WHAT INFORMATION ABOUT YOU WILL WE USE?
In providing our services to you, we may collect, retain and process personal information. The categories of personal information we may use for that purpose include:
i) Your name, address, telephone number(s), personal e-mail address and any other contact details you may provide;
ii) The terms and conditions of your contract with us, including details of the goods and/or services you provide and the price we will pay you;
iii) Your bank account details and details of any payments we make to you; and
iv) Details of your qualifications, skills, experience and employment history, if applicable.
WHY WE COLLECT PERSONAL INFORMATION ABOUT YOU AND HOW WE USE THAT INFORMATION
We process personal information in order to enter into, perform and administer the contract you have with us and, if it is necessary for us to do so, to comply with any legal obligations or other statutory duties, to which we are subject.
Consequently, we believe that the bases, on which we process personal information, are in order to enter into a contract we have with you, where appropriate, to meet our obligations under that contract and to meet any legal obligations placed upon us.
WITH WHOM WILL WE SHARE YOUR PERSONAL INFORMATION?
We will share personal information internally and between companies in the Northern Powergrid group, managers in the business area to which your contract is relevant, the executive and senior management teams and IT staff, if access to your personal data is necessary for performance of their roles.
We may disclose your personal information to third parties when we are required to do so by law, including to the Police, other law enforcement agencies and Her Majesty’s Revenue and Customs.
FOR HOW LONG WILL WE RETAIN YOUR PERSONAL INFORMATION?
It is our policy to retain contractual information for a period of seven or 12 years, as appropriate to the type of contract we have with you.
PROTECTING YOUR INFORMATION
We maintain stringent security measures designed to protect your personal information. Our core information security principles are to protect personal data in terms of:
• Confidentiality, by protecting personal data from breaches, unauthorised disclosures, loss of or unauthorised viewing;
• Integrity, by not allowing personal data to be modified without due cause; and
• Availability, by protecting personal data from disruption.
To achieve this, the measures we implement include adhering to various security standards, including physical and technological protection, data encryption and having in place a suite of policy and procedural documentation in respect of the way in which we handle and keep personal data secure.
TRANSFERRING PERSONAL INFORMATION INTERNATIONALLY
We may need to transfer some personal information to organisations that are outside of the UK, for example to our outsourced IT Infrastructure Services providers or to other organisations for hosting purposes. We will ensure that such transfers are either to countries in respect of which the UK has made an adequacy decision or there are appropriate safeguards in place to protect that information, including at least one of the safeguards required by data protection law. We transfer personal data to our outsourced IT Infrastructure Services provider in India using such appropriate safeguards.
Otherwise, we will not transfer your personal information to a third party outside of the UK unless you have confirmed to us that you are happy for us to do so.
CONTACTING US AND YOUR RIGHTS
The controller of any personal information we may process is Integrated Utility Services Limited.
If you would like to contact us about how we process your personal information, you can do so by contacting:
Head of Regulatory Compliance
78 Grey Street
Newcastle upon Tyne
Subject to certain conditions, you have the right to:
i) Access your personal information;
ii) Have your personal information rectified or erased;
iii) Restrict our processing of your personal information;
iv) Object to our processing of your personal information; and
v) The portability of your personal information e.g. to receive that information in a “machine-readable format”.
If we are processing any of your personal data based on you having given us consent to do so, you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of any processing we may have undertaken based on your consent before it is withdrawn.
We will not use any automated decision-making in our processing of your personal data.
You have the right to complain to the Information Commissioner’s Office about the way in which we process your personal information. You may do so by using the “Make a complaint” button on the Information Commissioner’s website at https://ico.org.uk/ or by writing to:
Information Commissioner's Office
We may also store information about you in cookies (files which are sent by us to your computer or other access device) which we can access when you visit our site in future. If you want to delete any cookies that are already on your computer, please refer to the instructions for your file management software to locate the file or directory that stores cookies. Our cookies will have the file names (x.text, y.text, z.text). If you want to stop cookies being stored on your computer in future, please refer to your browser manufacturer's instructions by clicking 'help' in your browser menu. Further information on deleting or controlling cookies is available at www.aboutcookies.org.
Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas of our site.