Privacy Policy

Optivolt Privacy Policy

Last Updated: September 30, 2025

This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service, and outlines your privacy rights and the protections available under applicable law. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

Capitalized terms have the meanings set forth below. The definitions apply whether used in the singular or plural.

Definitions

  • Account means a unique account created for you to access our Service or portions of it.
  • Affiliate means an entity that controls, is controlled by, or is under common control with a party; "control" means ownership of 50% or more of the voting securities or equivalent.
  • Application refers to the Optivolt App provided by the Company.
  • Business (for CCPA/CPRA purposes) refers to the Company as the legal entity that determines the purposes and means of processing Consumers' personal information and does business in California.
  • CCPA/CPRA refers to the California Consumer Privacy Act as amended by the California Privacy Rights Act of 2020.
  • Company (referred to as "Optivolt," "we," "us," or "our") means Optivolt Inc. and its Affiliates.
  • Consumer (for CCPA/CPRA) means a natural person who is a California resident as defined by law.
  • Cookies are small files placed on your device that store details of your browsing history and related data.
  • Device means any device that can access the Service (e.g., computer, smartphone, tablet).
  • Do Not Track (DNT) is a browser setting signaling a user's preference to limit online tracking across websites.
  • Personal Data (also "Personal Information" under the CCPA/CPRA) means any information relating to an identified or identifiable natural person, or that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a consumer or household, as defined under applicable data protection laws.
  • Service refers to the Application, the Website, or both.
  • Service Provider means any individual or organization that processes data on the Company's behalf, including third parties engaged to deliver or support the Service, perform related functions, or assist with analytics.
  • Usage Data means data collected automatically through the Service or its infrastructure (e.g., page visit duration).
  • Website refers to www.optivolt.com and any subdomain under *.optivolt.com.
  • You means the individual using the Service, or the company or other legal entity on whose behalf an individual uses the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

We may collect personally identifiable information, including but not limited to:

  • Contact details (email address, first and last name, phone number, mailing address, city, state/province, ZIP/postal code)
  • Transactional or usage information related to energy services (e.g., utility bills, meter information and readings, historical usage)
  • Account credentials (passwords)
  • Information provided through audio recordings (see "Information Through Audio" below)

Usage Data

Usage Data is collected automatically and may include:

  • IP address, browser type/version, pages visited, time/date of visits, time spent on pages, unique device identifiers, and diagnostic data
  • If accessed via a mobile device: device type, unique device ID, IP address, operating system, mobile browser type, unique identifiers, and diagnostics

We may also collect information your browser sends when you visit our Service or access it via a mobile device.

Passwords

When you create or access an account, we collect your password for authentication and account protection. We store passwords using industry-standard hashing; they are not stored in plain text and are not visible to our personnel.

Information Through Audio

When you use features that accept audio input (e.g., voice commands or customer support calls), we may collect audio data to:

  • Improve voice recognition and related features
  • Enhance customer support quality and training
  • Analyze service interactions to improve user experience

Information Collected While Using the Application

With your prior permission, the Application may collect:

  • Location information
  • Camera/photos (pictures and related metadata)

This information is used to provide features and to improve/customize the Service. Data may be stored on Company or Service Provider servers, or locally on your device. You can enable/disable access via your device settings.

Tracking Technologies and Cookies

We use Cookies and similar technologies (e.g., web beacons, tags, scripts) to operate, analyze, and improve the Service.

Cookies can be "Session" (deleted when you close your browser) or "Persistent" (remain until they expire or you delete them).

We use:

  • Necessary/Essential Cookies (Session; administered by us): enable core functionality, authentication, and fraud prevention.
  • Cookie/Consent Cookies (Persistent; administered by us): record your consent/choices.
  • Functionality Cookies (Persistent; administered by us): remember preferences (e.g., language, login).
  • Tracking/Performance Cookies (Persistent; administered by third parties): measure traffic and usage; may link to a pseudonymous device identifier.
  • Targeting/Advertising Cookies (Persistent; administered by third parties): support interest-based advertising on third-party sites.

For details and your choices, see our Cookie Policy or the Cookies section of this Policy.

