This Policy (together with our Terms of Website Use and any other documents referred to on it) sets out the basis on how Beam Energy collects, uses, transfers and stores your personal information. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.beamenergy.co.uk, you are accepting and consenting to the practices described in this Policy.
For the purpose of current Data Protection Legislation (General Data Protection Regulation ‘GDPR’ 2016 and the Data Protection Act 2018), the data controller is ROBIN HOOD ENERGY LIMITED with registered office Loxley House, Station Street, Nottingham, NG2 3NG.
At all times we will take all reasonable steps to act in accordance with current Data Protection Legislation. If you require any further advice and guidance about the General Data Protection Regulation and the Data Protection Act 2018, information is available on the Information Commissioners website at: www.ico.org.uk
How can you contact the data controller?
ROBIN HOOD ENERGY LIMITED can be contacted at: Century House, 8 – 18 Chapel Bar, Nottingham NG1 6JQ.
The Information Governance Manager has overall responsibility for the way that we handle personal data. Contact the Information Governance Manager by writing to RHE.firstname.lastname@example.org
Other ways to contact us are on our contact us page.
What is personal data?
Personal data is information relating to an identifiable living individual. Whenever personal data is processed, collected, recorded, stored or disposed of it must be done within the terms of the Data Protection Legislation.
What personal data does Beam Energy collect?
- Such as your payment details and financial circumstances.
- We need your bank details if you want to pay by Direct Debit.
- If you have difficulty paying our bills, providing details of your circumstances helps us work with you to resolve this.
- Your name
- Contact details:
- Home address
- Personal email
- Home telephone number
- Mobile telephone number
We need this information from you in order to enter into a contract with you. If you do not provide it to us, we may not be able to offer you our services.
Vulnerability data (Priority Service Register):
- Health issues
- Date of Birth
Having this kind of information helps us to ensure we provide you with appropriate services to keep you safe.
Energy you use:
- Details of your energy usage, which you may give us, or we can obtain from your smart meter.
You have a contractual obligation to provide us with details of your energy usage. We need this data to send you accurate bills. If we have to estimate your bills, you may not be paying the right amount for your energy.
Energy you generate:
- Details of energy you generate under the Feed-in Tariff (FiT) scheme.
You are obliged to give us this information to help us manage your account.
Data we may collect from other people or organisations:
- Data such as your name and contact details may be provided to us by people moving in or out of a property you are occupying, or a landlord;
- Other organisations involved in your energy supply will give us information to help us manage your account.
How we collect information
You may give us information about you by filling in forms on our website www.beamenergy.co.uk or by corresponding with us by phone, email, in person or otherwise. This includes information you provide when you register to use our site, subscribe to our service, search for a product, obtain a quotation, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site.
We will get information from various sources as well as directly from you, including our partners, other organisations involved in your energy service like network operators, and publicly available information. We will match it with our own data to make sure the information we have about you is accurate and up to date.
We may also receive your information from an energy supplier from which you wish to move in order to help ensure the move happens smoothly.
We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this Policy.
What do we use your personal data for?
It is important that you understand what we will do with the data that we hold about you.
We will process your data for the following purposes necessary for the performance of our contract with you, or in readiness for such a contract:
- to manage your account with us. This can include providing our Terms and Conditions, recording your meter readings, sending you invoices, administering your payments and any loyalty incentives and dealing with queries or complaints.
- If you move into another property where we supply the energy, we’ll link your personal details to you for the energy use at your new address.
We will request your consent to process any special category data you supply to Beam Energy for the following purposes:
- If you have any vulnerabilities, we’ll ask for your consent before we add your details to our Priority Services Register, which enables us to take extra steps to ensure your safety.
We will process your data to comply with legal obligations including, but not restricted to:
- OFGEM directions and Codes and our Licence Conditions
- Financial Conduct Authority rules
- Consumer Protection Laws
- Orders made by a Court
We will process your data where we or someone else has a legitimate interest. This includes:
- Keeping records of our dealings with you, so that we have an accurate history of our relationship with you in case of disputes.
