1 Context and overview
1.1 Introduction
NETconnection Systems needs to gather and use certain information about individuals to carry out its business.
These can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards — and to comply with the law.
When we refer to "NETconnection Systems", "we", "us", and "our", we mean any of those data controllers, as appropriate. By "you" or "your" we mean any individual, partnership or company that receives services from us, uses our website or otherwise interacts with the NETconnection Systems business.
Please read this notice carefully as it provides important information about how we handle your personal information and the steps you can take to control it.
If you have any questions, comments or concerns about any aspect of this notice, please contact us using the details set out in section 13.
1.2 Why this policy exists
This data protection policy ensures NETconnection Systems:
·Complies with data protection law and follow good practice
·Protects the rights of staff, customers and partners
·Is open about how it stores and processes individuals’ data
Protects itself from the risks of a data breach
2 What information do we collect and how do we do it?
We, or third parties on our behalf, collect your personal information when you use our website, communicate with us by phone, letter, email, social media or in person or receive our products and/or services.
·We may collect the following personal information and we refer to this as "personal information" throughout this notice:
·your name;
· gender;
·Site address;
· Delivery address;
·telephone numbers;
·mobile numbers;
·e-mail addresses;
·details of a secondary contact (e.g. name and phone number);
·permissions (e.g. we will record if you have consented to e-mail marketing);
·survey responses;
·if you engage with us through social media, we collect your name and store a link to your relevant social media profile, which we combine with details of your previous correspondence with us;
We need this personal information so we can provide services and/or products to you. If you don’t provide us with that personal information you may not be able to access certain products and/or services.
3 How do we use your personal information?
3.1 Use of personal Information
We, or third parties on our behalf, collect, use and store the personal information collected about you to:
a.Provide, or obtain on your behalf, relevant products and/or services, benefits, and rewards;
b.Respond to any enquiries or issues you have;
c.Identify you;
d.Detect and prevent crime, fraud or loss;
e.Contact you, or authorised third parties, about our services and/or products, such as sending you information when you sign up or change tariffs, service announcements and administrative messages;
f.Train our staff and improve our products and services, which may mean that we monitor and record communications that we have with you including phone conversations, emails, SMSs and web chats;
g.Identify offers and advice tailored to your needs or lifestyle;
h.Ensure the health and safety of you, our staff and contractors;
i.Make personal projections about the amount of energy you are likely to use in a given period;
j.Use information collected from your visit to our website for administrative purposes; for troubleshooting, data analysis, testing, research and statistical and survey purposes; to ensure content is presented in an effective manner; and to enable you to participate in interactive features;
k.Respond to or resolve any enquiries or requests that you may have from social media;
l.Enable internal corporate reporting, business administration, adequate insurance coverage, the security of company facilities, research and development, and to identify and implement business efficiencies;
m.Comply with any procedures, laws and regulations which apply to us – including where we reasonably consider it is in our (or others) legitimate interests to comply; and
n.Establish, exercise or defend our legal rights – including where we reasonably consider it is in our (or others) legitimate interests.
4 How do we use your sensitive personal information?
Common uses of your information. We will only use your personal information when the law allows us to do so. Although in limited circumstances we may use your information because you have specifically consented to it, we generally use your information in the ways set out in this policy because:
·we need to perform a contract we have entered into with you;
·for shipping or attending customer site;
·we need to comply with a legal obligation;
·it is necessary for our legitimate interests (or those of a third party) and your interests and rights do not override those interests;
·we need to protect your interests (or someone else’s interests) or where it is needed in the public interest (although these circumstances are likely to be rare);
5 What information do we receive from third party sources?
As well as any sharing listed above, we may also share your information with third parties, including third-party service providers, distributors and vendors. Third parties are required to respect the security of your personal information and to treat it in accordance with the law. We never sell your data to third parties.
Why might we share your personal information with third parties? We may share your personal information with third parties if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our agreements with you, or to protect the rights, property, or safety of us, our customers, or others or where we have another legitimate interest in doing so. This may include exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Which third-party service providers process your personal information? We also may need to share your personal information for third-party service providers (including contractors and designated agents) so that they can carry out their services.
The following activities are carried out by third-party service providers: legal advice, order fulfilment, delivery, communications.
6 Legal Bases for Processing
We’ve assessed that the legal bases for using your personal information as set out in this notice are as follows:
(a)Contract – our use of your personal information is necessary to perform our obligations under any contract we have with you; or
(b)Legal Obligations – our use of your personal information is necessary for complying with our legal obligations; or
(c)Our Legitimate Interests – to:
(i) Run, grow and develop our business;
(ii) Detect and prevent fraud;
(iii) Enhance the security of our network and information systems;
(iv) Ensure that our own processes, procedures and systems are as efficient as possible;
(v) Better understand how people interact with our website;
(vi) Analyse and enhance the information that we collect;
(vii) Determine the effectiveness of our promotional campaigns and advertising; and
(viii) Enhance, modify, personalise or otherwise improve our services and communications for the benefit of our customers.