Use of Your Personal Data

We may use Personal Data to:

  • Provide and maintain the Service, including monitoring usage
  • Manage your Account, including registration and account features
  • Perform a contract (purchases, services, or other agreements)
  • Contact you (email, phone, SMS, push notifications) about updates, security, and service-related communications
  • Send news, offers, and information about similar goods/services/events (unless you opt out)
  • Manage your requests and customer support interactions
  • Deliver targeted advertising and measure its effectiveness (we do not share SMS consent or phone numbers with third parties or Affiliates for marketing)
  • Business transfers (e.g., merger, sale, financing)
  • Other purposes, such as analytics, trend identification, campaign effectiveness, and Service/product/marketing improvement

Sharing Your Personal Information

We may share Personal Data:

  • With Service Providers (analytics, ads, support/maintenance, remarketing, communications)
  • For business transfers (e.g., merger or acquisition)
  • With Affiliates (subject to this Privacy Policy)
  • With business partners (to offer products/services/promotions)
  • With other users in public areas of the Service
  • With your consent for any other purpose

Retention of Your Personal Data

We retain Personal Data only as long as necessary for the purposes described in this Policy, to comply with legal obligations, resolve disputes, and enforce our agreements. Usage Data is generally retained for a shorter period unless needed to improve security/functionality or required by law. Password data is retained for the life of your account and a reasonable period thereafter; it is stored using industry-standard hashing and protected with access controls.

Transfer or Access Outside Your Jurisdiction

Your information may be processed and stored in locations where the Company or its Service Providers operate, which may have different data protection laws. By using the Service and submitting information, you consent to these transfers. We implement appropriate safeguards (e.g., encryption, redaction, access controls, and authorization measures) to protect your Personal Data in transit and at rest, consistent with applicable law.

Delete Your Personal Data

You may request the deletion of Personal Data we hold about you. The Service may allow self-service deletion of certain information via account settings. You may also contact us to access, correct, or delete information you provided. We may retain certain data where we have a legal obligation or other lawful basis.

Disclosure of Your Personal Data

Business Transactions

If we are involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

Law Enforcement and Legal Requests

We may disclose Personal Data when required to do so by law or in response to valid legal requests.

Other Legal Requirements

We may disclose Personal Data to: comply with legal obligations; protect Company rights/property; investigate wrongdoing; protect users/public safety; or protect against legal liability.

If you choose to limit the use/disclosure of your sensitive Personal Information, we will honor your choice for at least 12 months, after which we may ask for renewed authorization where permitted.

Security of Your Personal Data

We use commercially reasonable administrative, technical, and organizational safeguards to protect Personal Data. However, no method of transmission or electronic storage is 100% secure.

Detailed Information on Processing and Third Parties

Our Service Providers may access Personal Data subject to their privacy policies. Before sharing, we assess vendors' data protection practices, minimize and anonymize where possible, and implement technical/organizational measures to protect your privacy while enabling functionality.

We may use third parties to:

  • Monitor and analyze Service usage
  • Show and measure advertising
  • Send communications (newsletters/marketing)
  • Provide remarketing/retargeting

Some vendors use non-cookie technologies not affected by cookie-blocking. You can decline interest-based advertising via:

We may share hashed identifiers (e.g., hashed email) or other online IDs so vendors can recognize your browser/device for cross-device ad delivery, per their privacy policies.

CCPA/CPRA Privacy Notice (California)

This section supplements this Policy for California residents.

Categories of Personal Information Collected (past 12 months)

We may collect the following CCPA/CPRA categories:

  • A. Identifiers: e.g., name, alias, postal address, online identifier, IP address, email, account name, driver's license/passport (Yes)
  • B. Customer Records (Cal. Civ. Code §1798.80(e)): e.g., contact details, some financial/ID data (Yes)
  • C. Protected Classifications: e.g., race, gender, etc. (No)
  • D. Commercial Information: purchase histories (No)
  • E. Biometric Information: (No)
  • F. Internet/Network Activity: interactions with our Service/ads (Yes)
  • G. Geolocation Data: approximate location (Yes)
  • H. Sensory Data: audio/electronic/visual (No)
  • I. Professional/Employment: history/evaluations (No)
  • J. Education Information (FERPA): (No)
  • K. Inferences: profiles/preferences (No)
  • L. Sensitive Personal Information: e.g., account login and password, geolocation (Yes)

Personal information does not include public records, deidentified/aggregated data, or information covered by sectoral laws (HIPAA/CMIA, GLBA/FIPA, FRCA, DPPA).

Sources

  • Directly from you (forms, preferences)
  • Indirectly from you (observed activity)
  • Automatically (cookies/SDKs)
  • Service Providers (analytics, advertising, operations)

Uses (Business/Commercial Purposes)

Operating and supporting the Service; responding to inquiries; fulfilling transactions; legal compliance; internal administration/audits; security and fraud prevention; and other one-time uses. See Use of Your Personal Data for details.

