Our commitment to you
At Switch2, we understand that our customers expect their personal data to be handled in a careful, considerate, and legally compliant manner.
Switch2 is committed to ensuring that your personal information is held fairly, lawfully and securely in accordance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018. This policy describes how and why we collect personal information about you, what we do with the information, how long we hold it and what rights you have.
What is personal data?
‘Personal data’ means any information relating to a living individual (data subject) who can be identified, directly or indirectly by the information.
What information do we collect about you?
We collect and process personal data about you to enable us to deliver our services to you as a Switch2 customer. Our services to you as a customer may include any of the following:
- Providing metering and billing services relating to your heating and hot water
- Providing maintenance and response engineering activity on the heating and hot water infrastructure in your property
- Upgrade works on behalf of the building owner of the heating and hot water infrastructure in your property
The categories of personal data we collect and process to enable us to fulfil any of the above services include:
- Your full name
- Your gender
- Your billing address
- Your supply address
- Contact telephone numbers
- Contact email address
- Bank account details
When processing the above listed information, Switch2 rely on the lawful basis of legitimate interests in justifying the processing of this data. Specifically, we have a legitimate interest to process this data to allow us to provide the contracted service to you as the customer.
Special category personal data
Special category personal data is data that needs more protection due to its sensitive nature. If you are a property resident and need special help or consideration, we may process information about your health or social circumstances to enable us to delivered tailored services for your needs.
When processing the above listed information, Switch2 rely on the lawful basis of legitimate interests in justifying the processing of this data. In addition, we will only process this data if you provide your explicit consent for us to do as per Article 9 GDPR.
How we get your personal data and why we have it
On district and community heat networks Switch2 will have any one of a number of roles. These roles are important to understanding our legal compliance requirements as either a Data Controller or Data Processor under UK GDPR.
Switch2 may have full control of the heat network, providing all related services to you as the customer. In this scenario Switch2 are the Data Controller and will typically receive your personal data from the previous heat network operator or the developer on new sites.
Switch2 may act on behalf of another organisation to deliver a range of services on the heat network such as metering & billing or maintenance of the installations. In this scenario Switch2 are the Data Processor on behalf of the Data Controller and will typically receive your personal data from any of the following:
- The site developer
- The local authority or housing association in control of the site
- The leaseholder for the property
- From you directly where you move into a new property
What do we do with the information we collect about you?
We use your information in various ways, such as to:
- Meet the purposes that you provided your information for
- Provide you with the goods and services you want
- Let you know about goods or services we feel would be beneficial to you
- Administer your account, including;
- Letting you know of any work we may be need to conduct
- Seeking your views on any service we’ve provided to improve our service
- Dealing with any problems, enquiries, or complaints you may have
- Resolving unpaid bills
- Prevent fraud
- Keep our records accurate and up to date
- Comply with any legal obligations we may have
We may also use your personal data to administer, support, improve and develop our business generally and to enforce our legal rights.
Retaining your information
When we collect your personal information, the length of time that we retain it is determined by a number of factors, including the purpose for which we use that information as determined by landlords and to comply with legal obligations. We maintain a retention schedule which records approved retention periods and the end-of-life treatment of the data.
Who do we share your information with?
We only share your information where we are permitted or required to by law, or where you have requested us to do so.
We may share your personal data with third parties that provide Switch2 with a specific service relevant to our service provision to you as a Switch2 customer. This includes any of the following:
- IT service or software providers
- Engineering sub-contractors
- Specialist firms that help us to improve our service provision
- Credit reference, and fraud prevention, agencies in order to help prevent and detect fraud, or as part of our debt collection process.
- External agencies like the police, fire service, or local Councils in the event of an emergency situation, such as under the Civil Contingencies Act 2004.
- Any person or organisation where we are required to because of a Court order, legal duty, or statutory obligation
Where we engage a third party that will have access to your personal data, this processing will be done under strict contractual terms. All third parties acting on behalf of Swicth2 are required to take suitable and satisfactory security measures to protect your data and these must be in line with our own internal policies and procedures. Third parties are only permitted to process your data for specified purposes and in accordance with Switch2 instructions.
How do we look after and secure your information?
When we use information about you, we take all reasonable efforts to do so fairly and lawfully. We have security arrangements in place to guard against unauthorised access, improper use, alteration, destruction or accidental loss of your personal data. We take appropriate organisational and technical security measures and have rules and procedures in place to ensure that there is no unauthorised access to your personal data. When we work with third party organisations, we require them to assure us of their compliance with our data protection and security requirements.
On our websites
The table below explains the cookies we use and why.
|ckmsg||Numeric String||6 months||Cookie message to user|
|__utma||Numeric String||2 years||Google Analytics|
|__utmb||Numeric String||30 minutes||Google Analytics|
|__utmc||Alphanumeric String||Session||Google Analytics|
|__utmz||Alphanumeric String||6 months||Google Analytics|
Third party cookies
We sometimes embed content from different websites. Pages with this embedded content may present cookies from these websites. Similarly, when you use one of the share buttons on our website, a cookie may be set by the service you have chosen to share content through. You should check the relevant third party website for more information about these cookies.
How to manage cookies
If you wish to restrict, block or delete cookies from our website – or any other website – you can use your browser to do this. Each browser is different so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences.
Please bear in mind that if you do this, certain personalised features of this website cannot be provided to you.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.
The GDPR and Data Protection Act 2018 gives you certain rights towards your personal information. We take all reasonable efforts to ensure we allow you to exercise those rights.
Your rights are:
- The right to be given specific information on your personal data we collect.
- The right of access to your personal data.
- The right to rectify any of your personal data which is inaccurate.
- The right to erase your personal data in certain circumstances.
- The right to restrict processing of your personal data.
- The right to data portability.
- The right to object to certain processing.
- Rights in relation to automated decision making and profiling.
We’ll handle routine enquiries as part of our usual customer service. If you want to see more of the information that we have about you, you can make a data access request by either writing to us at:
Switch2 Energy Limited, The Waterfront, Salts Mill Road, Shipley, BD17 7EZ
Or emailing us at email@example.com
We may reply to you where we need further information to help respond effectively to your request. Switch2 is not a ‘public authority’ as defined under the Freedom of Information Act and we will not therefore respond to requests for information made under this Act.
If you are nt satisfied with the response you receive, you have the right to lodge a complaint with the supervisory authority. In the United Kingdom this is:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Telephone 0303 123 1113