Skip to content
Xevulon Efficiency-focused energy storage

Privacy Policy

How Xevulon handles personal data

This Privacy Policy explains what personal data we collect when you use our website, request an energy storage assessment, or contact us. It also explains our use of cookies, analytics, and your rights. Our services relate to energy storage systems for efficiency optimization, such as evaluating load profiles, supporting system scoping, and answering questions about operating strategies. We aim to be clear and specific so you can make informed choices.

Last Updated: January 15, 2026

1) Data controller (who we are)

For the purposes of the EU General Data Protection Regulation (GDPR) and similar laws, the data controller is:

Legal name: Xevulon Energy Storage Consulting LLC

Registered address: 350 Fifth Avenue, New York, NY 10118, United States

Phone: +1 (212) 736-8000

General contact email: [email protected]

Privacy email: [email protected]

If you have questions about this policy or want to exercise your rights, contact us at [email protected]. We do not provide medical, legal, or financial advice through this website. Our content is informational and relates to energy storage systems and efficiency planning.

2) Personal data we collect

The exact data we collect depends on how you use the site. We aim to collect only what we need to respond to your request, maintain security, and understand website performance.

Data you provide directly

  • Full name (for responding to requests)
  • Email address (for follow-up)
  • Phone number (only if you choose to include it in a message or call us)
  • Message content (such as your project goals or constraints)
  • Site type selection (residential or industrial/commercial)

Data collected automatically

  • IP address and approximate location derived from it (city/region level)
  • Device and browser information (user agent, OS, viewport)
  • Usage and behavioral data (pages visited, clicks, referrers, time on page)
  • Cookies and similar identifiers (see Cookies section)
  • Server logs (timestamp, requested URL, error codes, security events)

We do not ask you to provide sensitive categories of personal data (such as health details, political views, or payment card data) through our public website forms. If you include sensitive information in a free-text message, we will handle it with care, but we recommend you avoid sharing sensitive personal details.

3) How we collect personal data

We collect data through several methods. These methods help us run the site reliably, respond to your requests, and understand what content is useful.

Collection methods

  • Web forms: when you submit a request for information or an assessment (for example, name, email, and site type).
  • Cookies/local storage: to remember your cookie preferences and to support analytics if you consent.
  • Analytics tools: we may use Google Analytics 4 (GA4) to measure website usage, and we may use Meta Pixel for advertising measurement and retargeting, only where permitted and subject to your cookie choices.
  • Server logs: our hosting infrastructure records basic requests to maintain security and performance.
  • Direct communications: when you email us or call us, we process the data you provide to respond.

If we implement GA4 or Meta Pixel on this site, we will do so in a way that respects your cookie preference selection. If you reject analytics or marketing cookies, we will not intentionally place those cookies or run those scripts for tracking purposes. Strictly necessary storage (for example, storing your cookie choice) is used to make the site function as intended.

5) Purposes of processing (why we use data)

We use personal data for the following purposes. Each purpose is tied to how our website and services work in practice.

Service delivery and communication

We use your contact details to reply to questions, schedule follow-ups, and provide requested materials related to energy storage assessments, including scoping discussions around peak shaving, self-consumption optimization, and backup readiness. Communication may be by email or phone depending on how you contacted us.

Customer support

If you contact us with a technical question or a request for clarification, we use message content and basic interaction history to provide continuity. This helps avoid repeated requests for the same information and reduces errors when responding.

Website improvement and analytics

When analytics are enabled by consent, we use aggregated metrics to learn which pages are most helpful, how visitors navigate, and whether content needs clearer structure. This supports performance improvements, accessibility work, and content relevance.

Fraud prevention and security

We use technical logs and signals to reduce spam, detect abusive behavior (such as automated scraping or malicious traffic), and maintain service reliability. This protects both visitors and our infrastructure.

We do not sell personal data. If we ever introduce a new purpose that requires consent, we will request it and explain the change.

6) Data retention (how long we keep data)

We keep personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Retention periods may be adjusted where needed for dispute resolution or security.

Retention schedule

Form submissions and contact requests

Retention: 2 years from the last interaction, unless you request deletion sooner.

Email communications

Retention: 2 years from the last interaction (or longer if needed for legal claims or compliance).

Analytics data (GA4)

Retention: 14 months (typical default setting), subject to configuration and consent.

Server logs

Retention: 30 days, unless a security incident requires longer preservation.

Cookie preference record

Retention: stored in your browser via local storage until you clear it or reset your browser storage for this site.

Marketing audiences (if enabled)

Retention: depends on the platform settings; typically up to 180 days for ad audience windows, subject to your consent and platform controls.

If you request deletion, we will delete or anonymize data unless we need to keep it for legal reasons. Where deletion is not possible (for example, backup systems for limited periods), we will restrict access and delete it at the next reasonable cycle.

7) Data sharing, processors, and “no sale” statement

We may share personal data with service providers that act as processors on our behalf. These providers are permitted to process personal data only for the services they provide to us and under contractual obligations appropriate to data protection requirements.

