Privacy Policy

Licence

We, Heatio Limited, a company registered in England and Wales with company number 14044906 and its registered office at Edward Pavilion, Royal Albert Dock, Liverpool L3 9NG, licence you to use the website energy.heatio.com and any services you connect to via the website and the content we provide to you through it (Service), as permitted in these terms.

This policy (together with our website terms of use, user agreement and any other documents referred to in them) :

• sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
• explains how and why we collect and use your personal data;
• explains how long we keep your personal data for;
• explains when, why and with who we will share your personal data;
• explains the effect of refusing to provide the personal data requested;
• explains where we store your personal data and whether we transfer your data outside of the UK;
• explains the different rights and choices you have when it comes to your personal data; and
• explains how you can contact us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.  By signing up to use our app, website or service (our service) you are accepting and consenting to the practices described in this policy.

For the purpose of the EU GDPR, the version of the General Data Protection Regulation as implemented by the United Kingdom (UK GDPR) and the Data Protection Act 2018 (Act), we act as a controller in relation to your personal data.

Information we may hold about you

We may collect and process the following data about you:

Registration Information: .   This includes information you provide when you register to use our service, participate in discussion boards or other social media functions on our service, or when you contribute to our energy top tips.  It may include your name, address, email address and phone number, user name, personal description, photograph, smart energy meter data; property information, energy provider data and any other information you provide.

Marketing Preferences: You may give us information about you by filling in forms on our service, completing questionnaires about your property, or by corresponding with us by phone, email or otherwise.  This includes your preferences in receiving marketing from us and any third parties connected with us. You or other users may provide us with information about you when you or they share a referral code with you Identity Data. It may include your name, address, email address and phone number, user name, property description or similar identifier.

Financial Data.  Financial and credit card information,

Transaction Data: Includes details about any transactions made by you.

With regard to each of your visits to our service, we may automatically collect the following information:

Technical Information, which includes the following:

•  Internet protocol (IP) address used to connect your computer or mobile phone to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• location data to determine your current location; some of our location-enabled services require your personal data for the feature to work;
• information about your visit;
• information in relation to your energy usage through your smart meter.

Support and how to tell us about problems

If you think the the Services are faulty or misdescribed or wish to contact us for any other reason please email our customer service team at home.energy@heatio.com

How do we use your data?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data where it is necessary in order for us to perform our contract with you, or necessary for our legitimate interests (or those of a third party), and your interests, rights and freedoms do not override those interests, or where we need to comply with a legal or regulatory obligation.

We will use your data in the following ways, on the legal basis that it is necessary for us to perform our contract with you and for our legitimate interests (or those of a third party), and that your interests, rights and freedoms do not override those interests:

• we will provide you with access to our service and the ability to register as a new service user, including granting you access, allowing you to access all of the services we agree to provide to you;
• we will carry out any other obligations arising from the contract entered into between you and us, including providing you with customer support;
• to enable you to participate in the winter cashback programme or complete a survey;
• we will use your smart energy meter data to regularly update the page which shows data usage on our service
• we will administer and protect our business and our service, including troubleshooting, data analysis and system testing;
• we will use your personal data to regularly update and rectify any personal data we hold in relation to you and to notify you of any changes to our service or any other services.
  
  

  Purpose/activity	Type of data	Lawful basis for processing
  To register you as a new user	Identity   Registration Financial Device	Your consent
  To provide you with services	Identity   Registration Transaction Financial Device	Your consent   Necessary for our legitimate interests (to provide services to you in an appropriate manner)
  To manage our relationship with you, including notifying you of changes to the website or any services	Identity   Registration Financial Marketing and Communication	Your consent   Performance of a contract with you Necessary for our legitimate interests (to keep records updated and to analyse how customers use our products/ services) Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)
  To administer and protect our business and this website, including troubleshooting, data analysis and system testing	Registration   Identity Contact Device	Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)

  Disclosure of Your Information

  We may share your personal information with any member of our company, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

  We may share your information with selected external third parties, including:

  • hosting providers, and other third-party providers that we use for the purposes of carrying out our obligations and exercising our rights;
  • third parties who provide us with your SmartMeter data (provided you have asked us to obtain such SmartMeter data from them), in particular, we may need to provide them with sufficient information to allow them to verify your identity and the fact that we are authorised to access your SmartMeter data;
  • if you are part of the the E.ON's optimised Energy as a Service Project, your contact details (name, home address, contact details) will be shared with the Department of Energy Security Net Zero so the Department (and/or an external research organisation contracted by the Department), can contact and invite you to participate in the research and evaluation activity carried out on the GHFA, a task carried out in the public interest. Please refer to sections 6.2 and 12.5 of the GHFA Pilot Phase Competition Guidance Notes.  For more information about the The Department for Energy Security and Net Zero’s Privacy Notice, click here
  All personal data processed will be transferred to, and processed in the UK.  

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In particular:

• we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know;
• all personal data is stored on secure servers;
  
  • we comply with any third party protocols relating to the supply and sharing of energy usage and SmartMeter data.

  We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Unfortunately, the transmission of information via the internet is not completely secure.  Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our service, and any transmission is at your own risk.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

  Where we have given you (or where you have chosen) a password which enables you to access certain parts of our service, you are responsible for keeping this password confidential.  We ask you not to share a password with anyone.

  Retention of Your Information

  We retain your personal data for as long as necessary to fulfil the purposes we collected it for. In determining the appropriate retention periods, we take into account the following criteria:

  • our legal and regulatory obligations,
  • any relevant industry standards or codes,
  • the nature and sensitivity of the personal data and
  • the potential risk of harm from any unauthorised or unlawful processing, accidental loss, destruction of or damage to the personal data.

  In some circumstances, we will anonymise your data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

  If you do not use your account for a period of [2] years then we will treat the account as expired and your data will be archived and may be deleted.

  Your Rights

  You have the right to ask us for any of the belwo by contacting us at felxx.support'heatio.com

• request and obtain access to your personal data;
• rectification or erasure of your personal data,
• request restriction of processing of your data;
  
  You can withdaw your consent at any time from upu account page (where we are relying on consent to process your data). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

   

  We reserve the right to request that you provide evidence of your identification if you ask us to carry out any steps in relation to your personal data.

• Complaints

  You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues.

   

  Changes to Our Privacy Policy

  Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.  Please check back frequently to see any updates or changes to our privacy policy.

  Contact

  Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to home.energy@heatio.com