Products & Services Privacy Policy

Last updated: 6 May 2026

This Products & Services Privacy Policy explains, at a high level, how veerio UG (haftungsbeschränkt) processes data in connection with veer.io energy monitoring products, managed infrastructure, dashboards, APIs, analytics, and related services. This policy does not replace customer-specific data-processing agreements, service contracts, or project documentation.

Controller and Contact

veerio UG (haftungsbeschränkt)
Emser Strasse 98
12051 Berlin
Germany

Email: info@getveer.io
Privacy contact: privacy@getveer.io

No data protection officer contact is currently published for this policy. Product privacy requests can be sent to the privacy contact above. Where veer.io processes personal data on behalf of a customer, the customer may be the controller and veer.io may act as processor under the applicable data-processing agreement.

Product Data Categories

Depending on the contracted service, veer.io may process customer account and contact data, site and facility metadata, measurement-point identifiers, device and installation information, energy consumption and generation data, operational event data, support communications, billing or procurement information, and technical usage data from dashboards, APIs, or connected systems.

Product data may include business contact details such as names, email addresses, roles, phone numbers, company details, and support or implementation correspondence. Energy and facility data is primarily operational and business data, but it may become personal data where it relates to an identifiable person or sole proprietorship.

Providing customer account, site, device, and support data may be required to enter into or perform a product or service contract. If required data is not provided, some services, support actions, reports, integrations, or deployments may not be possible.

Purposes of Processing

We process product and service data to provide, maintain, secure, and improve the contracted services; deploy and support hardware or software; operate dashboards and APIs; generate analytics, reports, and compliance outputs; detect faults or abuse; provide customer support; manage billing and commercial relationships; and comply with legal obligations.

Legal Basis

Where GDPR applies, processing may be based on contract performance or pre-contractual measures under Article 6(1)(b), legitimate interests under Article 6(1)(f), legal obligations under Article 6(1)(c), or consent under Article 6(1)(a) where consent is specifically requested.

Analytics, AI, and Aggregation

veer.io products may use analytics, forecasting, benchmarking, anomaly detection, and AI-assisted methods to produce operational insights from energy and facility data. Outputs may include dashboards, reports, alerts, forecasts, sustainability or compliance support, and optimization recommendations. Where possible, reporting and benchmarking should use aggregated or de-identified data.

Product analytics may evaluate facility, device, site, or organization-level patterns. Unless an applicable customer agreement states otherwise, veer.io products are not intended to make solely automated decisions about individuals that produce legal or similarly significant effects within the meaning of Article 22 GDPR.

Recipients and Processors

We may share data with service providers needed to operate the products and services, such as hosting, cloud infrastructure, database, monitoring, email, support, analytics, security, payment, and deployment partners. We may also share data with customer-authorized users, integration partners, auditors, professional advisers, authorities where legally required, and other recipients described in the relevant customer agreement.

Named subprocessors and deployment partners should be provided in the applicable customer agreement, data-processing agreement, order form, or subprocessor list before production product processing begins. If a named subprocessor list is not yet available, customers should request it via privacy@getveer.io before sharing personal data through the products or services.

Where service providers process personal data on our behalf, we use appropriate contractual safeguards. International transfers are protected through appropriate mechanisms where required, such as an adequacy decision, EU Standard Contractual Clauses, the EU-U.S. Data Privacy Framework, or another legally recognized transfer mechanism. Details of applicable safeguards can be requested via privacy@getveer.io.

Retention

Product and service data is retained for the period required to provide the contracted services, comply with legal obligations, maintain business records, resolve disputes, and support legitimate operational needs. Account, billing, and commercial records may be retained for the applicable statutory retention period. Operational energy, device, and site data retention should be defined in the applicable customer agreement, data-processing agreement, or project documentation. If no project-specific period is defined, customers should request confirmation before production deployment.

Security

We apply technical and organizational measures designed to protect product and service data against unauthorized access, loss, misuse, and alteration. No internet-based service can be guaranteed to be completely secure, but we work to maintain protections appropriate to the nature of the data and services.

Customer Responsibilities

Customers and partners are responsible for ensuring that they have the rights, notices, permissions, and legal bases needed to provide data to veer.io and to authorize users, integrations, and recipients under their control.

Your Rights

Subject to the conditions in the GDPR, individuals may have rights of access, rectification, erasure, restriction, portability, and objection. Requests can be sent to privacy@getveer.io. Where we process data on behalf of a customer, we may need to refer the request to that customer.

Website Privacy

This policy covers veer.io products and services. Website data processing is described separately in the Website Privacy Policy.