SSE Distributed Energy
Last Updated February 2020
We are committed to ensuring your privacy is protected. This privacy notice explains how we use the information we collect about you.
This privacy notice applies to the SSE Enterprise Distributed Energy business which is operated by the following data controllers (all of which are members of the SSE Group): :
SSE Utility Solutions Ltd, No. 06894120
SSE Heat Networks Ltd, No. SC303682
TESGL Ltd (trading as SSE Enterprise Energy Solutions), No. 08462158
Slough Heat & Power Ltd, No. 00174142
Slough Utility Services Ltd, No. 03486590
Forbury Assets Ltd No. 11024024
SSE Enterprise Ltd, No. 10060563
The registered office of SSE Utility Solutions Ltd, Slough Heat & Power Ltd, Slough Utility Services Ltd, Forbury Assets Ltd and SSE Enterprise Ltd is 1 Forbury Place, 43 Forbury Road, Reading, Berkshire RG1 3JH and these companies are subject to the laws of England and Wales.
The registered office of TESGL Limited is Ocean Court, Caspian Road, Atlantic Street, Altrincham WA14 5HH and this company is subject to the laws of England and Wales.
The registered office of SSE Heat Networks Limited is Inveralmond House, 200 Dunkeld Road, Perth PH1 3AQ and this company is subject to the laws of Scotland.
These companies are referred to as “SSE”, “we” or “us” throughout this privacy notice.
We will be the “controller” of the information you provide to us.
1. What information do we collect and how do we do it?
We, or third parties on our behalf, collect your personal data when you use our website, communicate with us by phone, letter, email, social media or in person or when you receive our products and/or services.
We may collect the following personal data and we refer to this as “personal data” throughout this notice:
- Your name;
- Billing address;
- Supply address;
- Telephone number(s);
- E-mail address;
- Date of birth;
- Details of secondary contact (e.g. name and phone number);
- Call recordings;
- Customer ID numbers- when you register an account with us, we create and record a customer ID number for you and record the date you were registered;
- Consumption/ Energy usage (e.g. meter readings, energy consumed, and average power used for Electric vehicle charging)- – If you have a smart meter then this information is automatically sent to us;
- Details of charging sessions for Electric vehicles (e.g. charging station location, type of connector used, date of session, start and end times of charging sessions);
- Financial information;
- Your preferences (e.g. if you would prefer paperless billing);
- Survey responses;
- Whether you are living in social housing;
- Your Meter Point Administration Number (MPAN) to identify your energy supply;
- Your Meter Point Reference Number (MPRN) to identify your gas supply;
- If someone has committed fraud or stolen energy, e.g. by tampering with a meter or diverting the energy supply, we will record that information; and/or
2. What do we do with your personal data?
We, or third-parties on our behalf, collect, use and store the personal data collected about you to:
- Respond to any enquiries or issues you have, including directing you to the correct SSE support team;
- Identify you;
- Contact you, or authorised third parties, about our services- such as sending you information when you sign up or change tariffs, service announcements and administrative messages;
- Communicate with you by telephone, mail, email or other electronic means;
- To enter into legal contracts with you;
- Perform our obligations under any contract for the supply of services we have with you;
- Train our staff and improve our products and services, which may mean that we monitor and record communications that we have with you including phone conversations, emails, SMSs and web chats;
- Allow our engineers to visit you onsite (where required);
- Use data analytics to understand and improve the way we do things as a business;
- Conduct, and contact you in relation to, market research e.g. through customer satisfaction surveys and questionnaires;
- Identify offers and advice tailored to your needs or lifestyle;
- Ensure the health and safety of you, our staff and contractors;
- Make personal projections about the amount of energy you are likely to use in a given period;
- Use data collected from your smart meter to enable us to calculate your bills and to identify and prevent fraud or energy theft;
- Respond to and/or resolve any enquiries or requests that you may make via social media;
- Enable internal corporate reporting, business administration, adequate insurance coverage, the security of company facilities, research and development, and to identify and implement business efficiencies;
- Comply with any procedures, laws and regulations which apply to us – including where we reasonably consider it is in our (or others) legitimate interests to comply;
- Establish, exercise or defend our legal rights – including where we reasonably consider it is in our (or others) legitimate interests;
- Facilitate the credit management process;
- Allow us to process charges in the event of damage to our equipment;
- Provide compensation to customers in certain circumstances; and
- To detect and prevent crime, fraud or loss: including carrying out checks on customers, suppliers and other third parties, which relate to activities such as anti-money laundering, countering terrorist financing and other unlawful acts (for example, illegal trafficking and environmental crime) and anti-bribery and corruption requirements.
3. How do we use your sensitive personal data?
We treat some of the information that we collect about you as being particularly sensitive, such as requirements for your welfare.
With your consent, we’ll collect this information about you (or a member of your household). This information may relate to health, disability or financial circumstances and we will use this information to:
- Ensure your welfare and the welfare of other householders e.g. ensuring we do not stop your supply and can respond appropriately during a major incident or emergency;
- Provide products and/or services to you in the most appropriate way e.g. if you require large print or braille communications;
- Manage staff and third-party contractors; and/or
- Provide you with the most appropriate customer experience where you attend an SSE event.
