View our Cookies Policy hERE
Data Controller is a natural or legal person which alone or jointly with others determines the purposes and means of the Processing of Personal Data. For this Policy, Hudson Energy Supply UK Limited is the Data Controller.
Collecting and Processing Your Personal Data
We collect your Personal Data when:
You visit our website: your device and browser may disclose certain information (such as device type, operating system, browser type, IP address, MAC number, dates and times our website was accessed and other information) that may be Personal Data.
Smart meters: if you have a smart meter installed at your property, we’ll automatically receive readings in relation to your energy consumption. This will allow us to provide you with benefits including accurate bills and the ability to keep track of your energy consumption.
Reasons we collect your Personal Data and the grounds for which we process it:
||Reasons why it is necessary to process
Online identifiers such as IP address and device identifiers
To study website and app usage and efficiencies in order to improve our products and services to you, including the operation of our websites and apps.
Private contact information such as your name, postal or email address and phone number
Business contact details and other information such as your business phone number and email address, job title, department, name of your organisation and your dealings with Hudson Energy
Business execution including researching, developing and improving products or services; concluding and executing agreements with customers, suppliers and business partners; recording and settling services, products and materials to and from our Group of companies; managing relationships and marketing such as maintaining and promoting contact with existing and prospective customers, account management, customer service, and development, execution and analysis of market surveys and marketing strategies.
Organisation and management of the business including financial management, asset management, mergers, de mergers, acquisitions and divestitures, implementation of controls, management reporting, analysis, internal audits and investigations.
Health, safety and security including protection of an individual’s life or health, occupational health and safety, protection of our companies and staff, authentication of individual status and access rights.
Legal and/or regulatory compliance including compliance with legal or regulatory requirements including litigation and defence of claims.
Contact details such as your phone number and email address
In order to contact you about important information regarding your application or contract with us.
Financial details such as your bank account number and cardholder name
To arrange direct debit payments from you for supplied energy.
Vulnerability information such as health/medical conditions
To place you on our Priority Service Register if you feel you or someone in your household is in a vulnerable situation.
To facilitate compliance with legal and regulatory obligations, we carry out screening on our customers, business partners, and on individuals associated with our existing and potential business counter-parties. This screening takes place against publicly-available or government-issued sanctions lists and media sources. This screening includes individuals such as customers, directors, officers, sole traders, shareholders and key stakeholders of our current and potential counter-parties. The purpose of this screening is to enable us to protect our assets and employees/contractors, and specifically to ensure that we can comply with trade control, anti-money laundering and/or bribery and corruption laws and other regulatory requirements. This screening does not result in any automated decision making.
We will perform automated processing in the form of a credit check before we open an account for you. We use credit referencing agencies to confirm the following:
- that you live at the property you’d like Hudson Energy to supply;
- the previous addresses you may have occupied;
- your credit score. This is calculated by credit reference agencies based on information including (but not limited to) your financial accounts, credit applications and insolvency related events.
If you fail to pass our credit checks we may ask you for a security deposit or provide you with a prepayment meter before we set up your account.
For more information regarding how your personal data is processed by credit reference agencies and how your credit score is calculated, please visit Experian’s Credit Reference Agency Information Notice at http://www.experian.co.uk/crain/index.html
We will process your Personal Data for the purposes set out above because:
- - You consented;
- - You have gained consent to supply another’s Personal Data, such as emergency contacts;
- - It is necessary for complying with a legal obligation;
- - It is pursuant to our legitimate interests, such as the pursuit for the payment of debt or the establishing, exercising and defending of our legal rights;
- - It is pursuant to a substantial public interest.
Any processing of your Personal Data by us will be done in a manner that is proportionate to the task pursued and with security measures to safeguard your rights and freedoms in relation to that information.
Where the processing is based on consent, you have the right to withdraw your consent at any time. This will not affect the validity of the processing prior to the withdrawal of consent. However, choosing to withdraw your consent may affect your ability to fully interact with us or participate in our programs or services.