- We might monitor and record our conversations with you, for example to prove you have agreed a contract with us, to help train our staff or to help us give better service. We won’t record credit and debit card details.
- Making appointments to read, inspect or change your meter to ensure we are billing you correctly and your meter installation is safe and appropriate for your needs.
- Taking legal action against you if you do not pay our bills, because we are entitled to try to enforce our rights. This might be to recover money due to us, to disconnect your meter or fit a pre-payment meter.
- Analysing your consumption, including by reference to your household, your income and your lifestyle, so that we can offer you tariffs that suit your circumstances and give you tailored energy efficiency advice to help you save money.
- For research and insight purposes, to enable us to provide good customer service.
- To create statistics to help us better target our marketing activities.
- To help prevent and detect debt, fraud and financial loss.
- To help keep your family and your household safe and secure.
Ensuring that we maintain high standards
In deciding what personal data to collect, hold and use, Beam Energy is committed to ensuring that it will:-
- Recognise that any personal data handled by Beam Energy is held on behalf of the person to which it relates and that we ensure we respect that responsibility.
- Adopt and maintain high standards in respect of the handling and use of that personal data.
- Only collect, hold and use personal data where it is necessary and proportionate to do so.
- Securely delete any personal data when no longer needed.
- Keep your personal data secure and safe.
- Not unnecessarily and without good and lawful reason, infringe the privacy of any person.
- Consider and address the privacy risks first when planning to use or hold personal information in new ways, such as when introducing new systems.
- Be open with individuals about how we use their information and who we give it to.
- Make it easy for individuals to access and correct their personal information.
- Ensure that there are effective safeguards and systems in place to make sure personal information is kept securely and does not fall into the wrong hands.
- Provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or don’t look after personal information properly.
- Put appropriate financial and human resources into looking after personal information to make sure we can live up to our promises.
- Having a robust data strategy in place to protect against any disasters but also malware such as ransom ware.
- Regularly check that we are living up to our promises and report on how we are doing.
Who do we share your personal data with?
We may have to share your personal data with the parties set out below for the purposes set out above under ‘What do we use your personal data for?’
We might share data with:
- Network operators, so they can keep you informed about reconnecting your energy if there’s a loss of supply or an emergency.
- Agents appointed by us to facilitate our contract with you, such as meter operators and data collectors.
- Organisations that supervise or distribute data between smart meters, energy suppliers and other organisations that enable suppliers to bill customers for energy used and customers to switch between suppliers.
- Other energy suppliers, landlords or housing associations if we or another organisation suspects the property is connected with fraud.
- Another supplier you want to switch to.
- Other people, such as members of your household, where you have authorised us to, or where they are named on your account.
- Debt collection agencies and other organisations involved with debt collection (for example, bailiffs, law courts, private investigators).
- Social services, distribution services or other agencies if we think you need extra help.
- Organisations that compile information to help you compare your energy use with similar households or offer you rewards.
- Organisations doing research for us.
- Market regulators such as OFGEM and consumer protection organisations such as the Energy Ombudsman.
- Organisations for the detection, investigation and prevention of crime, or for current or future legal action.
- Commissioning and installation contractors for installations such as solar panels and insulation
- Financial organisations for purposes such as payment processing, finance plans and refunds
- Energy market administrators i.e. Xoserve for gas and the Meter Point Administration Service
- If you apply for Affordable Warmth funding measures, the Energy Saving Trust and Department for Work and Pensions to confirm whether you’re entitled to the assistance.
- Other FiT licensees if you want to transfer your generation unit(s) under the FiT scheme
- Organisations to which we are by law obliged to provide your information.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We would like to use your personal data to communicate with you about products or services that we offer.
