Privacy Policy
  1. STL Heating & Energy and your personal data

 

When we supply services to your home, the data controller is STL Heating & Energy Limited.

 

It explains your statutory rights and how we collect and use your personal data. It describes the processing activities that are carried out by STL Heating & Energy in relation to our services, the purposes for which these activities are performed and the legal bases that STL Heating & Energy relies upon for these processing activities.

 

We may update this privacy notice from time to time to ensure it is always up to date and accurate.

Any changes we may make to our privacy notice will be posted on this page, and we will communicate

any significant changes to you.

 

You can contact STL Heating & Energy’s data protection officer by writing to The Data Protection Officer, STL Heating & Energy, Unit 9, The Gateway 4, School Lane, Prescot, Knowsley, L34 9AA.

 

You can also contact our data protection officer at info@stlheating.co.uk

 

  1. Personal data we collect

 

We collect the following types of personal data:

 

  • Your contact details and the contact details of people associated with your account: information

that allows us to contact you directly such as your name, email address, telephone number and

addresses associated with your account or order.

  • Account information and details of other people linked to your account: information about your

account with STL Heating & Energy including your unique account number, unique customer identification, contract details, household details, property type, premises details, marketing preferences, complaints details, incident details, dispatch appointment details, and notes added to your account.

  • Vulnerability information: information that allows us to understand whether you are in a vulnerable

situation, including health and disability information.

  • Audio and video recordings, and contemporaneous notes: records of site visits by our revenue

protection and field operations teams.

  • Financial information: information that allows us to understand your creditworthiness and financial

position.

  • Transaction and payment information: credit/debit card details and bank account details you provide to make payment for the products and service you purchase from us. If you pay for someone else’s products and services, we will have a copy of your payment information. If someone else pays for your products and services, we will have a copy of their information linked with your account.
  • Purchase and account history: records relating to the products and services which you have

purchased or used.

  • Responses to surveys, competitions and promotions: including records of any surveys you

respond to or your entry into any competitions we run.

  • Records of your discussions with our customer support teams, including call recordings, webchat

and emails: when you share comments and opinions with us, ask us questions or make a complaint

we will keep a record of this. This includes when you send us emails, phone our support team or

contact us via webchat or through social media such as through Twitter or on Facebook.

  • How you use mobile applications and websites: we use technology such as cookies (subject to your

cookie preferences) when you use our applications or websites, we collect information about the

pages you look at and how you use them.

  • Location information: your smartphone or computer’s IP address may tell us an approximate

location when you connect to our websites but this will be no more precise than the city, state or

country you are using your device in.

  • Device and machine information: information about the computer hardware and software on your

computers and smartphones that is used to connect or communicate with us.

  • Advertising and direct marketing preferences and responses: information about how you respond,

or interact with, any direct marketing or advertising communications directed to you, including any

requests for these communications to stop.

 

  • Exercising your rights: if you exercise any of your statutory rights under data protection law, we

will keep a record of this and how we respond.

 

You are not required to provide to us any of the personal data described above, however, if you do not

do so, you may not be able to purchase our products and services or the functionality of our products

may be reduced.

 

  1. What we use your personal data for and why

 

Where we process your personal data because of our contract

 

We process these items of your personal data to enter or fulfil the contract between us, including:

 

Reason or purpose Personal data used
Provide our services to you and maintain your account (including for quality assurance purposes,  and handling any complaints you might make) ·     All personal information we collect as listed in Section 2
Take payment for our products and services and debt collection ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Financial information

·     Transaction and payment information

·     Delivery information

·     Purchase and account history

·     Location information

Deliver products to you ·     Your contact details and the contact details of people associated with your account
Perform credit checks ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Financial information

·     Transaction and payment information

To deliver service communications, and tailoring those communications to your circumstances ·     Your contact details and the contact details of people associated with your account

·     Transaction and payment information

Answer your complaints or questions ·     The personal data which is necessary for us to deal with your complaint, which will depend on the nature of your complaint and your contact preferences

·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Transaction and payment information

·     Purchase and account history

 

 

 

 

Where we process your personal data because we’re legally obliged to

 

We process these items of your personal data because we have a legal obligation to, including:

 

Reason or purpose Personal data used
Investigating misuse of your account, crime and fraud ·     The personal data which is necessary for us to investigate the issue, which will depend on the nature of the problem.

·     At a minimum, this will include your name and contact information and information about your account and transaction history.

