Please note that this Privacy Notice only covers residents in Singapore. If you are not a resident in Singapore or a user of the Shell Recharge Asia App, you will be subject to the Privacy Notice posted on the page of your country of residence or the Global page.
What does this Privacy Notice cover?
This Privacy Notice provides you with information on the processing of your personal data when visiting the Shell Recharge website, using the Shell Recharge Apps (in particular, the Shell Recharge Asia App) or using services and/or purchasing products from Shell Recharge Solutions in Singapore. Zeco Systems Inc., its subsidiaries and affiliates (hereafter “Shell Recharge Solutions”) market and trade under the Shell Recharge brand in various countries. Please note that you when using Shell Recharge products and services you are entering into a relationship with Shell Recharge Solutions which is a member of the Shell Group of companies.
This Privacy Notice explains what personal data are processed about you; why we are processing your personal data and for which purposes; for how long we hold your personal data for; how to access and update your personal data, as well as the options you have regarding your personal data and where to go for further information.
Special Notice – if you are under 16 years old. Processing children’s personal data
If personal data of children is gathered this requires consent of the parent or guardian.
We do not intentionally collect personal data of individuals of those who are under 16 years old. Except in those cases where we organize educational events specifically designed for those under 16 years old. If you are under 16 years old (or a different age to reflect local legal requirement for minors) please do not send us your personal data.
Given that our products and services relate to driving, we assume you are over 16 years old. If you wish to contact us in a way which requires you to submit your personal data (such as for educational or innovation events) please ask your parent or guardian to do so on your behalf.
What personal data do we process about you?
The categories of personal data we process.
We collect personal data about you, as a Shell Recharge customer, user of our app and/or visitor to our website and social media pages. Please find the type of interaction you have with use to learn more about what personal data we process. For your convenience we have divided the interactions across 4 types: RFID Card users, Charge Point users, website and app users and direct interactions.
- RFID card users: refers to every person that uses a RFID card or charge token offered by or powered by us to obtain access to a charge point. RFID card users interact with us by means of registration and use of the RFID card.
Registration: when you register a RFID card with us, we collect your name, email address, RFID card number, home address, phone number, payment details including bank account details or credit card details, and whether you opt for public charging. In case a RFID card is provided to you by a 3rd party (such as a lease company, a fuel card provider or your employer) and/or a party which pays for the use of your RFID card, said 3rd party has registered this card on your behalf, sharing your RFID card number with us.
Use of a RFID card: when you use a RFID card on a point operated by and connected to our charge points we additionally (to the registration data) collect your charge session details which are your RFID card number, start/stop times, your electricity use, charge point ID, location of the charge point used. The same applies when you scan a QR code on a charge point and opt for downloading an app to create your account, in which case we only not will have a RFID card number. When you use any other charge point which not operated by us but made accessible to you with a RFID card, we will only receive the charge session details listed in combination with your card number from the charge point operator. This enables us to identify you and invoice you for the charge session. If a RFID card is provided to you by a 3rd party who pays for your use of the RFID card, we share the charge session details listed with this party for billing and settlement purposes.
- Charge point users:
Registration: before you can start using a charge point, we request you to register it in your account and we collect your name, email address, phone number, charge point number/ID and payment details.
Ad hoc charging as Guest User: when you scan a QR code displayed on a charge point to enable you to do ad hoc charge two options are presented to you. You can opt for charging with direct payment, in which case we only request you to provide us with (i) your email address for purposes of sending a receipt for the charge session (if you opt for this) however your email address will not be stored in our customer database; and (ii) your credit card details and we will only store the last four digits of your credit card number, the expiry data and the security code. Please note that a 3rd party payment provider will process your payment. The second option would be to download an app and create an account. The data collected will be the same as mentioned at Registration and all personal data is stored in an encrypted manner.
With RFID card of another e-mobility service provider: when you use one of our charge points with a RFID card or token not offered by or powered by us, we will only collect your RFID card ID (thus not your name), start/stop times, your electricity use, charge point ID and location. This charge session data will be shared to us with your RFID charge card provider for billing and settlement purposes.
- Website/App Users:
General: if you use our applications for mobile devices, we may collect your location data (with your consent) in order to make it possible for you to use the navigation option, to receive charging notifications or to enable you to notify us about faults. Besides this your mobile device will automatically share certain data with us because the device interacts with the app. When you use the app, you create an account for which we collect the data mentioned with “RFID card use, registration” and “charge point user”.
Exchanges by device: when you visit our websites, data is automatically collected by the technology platforms providing the experience. For example, your web browser or mobile device may share certain data with us because those devices interact with our website. This data includes device ID, network access, storage information and battery information, cookies, ip-addresses, referrer headers, data identifying your web browser and version and web beacons and tags.
- Direct Interactions:
Newsletter and publications: if subscribed, we will collect your name and contact information and you can unsubscribe at any time.
Communications concerning our own products or services: we may send communications concerning our own products and services to our customers. You can unsubscribe from such communications at any time.
