Consumer Privacy Act ("CCPA") and other US state laws, you may have the following rights, subject to your submission of an appropriately verified request. Please note -- These rights may be available only to certain individuals, and we may verify eligibility in connection with your exercise of any rights under applicable US state laws.
You may submit requests by emailing us at RightsRequests@emporiaenergy.com. All rights requests must be verified. We may require that you provide the email address we have on file for you and verify that you can access that email account, as well as other data we have on file, in order to verify your identity.
For purposes of the CCPA, we may disclose to third parties certain categories of Personal Data for "business purposes." The categories include Identity Data, Device Data, Power Data, Commercial Data, Inference Data, User Content, and Payment Data. Recipients may include Third Party Integrations, Service Providers, Successors, Affiliates, and Lawful Recipients.
We do not "sell" your Personal Data, and have not done so since the inception of Emporia Corp. We do not have actual knowledge that we have sold or shared the Personal Data of any person 16 or under.
To the extent Payment Data is considered "sensitive personal information" under CCPA, we collect, use and disclose such data only to process your transactions and for the Business Purposes authorized under applicable law.
For users in the EEA/UK/Switzerland, we rely on the following legal bases for processing your Personal Data:
Under the GDPR and analogous legislation, you may have the following rights, subject to your submission of an appropriately verified request:
We process data in the United States, and other countries where our subprocessors are located. Some countries outside the EEA do not have laws that protect your privacy rights as extensively as those in the EEA. However, if we transfer Personal Data outside the EEA/Switzerland/UK, we will put in place appropriate safeguards to ensure that your Personal Data are properly protected and processed only in accordance with applicable law. Those safeguards may include imposing contractual obligations of adequacy, using the EU standard contractual clauses or Binding Corporate Rules, or requiring the recipient to subscribe to or be certified with an 'international framework' of protection. You can obtain more information about the safeguards we put in place by contacting us using the information above.