Attending to emergency situations (including gas leaks) ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Vulnerability information

Understand the information we hold to ensure

compliance with data protection legislation

·     All personal information we collect as listed in Section 2
Internal and statutory audits ·     All personal information we collect as listed in Section 2
Look after customers who have a vulnerability ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Vulnerability information

 

Where we process your personal data because we have a legitimate interest to

 

We process these items of your personal data because we have a legitimate interest to do so. We process the following categories of personal data, including:

 

Reason or purpose Personal data used
Maintain and improve our products and services, e.g. optimise business processes, quality assurance purposes, quality assurance purposes, support efficient management of our staff, analyse performance of webpages and provide relevant content to you ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Transaction and payment information

·     Purchase and account history

·     Location information

·     Advertising and direct marketing preferences and responses

Develop new products and services ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Financial information

·     Purchase and account history

Assess which of our products and services that may be of interest to you, e.g. To understand regional demographics and take up, tailor offers and recommendations to customers’ needs ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Transaction and payment information

·     Purchase and account history

·     Advertising and direct marketing preferences and responses

Direct marketing. If you have not specifically consented to receive direct marketing, we will only send you direct marketing materials where we are allowed to because of law. However we will never send you direct marketing where you have opted out of receiving direct marketing communications ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Advertising and direct marketing preferences and responses

For market research purposes, e.g. to understand how you use our products and services or how we might improve them ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Transaction and payment information

·     Purchase and account history

·     Responses to surveys, competitions and promotions

·     How you use mobile applications and websites

·     Device and machine information

·     Advertising and direct marketing preferences and responses

Management information reporting ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Purchase and account history

·     How you use mobile applications and websites

·     Location information

·     Device and machine information

Protection of our staff ·     All personal information we collect as listed in Section 2
Staff training ·     All personal information we collect as listed in Section 2
For the establishment, exercise or defence of legal claims ·     All personal information we collect as listed in Section 2
Maintain accuracy and relevance of your data ·     All personal information we collect as listed in Section 2

 

Where we process your personal data because you have allowed us to

 

We process these items of your personal data when you have provided your consent to the processing.

You may revoke your consent at any point:

 

Reason or purpose Personal data used
Direct marketing ·     Your contact details and the contact details of people associated with your account

·     Account information and details of other people linked to your account

·     Financial information

·     Purchase and account history

·     Transaction and payment information

·     How you use mobile applications and websites

·     Advertising and Direct Marketing preferences and responses

·     Products and services that we have determined may be of interest to you

 

 

Where we process your personal data so you can’t be identified any more

 

We may anonymise and aggregate any of the personal data we hold (so that it does not identify you). We may use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, improving our site, apps and developing new products and services.

 

  1. Sources we collect your personal data from

 

We will collect personal data from a number of sources. These include:

 

  • Directly from you: when you set up an account with us, purchase products or services from us,

submit information via our websites or apps, complete forms we provide to you, enter our

competitions and promotions, make a claim, make a complaint, exercise your statutory rights,

contact us by phone, email or communicate with us.

  • Our website and mobile applications: we collect information about how you use them and any

smart devices you connect to them.

  • Our smart devices such as smart meters and other devices we provide: we collect information

about how you use them.

  • Other companies we work with: provide us with information to help us deliver our products and

services to you. These include:

oDebt collection agencies

oService and metering engineers

  • Credit and Anti-fraud reference agencies: provide us with information about your transaction and

claim history and credit history.

  • Third party data and insight providers: companies which provide us with relevant information

about you which we append to our existing records, to help us operate our business and deliver our

services to you.

  • The government, ombudsman services, and regulators: for example, information about the

complaints they receive, or to help us deliver services

  • Social media: information you submit to our social media accounts.
  • Other people linked to your account: if someone pays for your products and services on your behalf, or you are set up to pay someone else’s products and services, we may obtain information about you from them.
  • Other companies’ apps and products: provide us with information if you connect them to our products or services.

 

  1. Who we share your personal data with

 

We share personal data with the following categories of third parties.

 

We never sell your data to a third party for their own marketing use.

 

Who Examples
Any party approved by you ·       A finance company, if you want to take out a financing service
Advertising partners ·       Google

·       Facebook

·       Twitter

·       Reviews.co.uk

·       Trustpilot

Credit and Anti-fraud reference agencies
Debt collection agencies
Industry supervisory bodies ·       Gas Safe Register

·       Napit

·       HSE

The government or our regulators ·       Information Commissioner’s Office (ICO)

·       Financial Conduct Authority (FCA)

Ombudsman services ·       If you raise a dispute or complaint and are eligible for review by an by an ombudsman service, we may share information such as your contact details, equipment and payments
Trial partners ·       Companies we work with to test our new products and services
Network operators and distributors ·       National Grid
Companies that help us run our business, support our IT infrastructure and to further understand our customers ·       MailChimp – To send you emails

·       Financial Ombudsman Service – To provide response on your complaints and questions

 

  1. Direct Marketing

 

Email, SMS, post and telephone marketing: from time to time, we may contact you by email, SMS, telephone or post with information about our products and services we believe you may be interested in. When you call STL Heating & Energy we may also provide you with information about products and services we believe you may be interested in.

