We are committed to ensuring your privacy is protected. This privacy notice explains how we use the information we collect about you.
This privacy notice applies to the SSE Enterprise business. SSE Enterprise is a trading name of the following businesses: SSE Contracting Limited No. 02317133, SSE Utility Solutions Limited No. 06894120, SSE Heat Networks Limited No. SC303682, SSE Water Limited No. 06021063, SSE Telecommunications Limited No. SC213457, Neos Networks Limited No. 03477297 and SSE Airtricity Utility Solutions Limited No. 476088.
The registered office of SSE Contracting Limited, SSE Utility Solutions Limited. SSE Water Limited and Neos Networks Limited is 1 Forbury Place, 43 Forbury Road, Reading, Berkshire RG1 3JH and these companies are subject to the laws of England and Wales.
The registered office of SSE Heat Networks Limited and SSE Telecommunications Limited is Inveralmond House, 200 Dunkeld Road, Perth PH1 3AQ and these are subject to the laws of Scotland.
The registered office of SSE Airtricity Utility Solutions is Red Oak South, South County Business Park, Leopardstown, Dublin 18, Ireland and is subject to the laws of the Republic of Ireland.
We’ll be the “controller” of the information you provide to us.
What information do we need?
We collect basic personal data about you – specifically, name, address, telephone number and email address. We may also collect your bank details in certain circumstances. If you contact us by telephone, we may also record the call for training and service improvement purposes, and make notes in relation to your call.
We may also receive personal data about you from third parties, such as your electricity supplier. As a multi-utility network service provider, SSE works closely with third parties, including your electricity supplier, service providers, developers, sub-contractors and the Office of Gas and Electricity Markets (“Ofgem”).
Why do we need it?
We need to know your basic personal data to be able to deliver and maintain our services to you. In particular, we need to know your basic personal data to direct you to the correct SSE support team. To allow our engineers to visit you onsite where required and to provide assistance to you in case of an emergency.
Legal bases for processing
In order to process and use your personal information lawfully, we rely on the following legal bases:
- for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
- to comply with our legal obligations;
- for our legitimate interests in ensuring effective operational management and internal administration, document retention/storage, compliance with regulatory guidance, exercise or defence of legal claims, service improvement and communicating with you.
What do we do with it?
The personal data we process is processed by our staff in the UK to:
- enable our customer contact centre to help you with any enquiries or complaints;
- communicate with you by telephone, mail, email or other electronic means;
- to perform our obligations under any contract for the supply of services we have with you;
- monitor our work and maintain our records;
- obtain feedback on how we can improve our services;
- comply with legal or regulatory requirements;
- facilitate the credit management process;
- undertake background checks to comply with Anti Money Laundering and Anti-Terrorism rules;
- allow us to process charges in the event of damage to our equipment; and
- provide compensation to customers in certain circumstances.
How is your personal information transferred outside of the EEA?
We, or a third party who we share personal information with, may host, store and handle that personal information outside of the European Economic Area (EEA).
We will only permit this to happen if adequate safeguards have been put in place to protect your personal information. This means that we will:
(a) Ensure that the country in which your personal information will be handled has been deemed “adequate” by the European Commission under Article 45 of the General Data Protection Regulation (GDPR); or
(b) Include standard data protection clauses approved by the European Commission for transferring personal information outside the EEA into our contracts with those third parties (these are the clauses approved under Article 46.2 of the GDPR); or
(c) (In the case of transfers from the EEA to the USA), ensure that the recipient of the personal information has certified with the US-EU Privacy Shield Framework, as permitted by Article 46.2 of the GDPR.
We may share your information with:
- your energy supplier;
- developers and network rail operators;
- Ofgem, the Energy Ombudsman and any other regulatory authority we may be subject to for the purposes of demonstrating compliance with applicable law and regulations;
- our sub-contractors for the purposes of carrying out work on our utility networks;
- our service providers for the purposes of providing services to us; and
- other SSE group companies.
We may also use aggregate information and statistics in order to help us develop our services and may provide such aggregate information to third parties. These statistics will not include information that can be used to identify any individual.
If you have provided consent, or we otherwise have the right to do so, we may send to you direct marketing and promotional materials relating to our services or related products, for example sending you communications (including by email) for these purposes. This information is not shared with third parties and you can unsubscribe at any time by clicking the “Unsubscribe” link in any of our emails.
How long will we keep it?
We will keep your information only for as long as necessary depending on the purpose for which it was provided.
When determining the relevant retention periods, we will take into account factors including:
- our contractual obligations and rights in relation to the information involved;
- legal obligation(s) under applicable law to retain data for a certain period of time;
- (potential) disputes; and
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
You have the following rights regarding your information:
|Rights||What does this mean?|
|3. Right to rectification||You are entitled to have your personal data corrected if it’s inaccurate or incomplete.|
|4. Right to erasure||This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep it. This is not a general right to erasure; there are exceptions.|
|5. Right to restrict processing||You have rights to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further.|
|6. Right to data portability||You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.|
|7. Right to object to processing||You have the right to object to certain types of processing, in certain circumstances. In particular, the right to object to the processing of your personal data based on our legitimate interests or on public interest grounds; the right to object to processing for direct marketing purposes (including profiling); the right to object to the use of your personal data for scientific or historical research purposes or statistical purposes in certain circumstances.|
|8. Right to withdraw consent||If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for direct marketing.|
For more information on your rights or if you would like to exercise any of your rights, you are welcome to contact us at the contact details set out below under “Contacting us”.
If you would like to contact us in relation to your rights or if you are unhappy with how we’ve handled your information, you may contact us by sending a letter to:
M: Enterprise Data Protection, c/o Enterprise Assurance, Inveralmond House, 200 Dunkeld Road, Perth PH1 3GH
If you would like to contact our Data Protection Officer, you may do so using the following details:
P: 0345 070 7378;
M: Data Protection Officer, c/o Executive Complaints Team, Grampian House, 200 Dunkeld Road, Perth PH1 3GH
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:
P: 0303 123 1113
M: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF