We appreciate the trust you place in us when engaging and working with us. Whether you are an existing or prospective energy supplier or customer, the security of your personal data is very important to us. The information contained in this policy is communicated and issued by:
- Zenergi Limited (including the brand, ParentPower);
- Briar Holdings Limited / Briar Consulting Engineers Ltd (referred to as Briar);
- Power Direct Limited;
- Apollo Energy Limited; and/or
- Energy Management Ltd,
(together “the Zenergi Group” and “we”, “us”, “our”).
It is important to read this policy so you are aware of how and why we are using your data. If you do not agree to the following policy, you may wish to cease viewing our websites.
Who we are
As the Zenergi Group is made up of six distinct corporate entities, the identity of the data controller for your personal data will vary depending on your relationship with us. If you are a general visitor to one of our websites, for the purpose of applicable data protection laws the data controller of your personal data (in other words, the organisation that determines how your personal data is used) will be the entity as set out in the table below.
If you contact one of the Zenergi Group companies directly, that Zenergi Group company will be the data controller for the personal data that you provide during that correspondence and in any action taken by the Zenergi Group company (such as dealing with your request) as a result.
|Data controller||Company number||Website data controller is responsible for|
|Briar Holdings Limited / Briar Consulting Engineers Ltd (referred to as Briar)||10643175 / 10673969||https://briar.zenergi.co.uk/|
|Power Direct Limited||04890095||https://www.powerdirectltd.com/|
|Apollo Energy Limited||04077721||https://www.apolloenergy.co.uk/|
|Energy Management Ltd||12949882||https://www.energymanagementltd.com/|
Collection of personal data
Zenergi Group may collect personal data about you. This includes the following:
- Full name.
- Job title, who you work for and business activities.
- Phone number(s).
- Personal email address and/or professional email address(s).
- Technical information, including the Internet protocol (IP) address used to connect your device to the Internet, browser type and version, browser location, browser plug-in types and versions, time zone setting, device types (including device ID), the date and time of consent and platform, network service provider. Your IP address is processed by Google Analytics and automatically reported in an anonymised form. We may also process information about your visit to our websites, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed, searched for or purchased, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse the website.
- Lifestyle information and your personal interests.
- Email exchanges.
- Your social media handle/user name details if you engage with us on social media.
- Any feedback that you give us.
- Any other information that you choose to give to us via our website or to our customer services team.
What if you fail to provide personal information?
Please make sure you provide us with certain information when requested as if you don’t we may not be able to perform the contract we have entered into with you (such as, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Change of purpose
How we share your personal information and where it may be processed
Third party suppliers and service providers which process your personal information
Like most businesses, we may provide your personal information to third parties for processing as part of the services that those third parties carry out on our behalf as part of the day to day operations of our business. These trusted suppliers will process your personal information on our behalf and provide us with services such as the provision of certain HR-related functions, the provision of IT services, third party software providers, the hosting of your personal information and our accountants and professional advisers.
We will always make sure that these trusted suppliers meet agreed standards for the protection of your personal information and that they will only ever be allowed to use your personal information in order to provide us with services (and not for their own purposes). We require all third parties to take appropriate technical and organisational security measures to protect your personal information and to treat it subject to a duty of confidentiality and in accordance with applicable data protection law.
Sharing your personal information with other entities in our group
We may share your personal information within the entities that form part of the Zenergi as part of the administration of our business. For example, we may share personal information as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support and hosting of data.
Other scenarios in which we might share your personal information
We may also share your personal information:
- with government authorities or professional bodies, such as HM Revenue & Customs in the United Kingdom (for tax purposes);
- with our professional advisors including tax, legal or other corporate advisors who provide professional services to us;
- with regulators, law enforcement or fraud prevention agencies, as well as our legal advisers, courts, the police and any other authorised law enforcement bodies, for the purposes of investigating any actual or suspected criminal activity or other regulatory or legal matters etc.;
- in the event that we consider selling or buying any business or assets we will disclose your personal information to any prospective sellers or buyers of such business or assets;
- in the event of any insolvency situation (e.g. administration or liquidation);
- if we, or substantially all of our assets, are acquired by a third party, in which case your personal information will be one of the transferred assets;
- to protect the rights, property or safety of our employees, workers, contractors, clients, or others. This includes exchanging your personal information with other companies and organisations (including without limitation the local police or other local law enforcement agencies) for the purposes of our employee, worker, contractor and client safety, crime prevention, fraud protection and credit risk reduction; or
- if we are under a duty to disclose or share your personal information in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.
How long do we keep your personal information?
We will only retain your personal information for as long as is necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, tax, health and safety, reporting or accounting requirements. This means your personal data will be erased from our systems when we no longer need it.
Personal information which is no longer to be retained will be securely and effectively destroyed or permanently erased from our IT systems and we will also require third parties to destroy or erase such personal information where applicable.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you. In this case, we may retain such information for a longer period without further notice to you.
Processing your personal information in other territories
Given the international location of some of our clients and suppliers, your personal information may be transferred in and out of the UK and the European Economic Area (“EEA”) where local laws may not provide legal protection for personal data in the same way as is applicable in the UK or the EEA. Where your personal information is processed outside of the UK and EEA, we will ensure that we take the necessary steps to protect your personal information as required by data protection laws.
Our websites may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect and/or share data about you.
Storage of personal data
Zenergi Group is a UK-domiciled organisation whose offices are in the UK. All websites and web applications are hosted in the UK and are accessed only by our UK-based staff.
Zenergi Group use a variety of in-house and third-party processors as storage systems for personal data. We ensure that our in-house solutions have sufficient information security protection. When using third-party processors, we will ensure that we take appropriate steps to protect your personal information as set out in section 8.2 of this policy above.
Cloud service providers are used as part of our processing environment. Unless we specifically state otherwise, all cloud service providers we use have UK processing facilities.
In circumstances where our storage systems are not based in the UK, we will ensure that we take the necessary steps to protect your personal information as required by data protection laws.
We have taken appropriate security controls to protect your personal data from unauthorised access, use or disclosure. In addition, we limit access to your personal information to those employees, workers, agents, contractors and other third parties who have a business need to know in order to perform their job duties and responsibilities. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes so that our records can be updated. We cannot be held responsible for any errors in your personal information in this regard unless you have notified us of the relevant change.
Under applicable data protection laws, you have several rights as a data subject. These include:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- The right not to be subject to automated decision-making including profiling.
For more information on your rights as a data subject, please refer to the ICO’s guidance on individual rights.
Should you wish to exercise any of your rights as a data subject, including exercising your right to access a copy of the information we hold on you, contact our person responsible for data protection compliance at firstname.lastname@example.org.
If you are unhappy about how we are using your information then initially you should contact our person responsible for data protection compliance at email@example.com. If your complaint remains unresolved you have the right to make a complaint at any time to the Information Commissioners Office, the UK supervisory authority for data protection issues.
The Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF, or call: 0303 123 1113 or online at https://ico.org.uk/make-a-complaint/.