Privacy Policy
This privacy policy explains how Emerald Green Power Limited (EGP) will collect, process, use, and store your personal data if you use any of our services, contact us or use this website https://www.emerald-green-power.com.
​
We take your privacy seriously. We are committed to respecting your Data Protection rights and ensuring our processing complies with UK Data Protection laws, including the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.
​
It is important that you read this privacy notice carefully.
​
Please note:
-
We reserve the right to update this privacy notice at any time. We may also notify you in other ways from time to time about the processing of your personal data.
-
In this Policy, references to "we", "us", and "our" (and other similar terms) means EGP and "you" and "your" (and other similar terms) mean our customers, contacts, suppliers, and Website visitors.
-
If you work for us our employee’s privacy notice is available by contacting ian@emeraldgreenpower.com.
1. What types of personal data do we collect about you?
We collect different types of personal data from you depending on how you choose to contact us and our relationship with you.
The personal data we may collect from you includes:
-
Name, title, address, telephone numbers, email addresses;
-
Survey responses;
-
Information about you in connection to a legal claim, such as personal injury claims;
-
Where you visit our website, your IP address, and your behaviour on our website (e.g., the links you click) – these are referred to as ‘Cookies’;
-
Footage of you, on CCTV if you visit our offices or from dashcam on our vehicles; and
-
Medical or health information so that we can assist our services to your needs.
If you would like to know more information about the types of personal data we hold on you, or change any of the details that you have provided us, please see the section below entitled 'Your rights'.
2. How do we collect and process your personal data?
We may collect and process Personal Data from you in the following ways:
2.1. Enquiries/complaints and surveys
When you contact us or respond to one of our surveys, you will generally need to provide us with some personal data so that we can deal with your matter. This may include your name, address, email address, and contact telephone number. You can contact us using our customer service email (customerservice@emeraldgreenpower.com) or social media channels.
We record all calls for training and quality control purposes and will ask for certain personal details such as your name and contact information. We will use any personal data that you provide us in order to resolve your query or complaint.
In some circumstances we may be required to make a payment to you. Where it is not possible to make a payment to you via cheque, we may also collect payment card details in order to make an electronic payment.
2.2. Legal claims
We may collect information about you in connection with legal claims, such as personal injury claims. We may receive this information from you directly or from third parties on your behalf. This information may include sensitive health data and may be stored by a third party on our behalf.
2.3. Suppliers
If we enter into a service agreement with you as a professional service company and identify you as the individual providing the service to us using an intermediary for example a limited company, we may collect your personal data in order to obtain the services and where applicable to comply with IR35 taxation legislation.
2.4. Visiting our sites
We have CCTV at some of our offices and depots and so you may be recorded if you visit us. There are signs to show you when you are entering an area monitored by CCTV. CCTV images are held for 30 days and then deleted (unless there is a legitimate business reason for us to keep it any longer).
2.5. Our lawful basis for processing your personal data
Data Protection law sets out six lawful legal basis which allow us to collect, hold and use your personal data. We only process your personal data if we have a lawful basis to do so.
a) Consent
Where we need your consent to hold your personal data, we will ask you separately to confirm your consent; either by a written statement or other ‘opt-in’ mechanism, such as ticking a box or clicking on a button. In each case we will inform you separately from this notice about why we are collecting the information, how we will use it, how long we keep it for, and how you can subsequently opt-out if you change your mind.
B) Contract
Where we have entered into a contract or contracts with you, we may need to use your information to provide you with services.
C) Legal Obligation
As a regulated entity, we are subject to various legal and regulatory obligations which require us to process your personal data. Where we are required to do so, we will process your personal data in order to comply with these rules and regulations.
D) Vital Interests
Where processing is necessary in order to protect the vital interests of an individual.
E) Public Task (Not Used)
F) Legitimate Interests
We will only process personal data for the purposes of our own legitimate interests where these interests are not overridden by the interests and fundamental rights, or the freedoms of the individuals concerned. We believe that our legitimate interests include running and managing our business as an efficient hydrogen production business and to undertake the activities set out above.
