Last Updated: 29th March 2021
Who are we?
In this policy references to Energy Auditing Agency Limited, or TEAM, or “we” or “us” are to Energy Auditing Agency Limited which is a registered company in England, No. 01916768 at 3 Radian Court, Knowlhill, Milton Keynes, MK5 8PJ. In the context of this policy, TEAM is what is known as the “controller” of the personal data you provide to us.
Our data protection and privacy measures are governed by the (i) the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 2018 (“Data Protection Legislation”). Find out more at https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted
This refers to a wide range of information with which a specific individual might be identified, for example their name, mobile number or email address.
Legitimate interest is one of the six lawful bases for processing personal data. Under Recital 47 of the GDPR, we must have a lawful basis in order to process personal data in line with the ‘lawfulness, fairness and transparency’ principle.
We take our duty to process your personal data very seriously and believe very strongly in our customers’ right to privacy and adherence to legal and ethical standards. We are continually striving to provide an excellent service to you, our customers, business partners and employees, to ensure long lasting relationships. This policy explains how we collect, manage, use and protect your personal data.
Any information that you provide to us in the course of interacting with our business is held in strict confidence.
The personal data we collect depends on what we use it for, but we will only collect personal data that we actually need in relation to the work and services that we provide. As TEAM operates in the business to business market, the majority of the information collected is related to individuals in their professional capacity rather than their personal capacity.
For our Customers and Business Partners, the only personal details we collect are: name, email address, telephone numbers, job title and postal addresses. These details all relate back to the organisation the individual is working for, never to the individual person themselves outside their place of work.
We also collect other, non-personal information about your business and preferences which includes, but may not be limited to:
We do not collect any sensitive data and we ask that you do not send us, and you do not share any sensitive personal information (i.e. information related to racial or ethnic origin, political opinions, religion or other beliefs, health or criminal background etc.).
For our Employees we also collect information such as home addresses, next of kin, bank details and health information which enables us to carry out our duties as a responsible employer. We also operate CCTV for the purpose of maintaining premises security and for this purpose digital data is stored concerning entry and exit from our premises.
The information is either needed to fulfil your request or to enable us to provide you with a more personalised, targeted and helpful service. You don’t have to disclose any information to browse our sites and you can manage your privacy settings within your browser or our applications at any time. However, if you choose to withhold requested information, we may not be able to provide you with certain services.
The following list highlights how we use the information we collect from you:
Obtaining the data
To the extent permissible under applicable law, we collect your personal information in a number of ways:
We combine the information from these sources with the information you provide to us directly. Where you ask us to provide a specific service, you may be asked to give consent to your data being collected. This may be verbally, online or by signed consent form.
We process data under the grounds of Legitimate Interest under Recital 47 of the GDPR. Broadly speaking Legitimate Interests means we can process your personal information if:
TEAM provides software and services to enable businesses to effectively manage their energy estate, meet compliance and regulatory obligations, disseminate relevant industry news and insight and maximise energy cost recovery opportunities. We have a legitimate interest in being able to use personal data such as name and contact details to support our existing customers and to market our products and services to existing and prospective business customers in order to grow our business.
When we process your personal information for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law. Our legitimate business interests do not automatically override your interests – you can change the way you hear from us or withdraw your permission for us to process your personal details at any time, please see Opt-out Policy and Procedure below.
We take appropriate measures to ensure that the personal information disclosed to us is kept secure, accurate, and up to date.
Any information submitted through the TEAM web site will not be shared with any third party without your prior consent, unless required by law. We may disclose your personal information if required to do so by law or to protect and defend the rights or property of TEAM. We will also maintain confidentiality of customer information when undertaking projects with other companies.
We are committed to protecting the security of your personal information and safeguarding information from unauthorised access. We will keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage. However, the nature of communication via the internet restricts us from offering any guarantee to the privacy or confidentiality of information relating to the personal information passing over the internet. In gaining access via the internet, you acknowledge and accept that electronic communication may not be free from interference by unauthorised persons and may not remain confidential. You therefore accept that access is at your own risk.
You will always have the opportunity to opt out of our communications. We provide users with full control to manage the communications they receive from us. You can update your preferences or unsubscribe from the various communication offerings at any time, by clicking the “unsubscribe” or “update preferences” links contained within the communications or by contacting us directly.
Please note, some non-marketing communications are not subject to general opt-out, such as communications related to business transactions, software updates and other support related information, patches and fixes, quality assurance surveys, conferences or events for which you have registered, and disclosures to comply with legal requirements.
If you are based within the European Economic Area (EAA) or within another jurisdiction having similar data protection laws, in certain circumstances you have the following rights.
You have the right to request from us confirmation of whether we are processing your personal data, and if so, access to that information. If any of the data we hold is inaccurate, you have the right to inform us that it should be updated. We will always accommodate such requests and update the information in a timely manner. Please contact us using the details provided below.
Before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us identify you and respond to your request.
You have the right to request the removal/restriction of your personally identifying data. This will include your specific contact information – name, email address, telephone numbers and postal address. In considering our response we undertake to ensure your interests, fundamental rights and freedoms are properly balanced against our legitimate interests, so we may retain other information that cannot specifically be used to identify you and are required to do this for contractual and compliance reasons. Please contact us using the details provided.
We will honour customers’ requests to remove personal details in a timely manner (within one month of request).
You have the right to update your preferences and refine what information you can receive from us, and control whether we can use your data.
Personal data is stored for varying lengths of time depending on the nature and purpose for which it was collected. We store personal data in line with any applicable statutory minimum periods, and then review it periodically to ensure it is still necessary to be retained for the purpose for which it was collected.
Our cookies may be session cookies (temporary cookies that identify and track users within the websites, applications or services which are deleted when you close your browser or leave your session in the application or service) or persistent cookies (cookies which enable our websites, applications or services to “remember” who you are and to remember your preferences within our websites, applications or services and which will stay on your computer or device after you close your browser or leave your session in the application or service).
Of these cookies, they may be categorised as follows:
Before being able to browse our websites, you will be prompted to set your preferences as we need your permission for anything other than the strictly necessary cookies. The consent message will itemise each of the cookies used by the website and categorise them as per the above. You will then be able to opt-in or opt-out of each category as per your wishes. The message will provide the details of each cookie, including name, provider, purpose, expiry and type.
These preferences will be remembered for 12 months at which point you will be prompted again to re-confirm when entering the site.
You can see the cookies by this site and update your cookie preferences at any time by clicking here.
For more information about cookies and instructions on how to adjust your browser settings to accept, delete or reject cookies more widely, please visit https://www.allaboutcookies.org/verify.
If you follow a link from our website, application or service to another site or service, this notice will no longer apply. We are not responsible for the information handling policies of third-party sites or services and we encourage you to read the privacy notices appearing on those sites or services.
For further information, questions, specific requests or complaints relating to this statement please contact Simon Miles who is responsible for Data Protection at TEAM:
All enquiries will be formally managed and tracked.