Campaign or competition: if you choose to participate in a campaign or competition, we ask for the necessary personal data required. This is to ensure we can operate it, announce winner(s) and to gauge the response to any marketing and to provide you with ongoing marketing offers if you have agreed to receive these as part of your participation.
Job applicants: If you respond to a vacancy on our website, we ask for your details, including your resume. We use these details to evaluate your application and to communicate with you regarding that vacancy. We may also use third party (software) providers for the processing of responses to our vacancies on our website.
Surveys: if you participate in our surveys, we will collect your personal data as part of customer satisfaction research related to the products and services offered to you.
Business data: If you are a business customer, supplier, business partner or stakeholder, we will process your private contact information (such as name and email address) only if necessary. We will also process your business contact and other information (such as job title, department, name of organization and your dealings with us on behalf of yourself or the relevant business customer, supplier, business partner and/or stakeholder).
Other: if you contact us by phone or email, we will collect the data you provide to us.
Shell view of the customer
With the aim of ensuring you have a seamless experience with the Shell group, and depending upon the nature of your engagement with Shell, we may combine information gathered from the sources referred to above to create a personal profile of you. This enables you to interact with different Shell companies more easily and ensures we have the most up to date information about you in order to better develop services and products and to tailor offers relevant to your specific interests.
Please note however, you have the ability to control how Shell uses this information. You can opt out of having your personal data combined in this way.
Why do we process your personal data?
The personal data covered by this Privacy Notice are only processed:
- with your explicit consent;
- where it is necessary to conclude a transaction with you (such as payment information);
- where it is necessary for the purposes of the legitimate interests pursued by the relevant Shell company/companies, except where such interests are overridden by your interests or fundamental rights and freedoms; or
- where it is necessary for Shell to comply with a legal obligation.
Where the processing is based on consent, you have the right to withdraw your consent at any time. This will not affect the validity of the processing prior to the withdrawal of consent.
What are the consequences of not providing your personal data?
Personal data gathered by us for these processes either directly or indirectly is required in order to:
- fulfil legal requirements and/or which is required for entering a contract with a counterparty and continuing to contract with that counterparty.
- maintain contact with business customers, suppliers and business partners, visitors to the website and investors.
Failure to provide us with the information required will negatively affect our ability to communicate with you, or our ability to enter a contract with a counterparty or continuing to contract with a counterparty.
Who is responsible for any personal data collected in Singapore?
Zeco Systems Pte. Ltd.
9 North Buona Vista Drive
The Metropolis Tower 1, #02-01
For what purposes do we process your personal data?
We process your personal data for the purposes of:
- provide our products and deliver our services to you;
- managing your account, relationships and marketing such as maintaining and promoting contact with you;
- payment processing and financial account management;
- account management including account verification (that is, ensuring that only you or someone you have authorized can access your account and information);
- customer service and development of our products and services;
- performance of and analysis of market surveys and marketing strategies;
- promotions and contests offered to our customers, including offering you digital rewards to recognise you as a valued customer; or
- detecting or preventing fraud if you use a mobile payment function to purchase our products and services (if available in your market).
We will only process your personal data where we have a lawful basis to do so:
- only the personal data included in this privacy notice is processed;
- in order to take steps at the request of an individual prior to entering a contract;
- where it is necessary to comply with a legal or regulatory obligation to which we are subject to;
- where it is necessary for the purposes of the legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual/s;
- (only if legally required) with the explicit consent of the individual;
- in those cases where processing is based on consent, and subject to applicable local law which provides otherwise, you have the right to withdraw your consent at any time. This will not affect the validity of the processing prior to the withdrawal of consent;
or for a secondary purpose where it is closely related, such as:
- storing, deleting or anonymising your personal data;
- audits, investigations, dispute resolution or insurance purposes, litigation or defence of claims;
- statistical, historical or scientific research; or
- legal and/or regulatory compliance.
In addition, in order to comply with legal and regulatory obligations, to protect our assets and employees/contractors and specifically to ensure that we can comply with trade control, anti-money laundering and/or bribery and corruption laws and other regulatory requirements, we carry out screening (pre-contract and on a periodic basis post-contract) on owners, shareholders and directors of our Business customers, Suppliers and Business Partners.
This screening takes place against publicly available or government issued sanctions lists and media sources. The screening does not involve profiling or automated decision making in relation to the counterparties or potential counterparties.
Communication and marketing – your choices
If you have consented to receive communications from us (or if you have previously purchased goods/and or services from us), you may receive offers that are tailored towards your preferences based on the information gathered about you from the various sources described above in order to provide you with better products and increasingly tailored services.
We may send you service updates and notifications without your advance consent only where such updates and/or notifications are necessary for the proper functioning of the Shell Recharge Asia App or other services that you use.
You may receive pertinent offers and communications by different channels and you may update your subscription preferences via your personal profile settings anytime or use the unsubscribe functionality for the different digital channels.