​
3. Special Category Data
Data Protection law recognises certain "special categories" of personal data, which is information:
-
revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership,
-
genetic data;
-
biometric data (where used for identification purposes); and
-
data concerning health, a person's sex life or a person’s sexual orientation.
These special categories are considered particularly sensitive and have extra protections under legislation. We may collect and use this information in the following ways:
-
Where you have given us your explicit consent to process your personal data; or;
-
Where we consider it necessary to protect your vital interests or the vital interests of another person.
4. Sharing your information
Your information may be processed by employees of EGP, approved contractors, suppliers and/or software providers who assist us with or conduct activities on our behalf. The following are examples of who we may share your information with:
-
Employees or contractors working on behalf of, or in partnership with EGP. We may pass on personal data to these parties in order to comply with our statutory and contractual obligations. We shall seek only to pass on details that are necessary.
-
External suppliers or service providers, such as auditors, professional advisers, software providers and those providing connection and metering services. The information we provide them will only be provided in connection with the performance of their function.
-
Local authorities, courts and tribunals, law enforcement, governmental and regulatory authorities, if we are required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority.
-
Other third parties, for example: social services, charities, healthcare, and other support organisations.
Some of your personal data may be stored, processed, or accessed outside of the United Kingdom or the European Economic Area (EEA). As these countries may not have the same Data Protection laws as the UK, we will make sure that any transfer of your personal data to countries outside of the EEA is subject to appropriate safeguards, and contractual provisions are in place to protect your information.
​
5. How long we keep your information
Legal and regulatory requirements determine the length of time information must be kept which means that retention periods vary depending on the purpose for which we hold your personal data. We will only keep personal data about you for as long as it is necessary for the purposes for which the personal data are processed.
In some circumstances we may anonymise your personal data so that it can no longer be associated with you.
6. Security of your information
Keeping your personal data secure is important to us. We will act appropriately to ensure that your information is kept securely and is not disclosed to anyone who is not entitled to see it.
Where we transfer personal data to third parties to enable them to process it on our behalf, we ensure that the providers meet or exceed the relevant legal or regulatory requirements for transferring data to them and keeping it secure.
We have put in place procedures to deal with any suspected data breaches and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
​
7. Your rights
As an individual (Data Subject), you have the right to request from us access to your own personal data. This is sometimes known as a 'subject access request'.
You also have additional rights to request from us:
-
That any inaccurate information we hold about you is corrected;
-
That your information is deleted;
-
That we stop using your personal data for certain purposes, for example when you withdraw consent;
-
That we stop any consent-based processing of your personal data after you withdraw that consent;
-
That your information is provided to you in a portable format; and
-
That decisions about you are not made by wholly automated means.
​
If you wish to exercise any of the rights listed above, please contact our Data Protection Officer on the contact details below.
Many of the rights listed above are limited to certain defined circumstances, so if we are unable to comply with your request, we will tell you within one month of receiving your request. We may need to request specific information from you to confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is to ensure that personal data is not disclosed to someone who has no right to receive it.
​
8. Our Contact Details
Emerald Green Power Ltd is a data controller and we have therefore notified the Information Commissioner’s Office of our activities in accordance with data protection legislation. Our registration number is CSN1481546.
If you have any questions or concerns in relation to this privacy notice or would like to exercise your Data Subject Rights, please contact our Data Protection Officer by:
​
-
Email: ian@emeraldgreenpower.com;or
-
Post: Data Protection Officer, Emerald Green Power Limited, 5 Kestrel Close, Tiverton, Devon, England, EX16 6WY.
If you remain dissatisfied with our actions, you also have the right to complain to the Information Commissioner's Office, which is the statutory regulator for data protection law. Details of how to complain to the ICO can be found at https://ico.org.uk/concerns/