GDPR COMPLIANT

Privacy Policy

At 1app.energy, we treat your home energy data like a bank treats your money. Locked down, encrypted, and never sold.

1. Interpretation & Definitions

For the purposes of this Privacy Policy, the following definitions apply:

  • Company(referred to as "the Company", "We", "Us" or "Our") refers to 1App Energy Ltd.
  • Device means any device that can access the Service, such as a computer, a cellphone, or a digital tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the 1app.energy application and website.
  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., page visit duration, IP addresses).

2. Data Controller

For the purposes of the UK General Data Protection Regulation (UK GDPR), the Data Controller is:

1App Energy Ltd

1app.energy is a trading name of 1App Energy Ltd, a registered company in the United Kingdom.

Business Address: 71-75, Shelton Street, Covent Garden, London, WC2H 9JQ, UNITED KINGDOM

Company Registration Number: 17062482

Contact Email: privacy@1app.energy

3. The Data We Collect

We only collect the minimum data required to optimise your energy usage:

  • Device Credentials: API keys for your Inverter, Charger, or Thermostat (stored via AES-256 encryption).
  • Energy Telemetry: Real-time solar generation, battery levels, and home consumption data.
  • Usage Data:Collected automatically when using the Service. This includes your Device's IP address, browser type, pages you visit, and unique diagnostic data.

Tracking Technologies & Cookies

We use Cookies and similar tracking technologies to test and operate our Service. Cookies are small files placed on your Device. They can be:

  • Session Cookies: Deleted as soon as you close your web browser. We use these to keep you securely logged in and prevent fraudulent account use.
  • Persistent Cookies:Remain on your device when you go offline. We use these to remember choices you make (like your login details or dashboard preferences) so you don't have to re-enter them constantly.

If you do not accept cookies, some parts of the dashboard may not function correctly.

4. Legal Basis for Processing

Under GDPR Article 6, we process your data under the following legal bases:

  • Performance of a Contract: To provide the energy optimisation services you signed up for.
  • Legitimate Interest: To ensure system security, debug technical issues, and improve algorithm performance.
  • Consent: For any optional features where we explicitly ask for your permission.

5. How We Use Your Data

We use your data for one purpose: Optimisation. We do not sell your consumption patterns to advertisers, grid operators, or third parties.

Trusted Subprocessors

We may use trusted third-party service providers (e.g., cloud hosting, payment processors like Stripe, or email services) strictly to deliver the service. All subprocessors operate under strict confidentiality agreements and are located within the UK or EEA unless otherwise stated.

Automated Decision-Making

We use automated systems to optimise energy usage (e.g., scheduling EV charging and battery behaviour). These decisions do not produce legal or similarly significant effects. You have the right to request a human reviewof any automated decision or override it manually via the dashboard.

6. Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement & Legal Requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation or public authority request.
  • Protect and defend the rights or property of the Company.
  • Protect the personal safety of Users or the public.
  • Protect against legal liability.

7. Security & Encryption

Industry-Standard Security

All API keys are encrypted at rest. Our engineers cannot view your raw credentials. We use isolated, encrypted environments for sensitive operations.

We use industry-standard SSL/TLS for all data in transit. You can revoke our access at any time by changing your device API keys.

8. Data Retention

We hold your data only as long as necessary:

  • Active Accounts: Data is retained to provide historical analysis of your savings.
  • Deleted Accounts: API credentials and telemetry are permanently deleted from active systems immediately (and removed from backups within 30 days).
  • Billing Records: Limited payment history is retained for 6 years as required by UK Tax Law (HMRC).

9. International Data Transfers

UK & EEA Only

We do not transfer personal data outside the UK or European Economic Area (EEA). If this changes, we will update this policy and apply appropriate safeguards (SCCs).

10. Your Rights Under GDPR

You have the right to:

  • Access: Request a copy of all data we hold about you.
  • Rectification: Correct any inaccurate data.
  • Erasure:Request full deletion of your account (the "Kill Switch").
  • Portability: Receive your raw data in a machine-readable format (JSON/CSV).
  • Objection: Object to our processing of your data.

11. Deletion (Kill Switch)

Right to be Forgotten

If you delete your account, we trigger a "hard delete." Your keys and historical data are wiped from our active servers instantly.

12. Children's Data

1app.energy is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children.

13. Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

14. Policy Updates

We may update this Privacy Policy from time to time. Material changes will be communicated via the service or email.

15. Contact & Authority

For privacy concerns, contact our privacy team at: privacy@1app.energy

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):www.ico.org.uk

We value your privacy

We use essential cookies to keep the site working and optional cookies to understand usage and improve the experience. Read our Privacy Policy