Transaction security and preventing, detecting and investigating fraud
When you use a mobile payment application to purchase our products and/or services (if available in your market), you may be asked to provide additional personal details to complete the transaction. We may use the personal data you provide to prevent, detect and investigate fraud and to enforce the terms and conditions of the mobile payment application.
We may share some information with the service providers involved in mobile payments (such as PayPal, 2C2P), including but not limited to your IP address, device ID or unique identifier, loyalty card number for the purposes detailed above as well as for the purposes of collecting points, device type, geo-location information, connection information (for e.g. wi-fi) and mobile network information.
Your rights in relation to your personal data
We aim to keep our information as accurate as possible. You can request:
- access to your personal data;
- correction or deletion of your personal data (but only where it is no longer required for a legitimate business purpose such as completing a retail transaction);
- that you no longer receive marketing communications;
- that the processing of your personal data is restricted;
- combining of your personal data from different sources to create a personal profile no longer takes place; and/or
- that you receive personal data that you have provided to us, in a structured, digital form to be transmitted to another party, if this is technically feasible.
To make any of these requests please go to your account profile or please contact us at
Who can you contact if you have a query, concern or complaint about your personal data?
If you have any issues, queries or complaints regarding the processing of your personal data, please contact us at:
For local Data Privacy focal point in Singapore
- by sending an email to email@example.com ; or
- by calling the local customer hotline + 65 6227 5944 or at such number as updated by Shell Recharge Solutions from time to time
For Shell Group Chief Privacy Office
You may also contact the Shell Group Chief Privacy Office at Shell International B.V. The Hague, The Netherlands – Trade Register No. 27155369 Correspondence: PO Box 162, 2501 AN, The Hague, at privacy-office-SI@shell.com.
If you are unsatisfied with the handling of your personal data by us, then you have the right to lodge a complaint to the Personal Data Protection Commission, whose address is 10 Pasir Panjang Road, #03-01 Mapletree Business City Singapore 117438 or the Dutch Data Protection Authority whose address is Hoge Nieuwstraat 8, 2514 EL The Hague, The Netherlands. Please visit or www.pdpc.gov.sg or https://autoriteitpersoonsgegevens.nl/en for more information.
Cookies and similar technologies
Security of your personal data
We have implemented technology and policies with the objective of protecting your privacy from unauthorised access and improper use. In particular, we may use encryption for some of our services, we apply authentication and verification process for access to our services and we regularly test, assess and evaluate the effectiveness of our security measures.
When you enter your credit card details, please be informed that a 3rd party payment provider will process your payment. We will only store the last four digits of your credit card number, the expiry data and the security code.
Who will we share your personal data with?
Your personal data are exclusively processed for the purposes referred to above and will only be shared on a strict need to know basis with:
- Other companies within our group of companies, including to those which may be located outside of your location;
- With your consent, authorized third party companies in co-operation with Shell that may supply products and/or services to you as our customer;
- Our authorized service providers involved in mobile payments (such as PayPal, Apple Wallet, Android Pay or 2C2P);
- Our authorised agents, licensees, service providers, external auditors and/or subcontractors of Shell;
- A competent public authority, government, regulatory, supervisory, investigative or fiscal agency where it is necessary to comply with a legal or regulatory obligation to which the relevant Shell company/companies is subject to or as permitted by applicable law; or
- Any person to whom Shell proposes to transfer any of its rights and/or duties.
Transfers of your personal data to other countries
Personal data collected from residents in Singapore will be stored in servers based in Singapore.
Notwithstanding the above, your personal data may be transferred to countries with servers located outside of Singapore. Where your personal data has been transferred to companies within the Shell group and/or to authorized third parties located outside of your country we take organizational, contractual and legal measures to ensure that your personal data are exclusively processed for the purposes mentioned above and that adequate levels of protection have been implemented to safeguard your personal data. These measures include Binding Corporate Rules (BCR) for transfers among the Shell group and for Shell companies in the European Union (provided that such Shell entities or companies are BCR signed off), European Commission approved transfer mechanisms for transfers to third parties as well as any additional local legal requirements. You can find a copy of Shell Binding Corporate Rules at https://www.shell.sg/privacy.html or by contacting privacy-office-SI@shell.com.
How long do we hold your personal data for?
Personal data processed by us in line with this Privacy Notice will be deleted or rendered anonymous (such that it will no longer be possible to identify you);
- every 5 years where you remain a customer during this period;
- without undue delay upon you requesting that your account profile is deleted or to discontinue your participation as a customer in any of our or our group’s loyalty programmes; or
- after 3 years for all subscribed services from our last interaction with you (that is where you have not used our services for 3 years).
In relation to financial transactions (including those made through a Shell Recharge App), your personal data will be held for 10 years from the transaction.
In all cases information may be held for (a) a longer period of time where there is a legal or regulatory reason to do so (in which case it will be deleted once no longer required for the legal or regulatory purpose) or (b) a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate business purpose to retain it.
Changes to this Privacy Notice
This Privacy Notice may be changed over time. You are advised to regularly review this Privacy Notice for possible changes. This Privacy Notice was last updated in September 2023