If we collect additional categories or use data for materially different purposes, we will update this Policy.

Disclosures (past 12 months)

We may have disclosed for a business/commercial purpose:

A (Identifiers), B (Customer Records), F (Internet Activity), G (Geolocation), L (Sensitive PI)

Recipients include Service Providers, Affiliates, business partners, and third parties you authorize. Contracts restrict use to the specified purpose and require confidentiality.

Sharing/Sale

We may "share" personal information for cross-context behavioral advertising and, under CCPA/CPRA's broad definition, some activities may constitute a "sale." We do not sell PI in the traditional sense, but certain analytics/advertising uses may be deemed a "sale" or "sharing."

Categories potentially "sold" or "shared" (past 12 months): A, B, F, G, L.

Your Rights Under CCPA/CPRA

  • Right to Notice
  • Right to Know/Access (categories, sources, purposes, third parties, specific pieces; and categories sold/disclosed)
  • Right to Opt Out of Sale/Sharing (see Do Not Sell My Personal Information)
  • Right to Correct Inaccurate PI
  • Right to Limit use/disclosure of Sensitive PI (subject to exceptions)
  • Right to Delete (subject to legal exceptions)
  • Right to Non-Discrimination for exercising your rights

Exercising Your CCPA/CPRA Rights

Contact us:

Only you or your authorized agent (registered with the CA Secretary of State) may submit a verifiable request. Your request must:

  • Provide sufficient information for identity/authority verification
  • Describe the request with enough detail for us to respond

We cannot respond if we cannot verify your identity or confirm the information relates to you. We will respond within 45 days; we may extend once for an additional 45 days with notice. Disclosures cover the prior 12 months. For portability, we provide data in a readily usable format.

Do Not Sell My Personal Information

"Sale" under CCPA/CPRA includes making PI available to a third party for valuable consideration (not necessarily monetary). We do not sell PI in the common sense; however, certain advertising/analytics uses may constitute a "sale" or "sharing." You can opt out. Opt-outs are browser/device-specific and may require re-application after clearing cookies or changing browsers.

Website Controls

Manage settings via "Privacy Preferences," "Update Privacy Preferences," or "Do Not Sell My Personal Information" in the Service. You may also use industry opt-out tools (NAI/EDAA/DAA). Note: opt-outs place a cookie; deleting cookies or changing browsers requires re-opting out.

Mobile Devices

  • Android: "Opt out of Interest-Based Ads" / "Opt out of Ads Personalization"
  • iOS: "Limit Ad Tracking"

Adjust device location settings to stop location collection.

Limit the Use or Disclosure of Your Sensitive Personal Information

California residents may limit Sensitive PI use/disclosure to what is reasonably necessary to provide requested goods/services. We use/disclose Sensitive PI only as needed to deliver the Service. See Use of Your Personal Data or contact us.

"Do Not Track" (CalOPPA)

Our Service does not currently respond to DNT signals. Some third-party sites may track your activity; you can set DNT preferences in your browser settings.

California Residents' Privacy Rights

Shine the Light (Cal. Civ. Code §1798): Once per calendar year, residents with an established business relationship may request details about our sharing of Personal Data with third parties for their direct marketing.

Minors (Bus. & Prof. Code §22581): Registered users under 18 may request removal of content they publicly posted. Requests do not guarantee complete removal where the law does not permit/require it.

Links to Other Websites

Our Service may link to third-party websites not operated or controlled by us. We recommend reviewing the privacy policy of each site you visit. We are not responsible for third-party content, privacy practices, or policies.

Regular Review and Changes to This Privacy Policy

We review our privacy practices at least annually and update this Policy as needed to reflect changes in our practices or applicable laws. If we make significant updates, we will:

  • Post the revised Policy here and update the "Last Updated" date
  • Provide notice via email and/or a prominent in-Service message before changes take effect

Changes are effective upon posting. We encourage you to review this Policy periodically.

Data Protection Office

We maintain a Data Protection Office ("DPO") composed of representatives from Legal, Compliance, and Information Security to oversee privacy compliance. Contact the DPO with questions about our practices, your rights, or this Policy:

DPO responsibilities include:

  • Monitoring compliance with applicable data protection laws
  • Advising on obligations and conducting privacy impact assessments
  • Serving as a contact for data subjects and supervisory authorities
  • Providing internal guidance and training on privacy/data protection
  • Coordinating responses to privacy inquiries and requests

The DPO collaborates across departments to ensure proper handling and protection of Personal Data throughout our organization.