Privacy Policy

Last Updated: September 2025

Sorigin Insurance Brokers & Technology Services ("Sorigin", "we", "our", or "us"), the publisher of the Sorigin Asset Management Services (AMS) Mobile Application ("Application" or "App"), is committed to protecting the privacy and security of personal data.

This Privacy Policy explains how we collect, use, store, and protect personal data when you use the Application, in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable regulations.

By using the Application, you acknowledge that you have read and understood this Privacy Policy and that you are accessing a Beta version of the Application.

1. Why Do We Process Your Data?

We process personal data strictly for legitimate and defined purposes related to asset monitoring, analytics, and support services, including:

• Creating and managing user accounts
• Authenticating users and securing access
• Providing wind, solar, and hybrid asset monitoring
• Displaying generation, revenue, carbon offset, and performance metrics
• Delivering analytics, forecasts, and comparisons
• Enabling asset-level issue reporting and support ticketing
• Providing chatbot-based assistance
• Sending alerts and notifications related to asset performance and system updates
• Enabling offline access and data synchronization
• Improving application performance, reliability, and user experience
• Ensuring application security and preventing misuse
• Responding to user queries and support requests
• Complying with legal and regulatory obligations

As this is a Beta version, certain features may be experimental, partially available, or subject to modification without prior notice.

Consent-based processing applies where required. You may withdraw your consent at any time through application or device settings, subject to legal and operational limitations.

2. Categories of Data We Process

We process only data that is necessary for the purposes outlined above.

A. Personal Information

• Name
• Email address
• Mobile number
• Role or user type (e.g., asset owner, operations user)
• Profile information and preferences

B. Asset & Usage Data

• Project and asset associations (wind, solar, hybrid)
• Generation and performance data displayed in the app
• Analytics usage data (features accessed, filters applied)

C. Support & Ticketing Data

• Issues raised through the Application
• Asset identifiers associated with tickets (e.g., turbine code)
• User-provided descriptions and attachments

D. Location Data (Where Applicable)

• Approximate location used for asset context or support verification
• Location data is collected only when required and permitted

E. Media Data

• Images uploaded for issue reporting or support purposes
• Metadata such as timestamps and asset references

F. Device & Technical Data

• Device type and operating system
• Application usage logs and error logs
• Notification tokens

During the Beta phase, additional diagnostic or usage data may be temporarily collected to improve stability, performance, and user experience.

We do not collect unnecessary personal data and do not use personal data for advertising purposes.

3. Data Sharing and Third Parties

Your data is shared only where necessary to provide the Application services, including:

• Cloud hosting and infrastructure providers
• Notification delivery services (for example, Firebase Cloud Messaging)
• Security, monitoring, and analytics service providers

These third parties process data solely on our behalf and are bound by contractual and legal confidentiality obligations.

We do not sell personal data to third parties.

4. Cloud Hosting & Local Storage

Cloud Infrastructure

• Data may be stored and processed on secure cloud infrastructure located in multiple regions
• Data is encrypted in transit and at rest

Local Storage

• Limited data may be stored locally on your device to support offline functionality
• Data is securely synchronized when connectivity is restored
• Device-level security remains the responsibility of the user

Offline behavior and synchronization reliability may vary during the Beta version.

5. Notifications

We use push notifications to inform users about:

• Asset alerts and performance updates
• Support ticket status
• Important system or application updates

You can manage notification preferences via application or device settings.

6. Data Retention

We retain personal data only for as long as necessary for operational, legal, and regulatory purposes:

• Account data: retained while the account is active and for a limited period after deactivation
• Asset and analytics data: retained in accordance with contractual and regulatory requirements
• Support and ticketing data: retained for audit and resolution tracking
• Log and security data: retained for troubleshooting and monitoring

Data may be retained longer where required by law or to protect legal rights.

7. Data Security

We implement appropriate technical and organizational safeguards, including:

• Encryption of data in transit and at rest
• Role-based access controls
• Secure authentication mechanisms
• Regular monitoring and security reviews

As this is a Beta release, users acknowledge that absolute stability and security guarantees may evolve as the Application matures.

While reasonable measures are taken, no system can guarantee absolute security.

8. Your Rights

Subject to applicable law, you have the right to:

• Access your personal data
• Request correction of inaccurate or incomplete data
• Request deletion of personal data
• Object to or restrict processing
• Request data portability
• Withdraw consent where processing is consent-based

Requests can be made via in-app support or official communication channels. Identity verification may be required.

9. Children's Privacy

The Application is not intended for users under 18 years of age. We do not knowingly collect data from minors.

10. International Data Transfers

Your data may be processed outside your country of residence. Appropriate safeguards are implemented in accordance with applicable data protection laws.

11. Third-Party Links

The Application may include links to third-party websites or services. Sorigin is not responsible for the privacy practices of such third parties.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through:

• In-app notifications
• Updated "Last Updated" date
• User acceptance prompts, where required

Continued use of the Application, including during its Beta phase, indicates acceptance of the updated Privacy Policy.

13. Contact Information

For questions or requests regarding this Privacy Policy or personal data processing, please contact us through: