Data Protection Act (1998) and the General Data Protection Regulation (GDPR) (25th May 2018)
The nature of our business requires us to occasionally share their contact details.
Information Collected About our clients and customers
Customers may provide us with certain information in connection with an enquiry, request for service or other transaction during their interactions with our website or at their site or at conferenced or events. When they are asked to provide personal information, they may decline. If they choose not to provide the information, they may not be able to use some products or services. For example, the Low Carbon Club exists to share good practice and to assist organisations to securely trial novel technologies at little or no risk and to share the results with other colleagues. Naturally, this cannot happen without the interaction of individuals.
The sort of personal information we may request or collect includes:
- Name, contact information
- Information they provide regarding their marketing preferences or while participating in surveys or promotional offers;
- Photographs of their site and fleet which may include living individuals.
- Financial information that may be necessary to facilitate the production of invoices etc.
- Additional contact information about they that we may obtain through third parties with whom we do business.
Where, for example we are working with on telematics offerings, with our client’s consent, we may access location-based information or collect location markers from their mobile device or based on their IP address.
When agreeing to use a Telematics System, we are not responsible for any data that is left in any vehicle because of this use. We cannot guarantee the privacy or confidentiality of such information and would expect clients and customers to wipe it before transferring, reassigning or otherwise disposing of vehicle.
If permitted by law, in certain areas of our sites, we provide they with the ability to enter the name of colleagues or friends by way of recommendation. This may also apply to the offering of their details in testimonials.
Information Collected and Stored Automatically
Our website and online marketing are not directed at, nor do we knowingly collect personal information from children under the age of 18. If a customer believes that their child has provided us with their personal information and they would like is to delete it, please email us at firstname.lastname@example.org
How We Use This Information
We use the information we collect for the following purposes:
- To assist us to offer bespoke services to our clients or prospective clients.
- To provide customer service related to their interactions with us or to respond to their inquiry.
- To verify their identity for fraud prevention purposes. We do not store this information for any other reason.
- To contact they regarding current or future work.
- To provide they with discounts, offers and other information, opportunities and services that may be of interest to them. They may receive these offers in advertising via third-party sites and media properties, including on social media. They may be able to opt out of these ads by clicking on an icon in the ad or through the privacy settings in each media property.
- To assist us to provide better products and services; for example, to evaluate our performance, to assess the quality of services received and to help us improve our websites, facilities and services.
- To compile statistics and analysis about our customers’ use of our website, services, which statistics are only used to enable us to provide better customer service, features and functionality to our current and future customers.
- To protect our rights and property.
- We may combine the information that they submit to us with information related to their transactions with us. We may also combine this information with data we receive about customers and prospective customers from third parties who assist us in processing requests, maintaining our data and optimising our services.
- We retain information we collect for commercially reasonable periods of time or in accordance with specific laws or policies. Information collected for a specified purpose will only be used for that purpose and, after a reasonable period, will no longer be actively stored when that purpose has been fulfilled. Inactive data may, however, continue to be used for statistical, marketing, archiving and other analytical purposes.
- The data we gather and process is legitimate for the purposes of contractual and pre-contractual work.
- Our work to deliver EED Article 8 (ESOS) Compliance performs a legal requirement on clients under the Energy Efficiency Directive (EED) (2012/27/EU) as does work to provide EPCs to customers that might otherwise be in breach of the Minimum Energy Efficiency Standards (MEES) regulations 2015 and Streamlined Energy and Carbon Reporting (SECR) following legislation introduced from 1st April 2019.
- Our work to provide energy and carbon savings (alongside cost savings and revenues) meets the demands of the Climate Change Act (2008)
- The works (including emissions reductions, carbon reduction, energy and combustible fuel use reduction as well as reduced vehicles on the road and congestion etc) that CLS Energy undertake have direct and positive influence on reducing climate change and greenhouse gases and as such are in the public interest and ultimately prolong life that would otherwise be reduced through the inhalation of greenhouse gas (GHG) emissions.
How Their Information May Be Shared
We may disclose the information we collect from and about customer and prospective customers to our partners and associates for providing opportunities they have requested and (with client consent) for marketing purposes. In addition to those stated within this Policy, Telematic Data from rental vehicles may be disclosed to, accessed by or used by partner companies and associates, or those with whom we have a legal or contractual obligation to provide such data. To update their marketing preferences please see the Contacting Us section.
We also may disclose customer information to other third parties:
when required by law or in response to legal process;
without legal process in response to a request from law enforcement relating to a criminal investigation;
- to protect our rights, privacy, safety or property, or that of the public;
- for administrative or technical support or other business purposes to facilitate our transactions with they (i.e. for their insurance replacement, corporate rental or through one of our partners);
- to analyse our data, conduct mobile analytics services or to maintain and improve our services (subject to confidentiality agreements as appropriate);
- to permit us to pursue available remedies or limit damage that we may sustain;
- to enforce the terms of any rental agreement or our websites’ terms and conditions;
- to assist with the administration of frequent flyer or other rewards programmes;
- to process their transaction with our subsidiaries or licensee/franchisee located in the country in which they place their reservation;
- if the rights of another individual might be violated and;
- otherwise with customer consent.
Personal information may also be subject to transfer to another company in the event of a transfer, change of ownership, reorganisation or assignment of all or part of CLS Energy (Consultancy) Ltds’ businesses or assets. This will occur if the parties have entered into an agreement under which the collection, use and disclosure of the information is limited to those purposes of the business transaction, including a determination whether to proceed with the business transaction. Customers will be notified via email or prominent notice on our website for thirty (30) days of any such change in ownership or control of their personal information.
We may disclose customer personal information to third-party service providers (such as a payment processor to bill the customer for goods or services, an email provider to send email communications to the customer on our behalf or the provider of our live chat feature to offer customer service). These service providers may be in a country different from the customer’s country of residence, such as a European Union member state. These service providers are contractually required to maintain the confidentiality and security of their information. However, their information may be accessible to authorities in accordance with applicable laws.
We may also share aggregated or de-identified information about our customers with our advertising and marketing partners, and third-party media properties, including social media sites to allow them to send targeted advertising messages on our behalf.
We may post customer testimonials/comments/reviews on our websites which may contain personally identifiable information. We will obtain the customer’s consent via email or telephone call prior to posting the testimonial. To request the removal of the customer testimonial, please contact us through one of the methods listed below in the Contacting Us section.
Data Security and Integrity
The security of the information that our customers provide us with is very important to us and we try to provide secure transmission of this information. For certain online transactions, we may use Secured Sockets Layer (SSL) technology to secure the transfer of information. While we strive to protect customer’s personal information, we cannot guarantee the security of any data transmission over the Internet. Once we receive customer information, we take steps that we believe are reasonably appropriate to protect it from loss, misuse, unauthorised access, disclosure, alteration and destruction to ensure the data’s integrity. We use a combination of technological, physical, administrative and organisational controls as well as non-disclosure or confidentiality agreements as we deem appropriate to protect this customer data.
If a customer has a user name and password for any of the features on our websites, they are responsible for keeping their password secret. They should not reveal their password to anyone. We will not ask customers in an unsolicited telephone call or email for their password. In addition, they should take reasonable precautions when using a computer that is not their own or is being used in a public setting.
Global Data Transfers and Processing
We will use customer information in the country in which their service and transaction occurs. Please be aware that, unless prohibited by law, customer use or continued use of our websites and mobile applications signifies their express consent that information may be transferred to or stored on servers and processed outside the country of their residence, including any of the countries where we do business. Please also be aware that the privacy laws of the United States or other countries where information may be stored may not be as comprehensive or offer as much protection as the laws of other countries including the customers country of residence. Customers may request us not to make such transfers, but if they do, we may not be able to provide some or all our products or services to them.
CLS Energy (Consultancy) Ltd is responsible for the processing of personal data it receives. In certain situations, CLS Energy (Consultancy) Ltd may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If the customer has an unresolved privacy or data use concern that we have not addressed satisfactorily, or they think that their data has been misused or that the organisation holding it hasn’t kept it secure, they should contact us and tell us.
If the customer is unhappy with our response or if they need any advice, they should contact the Information Commissioner’s Office (ICO). https://www.gov.uk/data-protection/make-a-complaint
When transferring personal data to countries outside of the European Economic Area, we comply with European Union law by using standard contract clauses approved by the European Commission or by adopting other means to ensure that adequate safeguards are applied or by obtaining customer consent.
Changes to this Policy
The accuracy and completeness of the information we collect is very important to us and we make efforts to ensure that the information we have is accurate and up-to-date. In addition to the options provided to customers in this Policy, if they wish to opt out of direct marketing or review, amend, correct or update personally identifiable information we have collected about them, please contact us using the information provided below. For email marketing please use the unsubscribe link located at the footer of each email. Individuals have the ongoing power to decide whether or not we process their data and may elect to opt out by unsubscribing at any time via an e-mail response or direct e-mail to email@example.com stating the phrase ‘please unsubscribe me’.
For certain countries, customers may also have rights to object to some processing of personal data or to have their personal data removed. Customers may contact us via email at firstname.lastname@example.org and we will attend to the request and make any necessary revisions. We will aim to respond to their request within 30 days, unless a shorter period is required. If that is the case, local legal requirements would apply. We reserve the right not to allow access to customer information if we believe in good faith that such disclosure is prohibited by law or if the rights of another individual might be violated.