Last Updated May 2025
Privacy Policy
GENERAL “POWER UP” LLC PERSONAL DATA PROTECTION POLICY (PRIVACY POLICY) Introduction This personal data protection policy (privacy policy) (“Privacy Policy” or “Policy”) sets up rules and conditions for how personal data should be processed by POWERUP SOLUTIONS PTE. LTD. (Singapore) or entities from the same group of companies (“Company” or “Controller”) that own the “PowerUP” mobile application and website https://www.wepowerup.io (“App” or “PowerUP”). The Company respects and protects privacy and collects, uses, retains, shares, and/or discloses personal data fairly, transparently, and securely. The Company respects data subject rights and responds to queries and requests made by individuals about their personal data. The Company operates in different countries where privacy regulations can be different and sometimes contradictory; therefore, this policy sets up rules for data protection that meet the requirements of applicable laws and regulations. Local laws and regulations that apply to the activities described in this Policy may be more restrictive than this Policy. Where that is the case, the more restrictive rules must be followed. Specified conditions are set up in privacy notices that reflect actual and more detailed rules in dedicated jurisdictions.
Clause 1
Definitions
The Privacy Policy contains different terms that are defined below:
“App” and “PowerUP” mean “PowerUP” mobile application.
“Company” and “Controller” mean POWERUP SOLUTIONS PTE. LTD. (Singapore).
“Partner” means a dedicated legal entity that provides operational support to the Company in a country/region generally without access to Personal Data. The Partner can be empowered (see your Notice) to collect and transfer data subjects’ requests to the Company and communicate back to data subjects upon the Company’s notification.
“Personal Data” means any information about an identified or identifiable natural person (including but not limited to our employees, patients, shareholders, contractors, or the staff of our suppliers, visitors to our buildings, or website users).
“Policy” and “Privacy Policy” mean the present personal data protection policy (privacy policy).
“Privacy notice” means a dedicated e-document with detailed information about Personal Data processing within a process and/or country/jurisdiction.
Clause 2
Personal Data collected by the Company
The Company processes the following types of Personal Data of the App for appropriate purposes only, as reflected below:
Name: Preparing, conclusion and execution of the user agreement; Providing user access to the App and its functionality; Contacting user in case of any errors and/or issues; Providing support for registered users.
Phone number: Same as above, plus informing users about charging terminals in the area.
E-mail: Same as above, plus error analysis for further improvement.
Payment details: Execution of the user agreement (payment processing).
Date of birth: Preparing, conclusion and execution of the user agreement.
App usage information: Providing full App functionality; statistics research of anonymized data; error analysis.
Device IDs (MAC, IP): Same as above, plus informing about charging terminals.
Device details (type of device, etc.): Same as above.
GPS location: Informing users about charging terminals in the area.
Payment Processing details: Processing payments through authorized providers; Compliance with UAE banking regulations; Transaction record maintenance; Refund processing; Fraud prevention measures.
Clause 3
Personal Data processing rules and principles
3.1 Data Minimisation: Company collects and uses the minimum amount of Personal Data necessary to operate, provide services, and support App functionality.
3.2 Access Limitation: Company limits access to your Personal Data internally and does not share it with any unlisted third parties.
3.3 Accuracy: Company strives to keep Personal Data accurate and blocks access to outdated/inaccurate data until it is updated.
3.4 Legitimacy: Company processes data only under legal obligation or legitimate business need.
3.5 Security: Company applies technical and organizational measures to protect Personal Data from loss, theft, unauthorized access/use, improper modification, or destruction.
3.6 Processors and employees must prevent misuse, report suspected access violations, and protect data against loss.
3.7 Data Subject Rights: Individuals may access, correct, or delete their Personal Data by contacting the Company directly or through a Partner.
3.8 Retention: Personal Data is kept only as necessary for business or legal purposes.
3.9 Cross-border Transfers: Data is hosted in Singapore; data is transferred and stored under applicable regulations.
3.10 Third Parties: Company uses technical infrastructure in Singapore and verifies its Partner’s data protection practices before engagement.
3.11 Legal Obligations: The Company may disclose or suspend processing based on lawful governmental or court requests, with a record of such processing maintained.
3.12 Payment Processing and Security: The Company complies with UAE Federal Decree Law No. 45/2021, UAE Central Bank regulations, PCI DSS, and local banking rules.
3.13 Payment Security Measures: No card details stored; only authorized providers used; regular audits; transaction monitoring.
Clause 4
Personal Data protection
4.1 The Company has adopted both organizational and technical protection measures.
4.1.1 Organizational measures include: classifying Personal Data as confidential; restricting access; using data only for stated purposes; internal data protection rules; staff training; limited printing/sending except in emergencies; and transferring data only via legal documentation.
4.1.2 Technical measures include: access segregation; antivirus and spyware protection; encryption; Partner infrastructure assessment.
4.2 High-level descriptions of measures are public, but exact lists are confidential. For more detail, data subjects must send a formal request.
4.3 Data protection measures are periodically reassessed and updated, though not all updates require Policy amendments.
Clause 5
Data subjects’ requests
5.1 Data subjects can ask questions or request access to their Personal Data processed by the Company.
5.2 The Company will provide relevant information depending on the jurisdiction and request type. If obstacles exist, the Company will inform the data subject.
5.3 Requests can be submitted via email to support@wepowerup.io or via a local Partner, as outlined in the relevant Privacy Notice.