We will not use your personal data for marketing purposes at all if you have told us not to. We will give you the opportunity to opt-in to receiving marketing information whenever we contact you directly for this purpose. Sometimes we may want to share your information with other organisations, for our marketing purposes. Some examples are:
- Organisations who can enhance or match the data we hold with additional information to enable us to understand our customers better and plan marketing activities
- Organisations we want to work with to promote a joint product or a product or service we endorse
We will get your express opt-in consent before we share your personal data with any company outside Beam Energy for their marketing purposes.
We may use your identity, contact, usage and profile information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
Some activities, such as emailing marketing information to you, require your express consent. Others, such as sending letters or calling you, we may be allowed to do without your prior agreement, on the basis that we have a legitimate interest in doing this. Our legitimate interest might be:
- Understanding our customer and getting to know their preferences.
- Telling our customers about products that might meet their needs and desires.
- Ensuring our customers are aware when they can save money.
People who contact us via social media
We have accounts on most major social media channels and use their ‘public’ platforms to manage our social media interactions.
We do not have any control over how these companies use any data shared with us through their services, and we recommend you review their privacy policies yourself. We would also remind you that any information you post publicly is visible to anyone.
If we recognise you are a Beam Energy customer and you send us personal data using a private or direct message via social media, that data will be stored along with your other account records in line with our standard data retention period.
If you send us personal data via Facebook Messenger to enable us to give you a quote for a potential energy supply, we will delete the relevant messages from Messenger but they will still be available to you and Facebook unless you also delete them.
No data you give us via social media will be used for marketing or shared with any other organisations for marketing purposes.
Automated decision making and profiling
We use automated processing of personal data to evaluate, analyse and predict common traits, characteristics and behaviours. This enables us to understand our customer groups and manage these groups more effectively.
Segmenting customers lets us more effectively focus tailored marketing communications to specific types of customers in different ways.
What are your rights?
Under Current Data Protection Legislation, DPA2018 and the GDPR 2016:
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You can ask for access to the information we hold on you known as a personal information request
You are legally entitled to request access to any records held by Beam Energy about yourself. Beam Energy will seek to comply with your request but there may be some situations where it will not be able to do this in full, for example where information held was given in confidence or when a professional thinks that it could cause serious harm to you or another’s physical or mental wellbeing if the information was given to you, or if we think that giving you the information may stop us from preventing a crime.
If you would like to request a copy of your personal information, please complete the form of our energy supply partner ROBIN HOOD ENERGY: Data Subject Request Form.
If you have any questions regarding your rights, please contact the Information Governance Manager by writing to RHE.email@example.com.
You can ask to change information that you think is inaccurate
If you receive a copy of your information and you find that any information is inaccurate, you have the right to ask us to correct the information. We may not always be able to change or remove the information, but we will correct factual inaccuracies and add supplemental comments. In some cases, we may also record your comments to show that you disagree with information held about you. Whilst Beam Energy tries to ensure that any personal data it holds about you is correct, there may be situations where the information it holds is no longer accurate. If this is the case, please contact the department holding the information so that any errors can be investigated and corrected.
Beam Energy will try to ensure that all records are accurate and up to date. If you find any inaccuracies, you can write to the Information Governance Manager to ask for any inaccurate information to be rectified or if you think your information is incomplete, you can ask for a supplementary statement to be added to give an accurate picture.
Please contact the Information Governance Manager by writing to RHE.firstname.lastname@example.org or completing this Data Subject Request Form.
Right to be forgotten – right to ask for your information to be deleted
You have the right to ask for information to be erased although this is not an absolute right. If your data is no longer necessary for the purpose for which it is collected, you can ask for it to be erased. Again, where possible, Beam Energy will seek to comply with your request but there may be some situations where it will not be able to do this, for example, where Beam Energy is required to hold or process information to comply with a legal requirement.
Where your personal information has been shared with others, we will do what we can to make, sure they also comply with your request for erasing the information.
If you would like to make this request, complete this Data Subject Request Form.
