C
CORE
EV Charging Network
Privacy Policy
Last updated: May 2026
CORE Development ("CORE", "we", "us", "our") operates the CORE Charge mobile app and the underlying EV charging network in Ethiopia. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over your data.
1. Information We Collect
1.1 Information you provide
- Account information — name, email address, phone number, and (optionally) a profile photo, collected when you create an account or sign in via Google, Apple, Telegram, or email + OTP.
- Vehicle information — make, model, year, battery capacity, and connector type, collected when you add a vehicle to your CORE profile.
- Payment information — processed exclusively by Chapa, our licensed payment processor. CORE does not store full card numbers, CVVs, or mobile-money PINs. We retain a transaction reference, the amount, and the timestamp.
- Support correspondence — content of emails or calls when you contact our support team.
1.2 Information we collect automatically
- Charging session data — station, charger and connector ID, energy delivered (kWh), session duration, cost, and (where applicable) battery state of charge readings reported by the vehicle or estimated by the app.
- Device and app information — device model, operating system version, app version, and a push-notification token issued by Apple or Expo.
- Approximate location — when you grant permission, used to surface nearby stations on the map and to drive availability sorting. We do not track your continuous movement; location is read on-demand when the app is open.
- Crash and performance data — anonymised stack traces and timing metrics collected by Sentry (see Section 3).
- Usage data — which app screens you visit and which features you use, in aggregate, to help us improve the product. No keystroke, screen-recording, or behavioural-advertising data is collected.
2. How We Use Your Information
We use the information described above strictly to:
- Authenticate you and keep your CORE account secure.
- Authorise and bill charging sessions against your CORE wallet.
- Process top-ups via Chapa and credit the resulting balance to your account.
- Show charging stations on the map and suggest the nearest available connectors.
- Estimate your battery state of charge during AC charging sessions.
- Send transactional notifications — session start / stop, balance alerts, charger status changes, and receipts.
- Respond to your support requests.
- Detect and prevent fraud or abuse.
- Diagnose crashes and improve app stability.
- Comply with legal obligations under Ethiopian law.
We do not sell your personal information, and we do not use your data for behavioural advertising.
3. Third-Party Services
The CORE Charge app is built on the following third-party services. Each receives only the minimum data needed for its function.
| Service | Purpose | Data shared |
|---|
| Chapa |
Payment processing for wallet top-ups |
Amount, transaction reference, your name and phone number |
| Sentry |
Crash and performance monitoring |
Stack traces, device model, OS version, app version, anonymised user ID |
| Google Maps |
Map rendering and station markers |
Approximate location while the map is open |
| Apple Push / Expo Push |
Delivering transactional notifications |
Push token issued by your device's operating system |
| Supabase |
Backend database hosting |
All account, vehicle, session, and wallet data, stored under our direct control |
| Google / Apple / Telegram Sign-In |
Federated authentication, when you choose it |
The provider's authenticated user ID, name, and email |
4. Data Retention
We retain personal information for as long as your account is active and for as long as needed to comply with our legal obligations or resolve disputes:
- Account data — retained while your account is active. You can request deletion at any time (see Section 6).
- Charging session records — retained for at least 7 years to satisfy Ethiopian tax and financial-record requirements.
- Payment receipts and audit logs — retained for at least 7 years for tax and anti-fraud compliance.
- Crash and analytics data — retained by Sentry for 90 days then automatically deleted.
- Support correspondence — retained for up to 2 years after the issue is closed.
5. Data Security
All network traffic between the CORE Charge app and our servers is encrypted with HTTPS / TLS. Database credentials and signing keys are stored only in our hosting provider's secret manager and are never embedded in the mobile app. Payment card and mobile-money PIN data never reach our servers — they are handled exclusively by Chapa, which is licensed and regulated by the National Bank of Ethiopia.
6. Your Rights
Subject to Ethiopian data-protection law and, where applicable, the EU General Data Protection Regulation (GDPR), you have the right to:
- Access — request a copy of the personal information we hold about you.
- Correct — ask us to fix inaccurate or out-of-date information.
- Delete your account — request that we delete your account and personal data, except where we are legally required to keep transaction records. Account deletion can also be initiated from the Profile screen inside the CORE Charge app.
- Object — object to certain uses of your data.
- Withdraw consent — withdraw any consent you have previously given (e.g. location, push notifications) at any time via your device settings.
- Portability — receive your data in a structured, machine-readable format.
To exercise any of these rights, contact us at info@coredevelopment.org. We will respond within 30 days.
7. Children
CORE Charge is not intended for use by children under the age of 18. We do not knowingly collect information from minors. If you believe a minor has registered, contact us and we will delete the account.
8. International Transfers
Some of our service providers (notably Sentry, Google, and Apple) operate servers outside Ethiopia. When data is transferred internationally, we rely on standard contractual clauses or equivalent safeguards offered by the provider to ensure your data remains protected to the standard set out in this policy.
9. Changes to This Policy
We may update this Privacy Policy as our services evolve or as required by law. The "Last updated" date at the top of this page reflects the most recent change. Significant changes will be announced in-app and, where appropriate, by email.
10. Contact