Categories of processors

  • Hosting and infrastructure providers (to serve the website and store system logs)
  • Email service providers (to send and receive communications)
  • Analytics providers such as Google Analytics 4, if enabled
  • Advertising measurement providers such as Meta, if enabled

What we do not do

We do not sell personal data to third parties. We do not publish personal contact details submitted through forms. We do not run hidden redirects or show different content to crawlers. If we introduce a new tool that materially changes how data is shared, we will update this policy and, where required, request consent.

We may also disclose personal data if required to comply with a legal obligation, enforce our Terms, or protect our rights, property, or safety.

8) International data transfers

Xevulon Energy Storage Consulting LLC is based in the United States. If you access our site from the EEA, UK, or Switzerland, your personal data may be transferred to and processed in the United States or other countries where our service providers operate.

Where required by law, we rely on appropriate safeguards for international transfers, such as the European Commission’s Standard Contractual Clauses (SCCs) for transfers from the EEA, and the UK International Data Transfer Addendum or equivalent mechanisms for transfers from the UK. We also review the security practices of processors and aim to limit transfers to what is necessary.

You can request more information about transfer safeguards by contacting [email protected].

9) Your rights under GDPR

If the GDPR applies to you, you have specific rights regarding your personal data. We will respond to requests within one month where applicable, and we may ask you to verify your identity to protect your data.

Your rights

  • Access: request a copy of your personal data.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request deletion in certain cases.
  • Restriction: ask us to limit processing in certain cases.
  • Portability: receive certain data in a structured, machine-readable format.
  • Object: object to processing based on legitimate interests.
  • Withdraw consent: for consent-based processing, at any time.

How to exercise rights

Email us at [email protected] with your request, the email address you used on the site (if applicable), and a clear description of what you want. For deletion requests, include “Delete my data” in the subject line. You may also send a written request to: 350 Fifth Avenue, New York, NY 10118, United States.

If you want to withdraw cookie consent, you can reject cookies in our banner or clear your browser storage for this site. For email communications, you can ask us to stop contacting you at any time. We will keep a minimal record of your request to help us honor it.

Right to lodge a complaint

If you are in the EEA, you have the right to lodge a complaint with your local supervisory authority. If you are in the United Kingdom, you can complain to the Information Commissioner’s Office (ICO). ICO contact details: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom, and the ICO website provides current guidance and submission options.

10) Cookie policy

Cookies are small text files stored on your device. We also use similar technologies such as local storage. Some are needed for the site to function, and some are optional and used for analytics or marketing. Our cookie banner allows you to Accept or Reject non-essential cookies.

Strictly necessary

These are required for core functionality, such as remembering your cookie choice. Without them, parts of the site may not behave as expected.

Typical duration: until cleared by you.

Examples: local storage preference key used by our banner.

Analytics

If enabled and accepted, analytics cookies help us understand how visitors use pages so we can improve content and navigation. This may include GA4 cookies and similar identifiers.

Typical duration: up to 14 months, depending on configuration.

Legal basis: consent.

Marketing

If enabled and accepted, marketing cookies support advertising measurement and retargeting. They can help platforms understand that someone visited this site and may show relevant ads on other platforms.

Typical duration: up to 180 days, depending on platform settings.

Legal basis: consent.

How to manage cookies

You can manage cookies in two ways: (1) use the cookie banner choices when you first visit, and (2) adjust browser settings to block or delete cookies. If you want to reset your choice, clear site data (cookies and local storage) in your browser settings, then refresh the page to see the banner again.

Blocking certain cookies may affect site functionality. We try to keep essential functionality independent of non-essential cookies whenever possible.

11) Children’s privacy

Our website and services are not directed to children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, contact [email protected] and we will take steps to delete that information.

If we learn that we have collected personal data from a child under 16 without appropriate consent, we will delete it and, where appropriate, restrict further processing.

12) Policy updates

We may update this Privacy Policy to reflect changes in how we operate the site, changes to service providers, or changes in legal requirements. When we make updates, we will revise the “Last Updated” date at the top of this page.

If a change is material, we will provide a more prominent notice on the website, and if required we will seek consent again (for example, if we introduce new marketing cookies or new categories of processing that require consent).

13) Contact details and DPO

To contact us about privacy matters, including access, deletion, or objections, use the details below. We will route requests through our privacy team. We do not currently appoint a formal Data Protection Officer (DPO) because our processing activities do not require one under GDPR for our typical operations. If this changes, we will update this section.

Privacy email

[email protected]

Mailing address

Xevulon Energy Storage Consulting LLC
350 Fifth Avenue
New York, NY 10118
United States

How we handle deletion requests

If you request deletion, we will confirm the scope (for example, contact requests and email correspondence) and then delete or anonymize it. If we must retain specific records for legal compliance, we will explain what we are retaining and why, and we will restrict use to that purpose only.

For quicker handling, include the email address you used and a short description of the pages or forms where you shared it.

For general inquiries about our services, use Contact. This Privacy Policy forms part of how we operate the website alongside our Terms.

Related pages

If you want to understand site usage rules and limitations, read our Terms. If you want to reach us directly about an energy storage assessment, use our contact page.

Read Terms Contact