If you have concerns about the processing activities based on our legitimate interests, please see section 13.
7 Who do we share your personal information with?
We will share your personal information with the following categories of third parties:
(a)our third party suppliers, partners and sub-contractors that provide, review and/or receive services in relation to our website, services and/or products, which include: payment processors; suppliers of technical, support and installation services; insurers; logistics providers; security providers; cloud services providers; research agencies; broadband and phone line suppliers; and, if you are entitled to claim government funding for energy efficiency measures, installers, energy performance assessors and sales advisers.
(a)regulators or other legally appointed bodies (such as Ofgem) for legal or regulatory purposes, e.g. if requested we may send your information to Ofgem to prove that you qualify for relevant government funded schemes;
(b)companies or partner organisations which provide services in relation to, or use information as part of, market research;
(c)third parties that help us with advertising and marketing.
(d)enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; and
(e)protect the rights, property or safety of NETconnection Systems, our staff, other customers or others.
(f)credit reference agencies
(g)fraud prevention agencies
(h)To help us identify fraud and energy theft, we will give details of your account to fraud prevention agencies who will use the information to check public and other databases they hold and may provide information to us to help identify fraud and energy theft. Checks will be performed on a regular basis whilst you hold an account with us.
8 Automated decision-making
We use automated decision-making in the following ways:
(a) Credit Vetting, we use automated credit scoring assessments to determine the suitability for you to take any product or service on a credit basis. We may consider:
• Data included in your application for a new product or service;
• Data that we already retain on you such as payment history for existing products and services,
• Information from one or more credit reference agency; and/or
• Where appropriate, data from fraud prevention agencies.
(b) You can appeal any automated decision, receive an explanation of the decision or require human review of the decision by contacting us using the details in section 13.
9 Where We Store Your Information
·Our office headquarters are based in the UK and the information we hold about you may are stored in the UK and the EU.
·We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this privacy policy.
·If we transfer data to countries or organisations outside of the UK and the EU which the EU does not consider to have an adequate data protection regime in place, we will ensure that appropriate safeguards (for example, model clauses approved by the EU or a data protection authority) are put in place where required. To obtain more details of these safeguards, please contact us.
10 How long do we hold your personal information?
(a)We keep your personal information for no longer than is necessary of the purposes for which the personal information is processed. The length of time we retain it for depends on the purposes for which we use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
(b)This means that some of your personal information will be kept for a short time e.g. we may keep copies of correspondence and complaints for up to three years following resolution. Other information may be kept for a longer period of time, e.g. we keep details of your address for a period of up to six years after your account has settled (but for a shorter period if that is possible).
11 How will we change this privacy notice?
We may update our privacy notice from time to time. Any changes we make to our privacy notice in the future will be posted on our website and, where appropriate, notified to you by post or email.
12 What choices and rights do you have in relation to your personal information?
12.1Contacting us
You may contact us using the contact details provided in section 13 to request that we:
(a)confirm whether your personal information is being processed;
(b)provide you with further details about how we process your personal information;
(c)provide you with a copy of any personal information which we hold about you;
(d)where we rely on your consent as a legal basis to justify using your personal information, withdraw your consent to that use;
(e)consider any valid objection to the processing of your personal information (including the right to object to processing where we are relying on our legitimate interests as a legal basis for processing);
(f)ask us to update or delete personal data which we hold about you;
(g)restrict the way that we process your personal data;
(h)consider any valid request to transfer your personal data relating to an energy account to a third party provider of services (data portability); and
(i)where we carry out automated decision-making that has legal or similarly significant effects on you, ensure that we manually review that decision, provide an explanation of that decision and/or consider your appeal of that decision.
12.2 We will consider all those requests.
However, certain personal information may be exempt from those requests in certain circumstances, which may include needing to keep processing your personal information for our legitimate interests or to comply with a legal obligation.
12.3 If an exemption applies, we will tell you this when responding to your request.
We may ask you to provide us with information necessary to confirm your identity before responding.
13 How can you contact us?
If you would like to contact us in relation to your rights or if you are unhappy with how we’ve handled your information, please give us a call on
If you would like to contact our Data Protection Officer, you may do so using the following details:
Email: Courtney,green@netconnection.c.uk
Phone:
Postal: Data Protection Officer, Stephenson House, 2 Cherry Orchard Road, Croydon, Surrey, CR0 6BA
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone number:
Website: www.ico.org.uk