ENSEK's Privacy Policy

Version 1.2

Last updated: 26th May 2021

PART 1 - Privacy Policy Introduction

ENSEK is committed to achieving and maintaining industry leading standards in relation to the privacy of personal data.

In order to maintain this ENSEK is transparent about how it collects and uses any personal data which, in turn, ensures its data protection obligations are met.

This policy provides all of the relevant information that is needed to understand ENSEK’s approach to data and privacy protection. This includes who ENSEK are, what personal data are collected, how and why they are collected, how they are kept secure and for how long they are held. In addition, it sets out the rights of the data subject relating to the data held by ENSEK.

PART 2 – ENSEK's Privacy Notice

1. Who are ENSEK and how can you contact us?

ENSEK is a leading business providing Software as a Service (SaaS) products to the energy industry including CRM, managed services (covering metering, billing and exception management), industry market messaging and reporting (financial and management).

ENSEK is present in a number of locations around the globe with the head office in Nottingham, England. Contact details can be found on the ‘Contact Us’ page of our website, www.ensek.com or you can contact our data protection officer at dataprotection@ensek.co.uk.

ENSEK is the data controller of any personal data that is provided to ENSEK through its website. ENSEK determines the way that data are processed in line with the requirements of the data privacy legislation and regulations applicable to the region it operates within.

2. What personal data does ENSEK collect and process about you?

ENSEK collects and processes the following information;

1. Name and contact information

2. financial

3. transactional

4. contractual

5. location

6. metering information

7. consumption and usage information.

3. How does ENSEK collect personal data from you?

ENSEK collects the information either directly from the data subject (you) where you are using the website or where there is a contract for services once you become a client of ENSEK. This may include where there is a third-party acting on behalf of the data subject.

3.1 The ENSEK Website

When you use the ENSEK website certain information is collected automatically which includes cookies. This can show ENSEK how you are using the website, which pages and features you have accessed and your location country but no other detail. This only applies to website users who have specifically provided their contact information to ENSEK. If you are a ‘casual browser’, cookie data is aggregated to show overall web traffic but does not relate to or distinguish the individual.

By using the ENSEK website you consent to the use of essential cookies and the collection and processing of the information that you provide.

3.2 The ENSEK Offices

When you visit the ENSEK offices certain information is collected via the CCTV system present at our locations. This information is held in line with the ENSEK Data Retention Policy. By attending our offices you are consenting to this information being captured.

Why does ENSEK collect and process personal data from you?

The lawful basis on which ENSEK collects and processes your personal data is covered by at least one of the following;

1. Performance of a contract

2. Compliance with legal obligations

3. Consent

4. Legitimate interest

CCTV information is gathered and held for security purposes.

4. How does ENSEK keep your personal data secure?

ENSEK employs various methods to ensure the security of your personal data with the appropriate ‘technical and organisational measures’.

ENSEK is certificated to ISO 27001 which is an International Standard for Information Security. Certification requires a full suite of policies to be maintained within our Information Security and Privacy Management System. In addition to the policies ENSEK applies a comprehensive set of measures and controls to ensure that personal data are secure. These include (but are not limited to) staff training, internal working groups, continuous monitoring and improvement, relevant background checks (where needed), physical security measures at ENSEK office locations, data segregation within our systems and network access controls.

5. How long does ENSEK keep your personal data for?

ENSEK will only keep your data for as long as it is required in line with the requirements of the UK GDPR, EU GDPR and the Data Protection Act 2018 or the applicable legislation or regulation depending on the location. The Limitation Act 1980 determines a number of statutory retention periods that are applicable to contractual relationships otherwise it is be governed by the ENSEK Data Retention Policy.

5.1 If you are a client of ENSEK

As a client of ENSEK, your contact details will be retained during your contract period and for a period thereafter in line with the ENSEK Data Retention Policy.

5.2 If you are a prospective client of ENSEK or submitting a web enquiry

For all prospective clients of ENSEK, where you have provided your contact details or for previous clients with an expired contract, your contact details will be retained for a further 18 months from the last date that ENSEK received contact from you.

6. Your rights in relation to your personal data

Under the UK GDPR, EU GDPR and the Data Protection Act 2018 everyone has the following rights, please note however that not all of these are an absolute right and may depend on certain factors such as the basis and purpose for processing the data.

1. The right to be informed

2. The right of access

3. The right to rectification

4. The right to erasure (this is also referred to as the right to be forgotten)

5. The right to restrict processing

6. The right to data portability

7. The right to object

8. The right not to be subject to automated decision-making

In order to fulfil any request in line with the above rights it may be necessary for ENSEK to request further information in order to verify the identity of the requestor.

7. What if you want to make a complaint?

If you have any concerns about our use of your personal information you can make a complaint to us at dataprotection@ensek.co.uk.

You have the right to complain to the ICO for any matters involving how your data may have been processed by ENSEK, the contact details are below.

ICO address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Contact:

Helpline number: 0303 123 1113

CO website: www.ico.org.uk

******END OF PRIVACY POLICY*******