A right in certain circumstances to request restriction of processing
You also have the right to ask Beam Energy to limit processing in certain circumstances, for example, where you have contested the accuracy of information held that is about you or if Beam Energy no longer needs the information although again there are some exceptions. For example, we may need to hold or use your information because we are required to do so by law. If this request is approved, this may cause delays or prevent us from delivering a service to you.
For more information, please contact the Information Governance Manager by writing to RHE.email@example.com. To exercise this right, please complete this Data Subject Request Form.
Right to object to processing of data in certain circumstances
You have the right in some circumstances to object to Beam Energy processing your personal data in relation to any of our services. Where possible, Beam Energy will seek to comply with your request, but there may be some situations where it will not be able to do this, for example, where Beam Energy is required to hold or process information to comply with a legal requirement, or where deletion of this information may cause delays or hinder the company’s ability to provide services to you. The right to object only applies in limited circumstances.
For more information, please contact the Information Governance Manager by writing to RHE.firstname.lastname@example.org.
Right in certain circumstances to request portability of your data to another provider
You also have the right in certain circumstances to get a copy of your information in an electronic form and re-use it with other service providers. This right only applies to information processed by automated means or information obtained by consent from you. It is likely that data portability will not apply to most of our services.
For more information, please contact the Information Governance Manager by writing to RHE.email@example.com.
Rights in connection with automated decision-making including profiling
Where a computer makes decisions about you, which is known as automated decision-making, you can ask that these decisions be explained to you.
This means that you can question decisions made about you by a computer, unless it’s required for any contract that you have entered into, required by law, or you have given your agreement to this form of processing.
For more information, please contact the Information Governance Manager by writing to RHE.firstname.lastname@example.org.
Your right to contact the Information Commissioner
If you are unhappy with any aspect of how we handle your personal data you also have the right to contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates handling of personal information in the UK.
For more information regarding data protection issues you may wish to contact the Information Commissioners Office (ICO), you can contact them by going to their website, phoning them on 0303 123 1113, via email email@example.com or by post to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.
How long do we store your personal data for?
Where you have an account with us, we will retain your personal data for as long as it is necessary to do so following the end of our relationship with you (which might be when your account closes or when we have issued your final bill). There may be circumstances when we need to keep it for longer – for instance if we are dealing with a complaint from you when that time comes round – but we will delete it as soon as we’ve no need to keep it further.
If we hold your data for any other reason, we will delete it as soon as we no longer have a valid reason to retain it.
If you would like to see how long your information is kept for you can contact Beam Energy by emailing the Information Governance Manager at RHE.firstname.lastname@example.org.
How do we protect your personal information?
We take your privacy seriously and take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place.
We have a data protection policy, which explains how we look after your personal information. We also have many other practical measures to protect your information, such as:
- Limiting access to systems to only those staff who need to access the information.
- Providing regular training for staff to make them aware of how to handle your data safely and in accordance with the data protection legislation.
- Having a clear desk policy and guidance about keeping sensitive data in locked places with limited access.
- Having clear policies and guidance for staff who take special data out of the building and a clear working at home guidance for all staff to follow.
- Encryption of sensitive electronic communications such as emails as well as encryption of disks and memory sticks (as well as keeping their use to a minimum). Encryption is a means of ensuring that data can only be accessed by authorised users. This means that the information is hidden and cannot be read without a password.
- Regular testing of our IT equipment and keeping up to date with regular security updates.
- When you log in to your online account or ask us for a quote, our pages are secure, which means all the personal details you type in are encrypted before they are sent to us.
- When you get in touch with us, we will ask you a number of security questions before we share any personal details, just to check it’s you.
You can find more information about our IT security by contacting our Information Governance Manager at RHE.email@example.com.
What happens if we send your data out of the EEA?
Data protection laws allow us to transfer personal data to organisations in countries within the European Economic Area (EEA) as all of those countries are signed up to the same laws and have to have the same controls and safeguards in place to protect your data.
If your data is being transferred outside the EEA, then you can obtain details of the relevant safeguards by contacting our Information Governance Manager at RHE.firstname.lastname@example.org.