Last Updated April 2020
We are committed to ensuring your privacy is protected. This privacy notice explains how we use the information we collect about you.
This privacy notice applies to the SSE Telecoms business which is operated by the following data controllers:
SSE Telecommunications Ltd, No. SC213457
Neos Networks Ltd, No. 03477297
The registered office of Neos Networks Ltd is 1 Forbury Place, 43 Forbury Road, Reading, Berkshire RG1 3JH and this company is subject to the laws of England and Wales.
The registered office of SSE Telecommunications Limited is Inveralmond House, 200 Dunkeld Road, Perth PH1 3AQ and this company is subject to the laws of Scotland.
These companies are referred to as “we” or “us” throughout this privacy notice.
We will be the “controller” of the information you provide to us.
What information do we collect and how do we do it?
We, or third parties on our behalf, collect your personal data when you use our website, communicate with us by phone, letter, email, social media or in person or when you receive our products and/or services.
We may collect the following personal data and we refer to this as “personal data” throughout this notice:
- Your name;
- Billing address;
- Supply address;
- Telephone number(s);
- E-mail address;
- Date of birth;
- Details of secondary contact (e.g. name and phone number);
- Call recordings;
- Customer ID numbers- when you register an account with us, we create and record a customer ID number for you and record the date you were registered;
- Financial information;
- Your preferences (e.g. if you would prefer paperless billing);
- Survey responses;
What do we do with your personal data?
We, or third-parties on our behalf, collect, use and store the personal data collected about you to:
- Respond to any enquiries or issues you have, including directing you to the correct SSE support team;
- Identify you;
- Contact you, or authorised third parties, about our services- such as sending you information when you sign up, service announcements and administrative messages;
- Communicate with you by telephone, mail, email or other electronic means;
- To enter into legal contracts with you;
- Perform our obligations under any contract for the supply of services we have with you;
- Train our staff and improve our products and services, which may mean that we monitor and record communications that we have with you including phone conversations, emails, SMSs and web chats;
- Allow our engineers to visit you onsite (where required);
- Use data analytics to understand and improve the way we do things as a business;
- Conduct, and contact you in relation to, market research e.g. through customer satisfaction surveys and questionnaires;
- Identify offers and advice tailored to your needs or lifestyle;
- Ensure the health and safety of you, our staff and contractors;
- Respond to and/or resolve any enquiries or requests that you may make via social media;
- Enable internal corporate reporting, business administration, adequate insurance coverage, the security of company facilities, research and development, and to identify and implement business efficiencies;
- Comply with any procedures, laws and regulations which apply to us – including where we reasonably consider it is in our (or others) legitimate interests to comply;
- Establish, exercise or defend our legal rights – including where we reasonably consider it is in our (or others) legitimate interests;
- Facilitate the credit management process;
- Process wayleaves payments;
- Allow us to process charges in the event of damage to our equipment;
- Provide compensation to customers in certain circumstances;
- To detect and prevent crime, fraud or loss: including carrying out checks on customers, suppliers and other third parties, which relate to activities such as anti-money laundering, countering terrorist financing and other unlawful acts (for example, illegal trafficking and environmental crime) and anti-bribery and corruption requirements.
- Agree rights in land and manage existing land rights;
- Carry out other land liaison duties such as notification of project work, operations and maintenance; and
- Facilitate access to install, monitor, maintain and remove apparatus lawfully situated on your land.
How do we use your sensitive personal data?
We treat some of the information that we collect about you as being particularly sensitive, such as requirements for your welfare.
With your consent, we’ll collect this information about you (or a member of your household). This information may relate to health, disability or financial circumstances and we will use this information to:
- Provide products and/or services to you in the most appropriate way e.g. if you require large print or braille communications;
- Manage staff and third-party contractors; and/or
- Provide you with the most appropriate customer experience where you attend an SSE event.
Unless you’ve asked us not to, we may contact you in writing, by phone and via email or SMS with information on products, services and rewards that we, other companies within the Group, and occasionally our carefully selected partners identified at the time we collect your information, offer. We may also use third parties to send marketing communications.
Unless you have asked us not to, we may also use your personal data to show you digital advertisements via your social media newsfeed, on search engine results pages, or on other websites.
Unless you have asked us not to, we may profile your data to provide you with marketing and offers that are relevant to you. If you opt out of profiling, we will still run analysis that includes your data, but any decisions or marketing output that result from that analysis will not be used to market to you. You will be sent generic marketing that may not be relevant to you.
To opt out of receiving marketing messages, or to object to our use of profiling for direct marketing purposes, contact us at any time using the details in section (11) or by clicking the unsubscribe option in emails that we send to you.
Legal bases for processing, including legitimate interests
In order to process and use your personal data lawfully, we rely on the following legal bases:
- Contract – for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
- Legal Obligation – to comply with our legal obligations;
- Legitimate Interest – ensuring effective operational management and internal administration, document retention/storage, compliance with regulatory guidance, exercise or defence of legal claims, service improvement and communicating with you; and/or
- Consent – where we market to you via email or SMS, or where we process special categories of data e.g. vulnerability information. If we rely on your consent in these ways, but you later change your mind, you may withdraw your consent by contacting us using the details in section 11, or by clicking the unsubscribe link in emails, and we will stop doing so.
Who do we share your personal data with?
We may share your personal information with the following categories of third parties:
- Our third-party suppliers, partners and sub-contractors that provide, review and/or receive services in relation to our website, services and/or products. Our third-party suppliers include: payment processors; suppliers of technical support and installation services; cloud services providers, research agencies and contractors undertaking development projects and maintenance;
- Any legal representative you have appointed to liaise with us on your behalf;
- Where appropriate, family members or cohabitants, previous tenants, landlords, letting agents or other third parties who require the information;
- Government or law enforcement officials– If we’re under a duty to disclose your information in order to comply with any legal obligation then we may disclose your personal data to meet national security or law enforcement requirements or to prevent illegal activity;
- Debt collection and tracing agents if we provide you with a service and you fail to make payments;
- Authorised third parties or named account holders on any account you hold with us;
- If we sell, merge, or perform any internal re-organisations in relation to any of our (or any third party’s) business or assets, the personal information will be one of the transferred assets to the relevant buyer and/or new data controller of such business or assets; and/or
- Other SSE group companies.
How long do we hold it for?
We will keep your information only for as long as is necessary depending on the purpose for which it was provided.
When determining the relevant retention periods, we will take into account factors including:
- our contractual obligations and rights in relation to the information involved;
- legal obligation(s) under applicable law to retain data for a certain period of time;
- (potential) disputes; and
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
You have the following rights regarding your information:
Right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. Therefore, we are providing you with the information in this privacy notice.
Right of access
You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this privacy notice). This is so you are aware and can check that we are using your personal data in accordance with data protection law(s).
Right to rectification
You are entitled to have your personal data corrected if it is inaccurate or incomplete.
Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep it. This is not an absolute right to erasure; there are exceptions.
Right to restrict processing
You have the right to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further.
Right to data portability
You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
Right to object to processing
You have the right to object to your personal data being processed in certain circumstances. This includes where we are relying on legitimate interest and for direct marketing purposes (including profiling).
Right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for direct marketing.
International data transfers – How is your personal data transferred outside of the European Economic Area (EEA)?
We, or a third party who we share personal data with, may transfer, host, store and/or handle your personal information outside of the EEA. For example, where we and/or our service providers (including servers) are based outside of the EEA.
The EEA consists of countries in the European Union, Iceland, Liechtenstein and Norway and are all considered to have equivalent laws in data protection and privacy.
We will only permit this to happen if adequate safeguards have been put in place to protect your personal data. This means that we will:
- ensure that the country in which your personal data will be handled has been deemed “adequate” by the European Commission under Article 45 of the General Data Protection Regulation (GDPR); or
- include standard data protection clauses approved by the European Commission for transferring personal data outside the EEA into our contracts with those third parties (these are the clauses approved under Article 46.2 of the GDPR); or
- (in the case of transfers from the EEA to the USA), ensure that the recipient of the personal data has certified with the US-EU Privacy Shield Framework, as permitted by Article 46.2 of the GDPR.
Changes to this notice
We may update our privacy notice from time to time. Any changes we make to our privacy notice in the future will be posted on the SSE website and, where appropriate, notified to you by post or email.
For more information on your rights or if you would like to exercise any of your rights, you are welcome to contact us at the contact details set out below under “Contacting us”.
If you would like to contact us in relation to your rights or if you are unhappy with how we have handled your information, you may do so using the following details:
Address: DPO, Legal Services, No. 1 Forbury Place, 43 Forbury Road, Reading, RG1 3JH
If 12. ICO Complaints
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:
Telephone Number: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF