In compliance with the General Data Protection Regulations, effective as of 25th May 2018 this Privacy Notice, with our Terms and Conditions, sets out how Enpaas Limited stores, retains and uses personal information or data about our prospective, current and past customers, suppliers and partners.
It is important that you read this Notice so that you are aware of how and why we are using such information and how we will treat it.
Enpaas Limited provides energy and related services to business customers. The collection of personal data is limited to personal information of individuals representing the commercial entity contracting to our energy provision. This information is collected and stored to enable us to manage our commercial relationship with you.
This Notice also covers personal information relating to our prospective, current and past customers who are consumers, sole traders, non-limited partnerships and corporate contacts at limited companies. It also covers the information relating to individual contacts at our partner companies (energy brokers).
It does not apply to information which you provide to us or which we collect about limited companies.
Any changes we may make to this Notice will be updated on our website and, where appropriate, notified to you in writing.
We are the data controller of your personal information which you provide to us or which is collected by us from you or third parties, such as your broker, if you have one. This means that we are responsible for deciding how we hold and use personal information about you and that we are required to notify you of the information contained in this Notice.
The information which you provide to us may include information about other individuals who are associated with the management of your business, the administration of your account with us or, if you are a limited company, corporate contacts within your business. If you provide us with information about such individuals, it is important that you provide them with a copy of this Notice prior to providing us with the information and that you provide them with any updated Notices we provide from time to time.
What data we hold?
This depends on the reason we obtain your data.
To provide a quote
As a customer
All the above plus:
As a partner
As a supplier
As an employee
How data is stored?
All data is stored in a secure, password-protected and encrypted bespoke database. This is accessible by our designated data processors only for the purposes stated below.
What we use your data for?
Your data is used only to pursue our legitimate business interests, provided that your legal rights do not override those interests. Your data will never be shared with any other company or individual, with the exception of requests for information from legal entities and registered Credit Reference Agencies (CRAs), including the energy regulator. We will notify you of any provision of data to these organisations.
That means we will only request as much information from you as we need to carry out the activity you have requested or to enable us to carry out commercial transactions. This includes any communications with your energy broker (our trusted partner) on your behalf.
We may record and monitor communications with you by telephone as part of our quality assurance strategy. These also provide us with valuable information for staff training, improving our customer service, verification of information provided during the call, fraud detection, compliance with our regulatory requirements and, if you are a customer, administering your account.
While you have an account with us, we may carry out ongoing credit checks for the purposes making decisions about your customer account and to prevent fraud.
When a credit check is carried out on you, your credit records will be searched, along with any financially associated individuals such as your spouse or partner. CRAs will keep a record of this search on your credit file.
To prevention, detect or investigate energy theft, all UK energy suppliers are required by law to provide information about their customers and the results of theft investigations to a central database, managed by a fraud prevention agency on behalf of the energy industry. This is known as the Theft Risk Assessment Service (TRAS).
Other use of your data
We will not use automated decision making with your personal data.
Outside the UK and/or EU
Your personal data may be processed by our employees in other countries and regions, but it will be subject at all times to the terms of this Privacy Notice.
How long your data is retained for?
Your personal data will be kept for as long as necessary to fulfil the purpose for which it was obtained as outlined above or as required by current legislation.
e.g. Information about our customers (including contact, identity, financial and transactional data) must be kept for seven years after they cease being customers for tax purposes.
You can ask us to delete your personal information at any time – providing you no longer require the services for which it is required and not in contravention of the law.
We may anonymise personal data for research or statistical purpose. In this case there will be no means of identifying you from this information and this data may be used on an ongoing basis, without giving you any further notice.
Data protection laws provide you, as an individual, the right to
No fee is required to claim any of these rights. However, we may charge a reasonable fee or refuse to comply if your request for access is considered to be unfounded or excessive.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO). Their contact details are:
Telephone: 0303 123 1113
Post: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF at.
However, please contact us in the first instance if you have any issue that you wish to discuss.
CHANGES TO OUR PRIVACY NOTICE
Any changes we make to our Notice in the future will be posted on our website and, where appropriate, notified to you in writing.