Sharing your Personal Data
In addition, we may disclose to:
- - Anti-fraud services;
- - Government, legal, regulatory or similar authorities such as ombudsmen as well as accreditation and licencing agencies where required, including for the purposes of the detection of unlawful actions or behaviour;
- - External professional advisors to our group of companies subject to obligations of confidentiality;
- - Debt collection agencies;
- - Data aggregation services;
- - Third party service suppliers such as billing services and customer service administration;
- - Any relevant party, complainant, investigator, auditor or court appointed agent;
- - Any legal authority for the purposes of detection, prevention or investigation of crimes or threats to public safety;
- - Potential third party acquirers in the event that we sell or transfer a portion or all of our business or assets.
Transfers of Personal Data
From time to time, we may need to transfer your personal data to authorised third parties located outside of the European Economic Area (or the UK in the event the UK is no longer part of the European Economic Area). When we do send data outside of the EEA, we take organisational, contractual and legal measures to ensure that your personal data is exclusively processed for the purposes above and that adequate levels of protection have been implemented to safeguard your personal data. These measures include:
- - Binding Corporate Rules, the European Commission approved transfer mechanisms for transfers to third parties in countries which have not been deemed to provide an adequate level of data protection as well as any additional local legal requirements;
- - Sending information to countries which have been deemed as having adequate protection by the EU;
- - Entering into European Commission approved standard contractual arrangements with the third party.
For more information, please contact us at [email protected].
We implement technical and organisational measures specifically drawn to protect your Personal Data against unauthorised, accidental or unlawful access, loss, alteration and disclosure. These measures all aim to handling your information to achieve data minimisation. This means that we process selected pieces of your Personal Data given within your consent only as required for the task at hand. If the task does not require your Personal Data, that portion of your information will not get processed. If the task does require your Personal Data, we would pseudonymise it so that it is sent in files that separate that from the remainder of the information.
If your contractual relationship with us ends without any outstanding issues for resolution and without any outstanding legal obligations on our part to retain your Personal Data, we will remove it from our records within a reasonable amount of time after the end of that relationship.
If it ends with potential outstanding issues, we will retain your Personal Information:
- - For 6 years when that issue is reasonably identifiable;
- - For the duration of resolution of that issue until it is resolved entirely, whichever is sooner. We would retain the minimum amount of your Personal Data as necessary in order to identify the relevant pieces of information relevant to resolve the issue.
Whenever the removal of your Personal Data is due to be removed from our records, we will do so within a reasonable amount of time after that. We have processes which ensure the deletion of information after it is appropriate to do so and systematically, your information when it is due to be removed should be removed at the next cycle of systematic deletion
You have certain statutory rights in relation to the Personal Data that we hold about you as your Data Controller, including:
- - The right to receive copies of the Personal Data we do hold;
- - Confirmation of the nature of processing, whether we disclose it to third parties and where those third parties are located;
- - The right to request rectification of any inaccuracies in your Personal Data;
- - The right to request erasure of Personal Data which we have on record for you which is not strictly necessary to our performance of our contractual and legal obligations;
- - The right to withdraw your consent of our processing of your Personal Data to the extent that your withdrawn consent does not obstruct our performance of our contractual and legal obligations nor impairs our rights as Data Controller to maintain amounts of information regarding you in order to exercise our rights to legitimately use that data, for example in the pursuit of debt you owe us;
- - The right to lodge a complaint with an official data protection regulator should you feel that we have processed your Personal Data in contravention of your statutory rights and freedoms.
Our Cookies Policy
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree.
Cookies contain information that is transferred to your computer's hard drive and may contain, amongst other details, device and technical information such as:
- - IP (internet protocol) address
- - Device ID
- - App ID
- - Vendor ID
- - Advertising ID
We use the following cookies within our site:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. [We may also share this information with third parties for this purpose.]
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
Contact Details Of Your Data Controller
If you have any questions about the application of this Policy or about your Personal Data which we hold as your Data Controller, please write to:
Hudson Energy Supply UK Limited (trading as Green Star Energy)
3rd Floor, Elder House
586-592 Elder Gate
Milton Keynes MK9 1LR
Or email us at [email protected].
If you are unsatisfied with the handling of your personal data, then you have the right to lodge a complaint with the UK Information Commissioner’s Office. Please visit www.ico.org.uk for more information.