 

If you have not consented to receiving direct marketing communications, we will only send these communications to you when permitted to do so by law, but in all circumstances we will respect your marketing preferences which you set when you first create your account with us (or you first deal with us), or which you update from time to time.

 

You can let us know at any time that you do not wish to receive marketing messages by sending an email

to us at info@stlheating.co.uk. You can also unsubscribe from our marketing by clicking on the unsubscribe link in any email marketing messages or by replying STOP to the number indicated on any marketing text messages we may send to you.

 

  1. Direct Marketing & Advertising on websites and mobile applications

 

You can find out more about cookies and how to manage their use by reading our cookie policy, which is available at: http://www.stlheating.co.uk/cookie-policy/

 

The details here provide a high level overview of how and where we capture and / or use personal data on our own and third party websites and mobile applications.

 

STL Heating & Energy Websites and Mobile Applications

 

When you visit any of our websites or download any of our mobile applications you will always be

provided with access to the site’s or application’s own privacy notice and cookie policy.

 

Our aim is to ensure that our websites and mobile applications are always working optimally for those

who use them. When you visit our websites and you are not logged in i.e. you are an anonymous visitor,

we will use cookies and similar technologies – in accordance with your cookie preferences – to track

anonymously details such as response times, the pages you view and the functionality you use. No

individual is uniquely identifiable from this data and it is used purely to enable us to constantly review

and improve these services.

 

Any adverts you may see whilst using the website anonymously will be generic in nature i.e. it will not

use any personal data to ‘personalise’ the advert to you.

If you chose to complete an online application, enquiry or other form then the form will set out explicitly

how the data you provide will be used.

 

 

When you are logged in we will use cookies and similar technologies – in accordance with your cookie

preferences – to track your use of the site or application. In this instance some data may be recorded to

your record to enable us to provide the best ongoing service to you.

 

In this instance any adverts you see may be tailored specially to you – for instance if you are already a

home energy customer adverts for home energy would not be appropriate.

 

Third party websites and applications

 

We work with advertising partners, including social media sites and providers, to show you advertising

about our products and services. This takes place on third party websites or mobile applications where our advertising partners have purchased advertising space. To provide you with the most appropriate advertising content, our advertising partners use information gathered anonymously via cookies and similar technologies about the websites, mobile applications, social media content and ads you interact with or view when connected to the Internet, as well as information which we provide to them, to make sure the advertising you see is more relevant to you.

 

  1. Transferring your personal data internationally

 

STL Heating & Energy in common with other organisations, use third parties located in other countries to help us run our business. As a result, personal data may be transferred outside the countries where we and our customers are located. This includes countries outside the European Economic Area (“EEA”) and to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully. Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the requirements for the transfer of personal data outside the EEA, such as the European Commission approved standard contractual clauses.

 

  1. How long we keep personal data for

 

We will keep your personal data for as long as necessary in order to achieve the processing purposes.

 

  1. Your rights in relation to your personal data

 

You may have the following rights in relation to your personal data:

 

  • the right to be informed about the personal data we collect, how your personal data is being

used, and from whom we collect your personal data when we obtain it from other sources;

  • the right to access the personal data we hold about you;
  • the right to request the correction of inaccurate personal data we hold about you;
  • the right to request the blocking or deletion of your personal data in some circumstances;
  • the right to request that we port elements of your data either to you or another service

provider;

  • the right to object to us processing your personal data (where we do so only because you

have consented, or because we are using automated means to make decisions that affect

you); and

  • the right to withdraw your consent.

 

You only have the benefits of some of the above rights in limited circumstances, which depend on the

legal reason why we collected your personal data.

 

 

To exercise any of the above rights, or if you have any questions relating to your rights, please contact

us using the details below.

 

  1. Getting in touch

 

If you have any privacy-related questions or comments, please contact STL Heating & Energy’s data protection

officer by writing to The Data Protection Officer, STL Heating & Energy, Unit 9, The Gateway 4, School Lane, Prescot, Knowsley, L34 9AA

 

You can also contact our data protection officer at info@stlheating.co.uk.

 

If you are unhappy with the way we are using your personal data, you can also complain to the UK Information Commissioner’s Office or your local data protection regulator. We are here to help and encourage you to contact us to resolve your complaint first.

 

 

Version 1.2. May 2018