4. Marketing Communications
Unless you’ve asked us not to, we may contact you in writing, by phone and (where you have consented) via email or SMS with information on products, services and rewards that we, other companies within the Group, and occasionally our carefully selected partners identified at the time we collect your information, offer. We may also use third parties to send marketing communications.
Unless you have asked us not to, we may also use your personal data to show you digital advertisements via your social media newsfeed, on search engine results pages, or on other websites.
Unless you have asked us not to, we may profile your data to provide you with marketing and offers that are relevant to you. If you opt out of profiling, we will still run analysis that includes your data, but any decisions or marketing output that result from that analysis will not be used to market to you. You will be sent generic marketing that may not be relevant to you.
To opt out of receiving marketing messages, or to object to our use of profiling for direct marketing purposes, contact us at any time using the details in section (11).
5. Legal bases for processing, including legitimate interests
In order to process and use your personal data lawfully, we rely on the following legal bases:
- Contract – for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
- Legal Obligation – to comply with our legal obligations;
- Legitimate Interest – ensuring effective operational management and internal administration, document retention/storage, compliance with regulatory guidance, exercise or defence of legal claims, service improvement and communicating with you; and/or
- Consent – where we market to you via email or SMS, or where we process special categories of data e.g. vulnerability information. If we rely on your consent in these ways, but you later change your mind, you may withdraw your consent by contacting us using the details in section 11 and we will stop doing so.
6. Who do we share your personal data with?
We may share your personal information with the following categories of third parties:
- Our third-party suppliers, partners and sub-contractors that provide, review and/or receive services in relation to our website, services and/or products. Our third-party suppliers include: payment processors; suppliers of technical support and installation services; cloud services providers and research agencies;
- Where appropriate, family members or cohabitants, previous tenants, landlords, letting agents or other third parties who require the information;
- Government or law enforcement officials– If we’re under a duty to disclose your information in order to comply with any legal obligation then we may disclose your personal data to meet national security or law enforcement requirements or to prevent illegal activity;
- Metering agents;
- Debt collection and tracing agents if we provide you with a service and you fail to make payments;
- Authorised third parties or named account holders on any account you hold with us;
- If we sell, merge, or perform any internal re-organisations in relation to any of our (or any third party’s) business or assets, the personal information will be one of the transferred assets to the relevant buyer and/or new data controller of such business or assets; and/or
- Other SSE group companies.
7. How long do we hold it for?
We will keep your information only for as long as is necessary depending on the purpose for which it was provided.
When determining the relevant retention periods, we will take into account factors including:
- our contractual obligations and rights in relation to the information involved;
- legal obligation(s) under applicable law to retain data for a certain period of time;
- (potential) disputes; and
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
8. Your rights
You have the following rights regarding your information:
Right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. Therefore, we are providing you with the information in this privacy notice.
Right of access
You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this privacy notice). This is so you are aware and can check that we are using your personal data in accordance with data protection law(s).
Right to rectification
You are entitled to have your personal data corrected if it is inaccurate or incomplete.
Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep it. This is not an absolute right to erasure; there are exceptions.
Right to restrict processing
You have the right to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further.
Right to data portability
You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
Right to object to processing
You have the right to object to your personal data being processed in certain circumstances. This includes where we are relying on legitimate interest and for direct marketing purposes (including profiling).
Right to withdrawn consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for direct marketing.
9. International data transfers – How is your personal data transferred outside of the European Economic Area (EEA)?
We, or a third party who we share personal data with, may transfer, host, store and/or handle your personal information outside of the EEA. For example, where we and/or our service providers (including servers) are based outside of the EEA.
The EEA consists of countries in the European Union, Iceland, Liechtenstein and Norway and are all considered to have equivalent laws in data protection and privacy.
We will only permit this to happen if adequate safeguards have been put in place to protect your personal data. This means that we will:
- ensure that the country in which your personal data will be handled has been deemed “adequate” by the European Commission under Article 45 of the General Data Protection Regulation (GDPR); or
- include standard data protection clauses approved by the European Commission for transferring personal data outside the EEA into our contracts with those third parties (these are the clauses approved under Article 46.2 of the GDPR); or
- (in the case of transfers from the EEA to the USA), ensure that the recipient of the personal data has certified with the US-EU Privacy Shield Framework, as permitted by Article 46.2 of the GDPR.
10. Changes to this notice
We may update our privacy notice from time to time. Any changes we make to our privacy notice in the future will be posted on the SSE website and, where appropriate, notified to you by post or email.
For more information on your rights or if you would like to exercise any of your rights, you are welcome to contact us at the contact details set out below under “Contacting us”.
11. Contacting Us
If you would like to contact us in relation to your rights or if you are unhappy with how we have handled your information, you may do so using the following details:
Address: Enterprise Data Protection, c/o Enterprise Assurance, Inveralmond House, 200 Dunkeld Road, Perth PH1 3GH
If you would like to contact our Data Protection Officer, you may do so using the following details:
Address: Data Protection Officer, No. 1 Forbury Place, 43 Forbury Road, Reading, RG1 3JH
12. ICO Complaints
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:
Telephone Number: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF