Commercial Energy Solutions Ltd needs to gather and use certain information about individuals. We process personal information to enable us to provide consultancy and advisory services, to promote our services, to maintain our own accounts and records, and to support and manage our employees. This policy sets out our commitment to data protection and individual rights and obligations in relation to personal data.
This statement describes how this personal data is collected, handled and stored to meet our data protection standards and ensure legal compliance. It ensures that we:
We have appointed HR Advisor Tania Hujic as the person responsible for data protection compliance. She can be contacted at info@cesgb.com. Questions about this policy or requests for further information should be directed to her.
“Special categories of personal data” means information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, and biometric data.
“Criminal records data” means information about an individual’s criminal convictions and offences and information relating to criminal allegations and proceedings.
“Competent Authority” means the Secretary of State, Ofgem, or any local or national agency, authority, department, inspectorate, industry or regulatory body, minister, ministry official, statutorily constituted customer committees and their representative bodies, or public or statutory person (whether autonomous or not) of, or of the government of, the United Kingdom or of the European Community, acting ostensibly within its authority;
“Data Protection Law” means any national implementing laws, regulations, and secondary legislation, as amended or updated from time to time, in the United Kingdom in relation to data privacy laws and including, but not limited to, the General Data Protection Regulation (EU) 2016/679) as and when it becomes applicable on and from 25 May 2018;
“Personal data” is any information that relates to an individual who can be identified from that information.
“Processing of personal data” is any use that is made of data, including collecting, storing, amending, disclosing, or destroying it.
“Third Party Processor” means any third parties or sub-contractors engaged by Commercial Energy Solutions Ltd in connection with processing the Personal Data.
We process Personal Data in relation to agreed energy services. We ensure that we collect only essential data, such as contact details including company name, contact name, address, telephone number and email, and any other type of Personal Data that may be advised by us from time to time. In addition to that, we also record phone calls, which are not shared but are used for training and compliance purposes.
We collect and process personal data in accordance with the following data protection principles:
We tell individuals the reasons for processing their personal data, how we use such data, and the legal basis for processing in our privacy notices. We will not process personal data of individuals for other reasons.
Where we process special categories of personal data or criminal records data to perform obligations or to exercise rights in employment law, we do it in accordance with a policy on special categories of data and criminal records data.
We will update personal data promptly if an individual advises that his/her information has changed or is inaccurate.
We keep a record of our processing activities in respect of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). We retain client information within our CRM system and our IT services are outsourced to a company that operates its delivery in compliance with ISO 27001. User details are held in relation to usernames, password, and recipient details for accessing Commercial Energy Solutions Ltd systems.
Sensitive and private data exchange between the Site and its Users happens over an SSL-secured communication channel and is encrypted and protected with digital signatures.
We shall take all reasonable steps to ensure the reliability and integrity of any employees who have access to the Personal Data and ensure that only such Supplier Personnel required by us to assist us in meeting our obligations under this Agreement (which may include assistance with systems administration) and no other employees have access to such Personal Data.
If at any time during the Term, we wish to appoint a sub-contractor, we may do so provided that:
We do not disclose Personal Data to a third party (including a sub-contractor) in any circumstances unless it is necessary to provide the service or otherwise without the Client’s prior written consent. For Third Party Requests, the Supplier shall use reasonable endeavours to advise the Client in advance of such disclosure, unless it is prohibited by law or regulation from notifying the Client of that disclosure, in which case it shall do so as soon as practicable thereafter (where permitted by law or regulation).
To the extent that we are acting for and on behalf of the Client in relation to Processing that we are carrying out arising out of, or in connection with, the provision of the Services, we shall not make (nor instruct or permit a third party to make) a Data Transfer except:
We shall not retain Personal Data for longer than is necessary to perform the contract, fulfil a legal obligation, or protect other legitimate companies’ interests;
We shall (on a request from the Client) make available to the Client in electronic form any or all of the Personal Data.
As a data subject, individuals have a number of rights in relation to their personal data.
Subject access requests
We will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically unless he/she agrees otherwise.
If the individual wants additional copies, we will charge a fee, which will be based on the administrative cost to us of providing the additional copies.
To make a subject access request, the individual should send the request to info@cesgb.com. In some cases, we may need to ask for proof of identification before the request can be processed. We will inform the individual if they need to verify his/her identity and the documents we require.
We will normally respond to a request within one month from the date it is received. In some cases, such as where we process large amounts of the individual’s data, we may respond within three months of the date the request is received. We will write to the individual within one month of receiving the original request to tell him/her if this is the case.
If a subject access request is manifestly unfounded or excessive, we are not obliged to comply with it. Alternatively, we can agree to respond but will charge a fee, which will be based on the administrative cost of responding to the request. A subject access request is likely to be manifestly unfounded or excessive where it repeats a request to which we have already responded. If an individual submits a request that is unfounded or excessive, we will notify him/her that this is the case and whether or not we will respond to it.
Other rights
Individuals have a number of other rights in relation to their personal data. They can require us to:
To ask us to take any of these steps, the individual should send the request to info@cesgb.com
Personal Identification Information
Commercial Energy Solutions Ltd may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our Site, engage in live chat, subscribe to a newsletter, respond to a survey, fill out a form, and participate in all other services or features we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, and energy supplier contact information. The User may also visit our Site anonymously. Commercial Energy Solutions Ltd will collect personal identification information from the User only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, which may prevent the User from engaging in certain Site related activities.
Non-personal Identification Information
We may collect non-personal identification information about Users whenever they interact or browse through our Site. The non-personal identification information may include the browser name, internet protocol (IP) information, technical browser information, and means of connection to our Site, such as the operating system, browser type, Internet service providers utilized, and other similar information.
Web Browser Cookies
Our Site may use “cookies” to enhance the User experience. The User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. The User may choose to set their web browser to refuse cookies. If so, please note that some parts of the Site may not function properly.
How Company Uses Collected Information
Commercial Energy Solutions Ltd. may collect and use a User’s personal information for the following purposes:
We may use the email address to respond to a User’s inquiry, question, and/or other requests. If the User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, a related product, or service information, among others. If at any time the User would like to unsubscribe from receiving future emails, Commercial Energy Solutions Ltd includes detailed unsubscribe instructions at the bottom of each email. If the User is having any conflicts with our reports, they may contact us via our Site.
We do not sell, trade, or rent User personal identification information to others. Commercial Energy Solutions Ltd may share generic aggregated demographic information not linked to any personal identification information regarding the User with our business partners, trusted affiliates, and advertisers for the purposes outlined in “How We Use Collected Information”. Commercial Energy Solutions Ltd may share the User’s information with these third parties for those limited purposes provided that the User has given permission.
Third Party Websites
The User may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors, and other third parties. Commercial Energy Solutions Ltd does not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. Also, these sites or services, including their content and links, may constantly be changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites that link from/to our Site, is subject to that website’s own terms and policies.
Commercial Energy Solutions Ltd. has the discretion to update this privacy policy at any time. Once is done, the revision date will be placed at the bottom of this page. We encourage the User to check this page frequently for any changes to stay informed about how we are helping to protect the personal information we collect. The User acknowledges and agrees that it is their responsibility to review this privacy policy periodically and become aware of modifications.
If you have any questions about this website data policy, the practices of this Site, or your dealings with this Site, please contact us at:
Commercial Energy Solutions Ltd.
Address: High Street Centre, 137-139 High Street, BR3 1AG.
Telephone: 02031740732
Email: info@cesgb.com
Copyright CES © 2024
Copyright CES © 2024
Copyright CES © 2021