We, or third parties on our behalf, collect, use and store the personal information collected about you to:
Provide services, benefits, and rewards; respond to any enquiries or issues you have; Identify you; detect and prevent crime, fraud or loss; contact you, or authorised third parties, about our services and/or products, such as sending you information when you sign up or change tariffs, service announcements and administrative messages; Train our staff and improve our products and services, which may mean that we monitor and record communications that we have with you including phone conversations, emails; conduct, advice tailored to your needs or lifestyle; Make decisions about the products and/or services and terms and conditions that we can offer to you e.g. if you ask for certain tariffs we will assess if anything prevents us from offering that tariff to you; Make personal projections about the amount of energy you are likely to use in a given period; Use information collected from your visit to our website for administrative purposes; for troubleshooting, data analysis, testing, research and statistical and survey purposes; to ensure content is presented effectively; and to enable you to participate in interactive features; Use data collected from your smart meter to enable us to work out your bills and to identify and prevent fraud or energy theft. Respond to or resolve any enquiries or requests that you may have from social media; Enable internal corporate reporting, business administration, adequate insurance coverage, the security of company facilities, research and development, and to identify and implement business efficiencies; Comply with any procedures, laws and regulations which apply to us – including where we reasonably consider it is in our (or others) legitimate interests to comply; and Establish, exercise or defend our legal rights – including where we reasonably consider it is in our (or others) legitimate interests. If you elect to either go on our Priority Services Register or you agree for us to record details of your health etc. we need your consent to do so. We may share information about your circumstances with agents and service providers (like metering companies) who carry out services on our behalf. If you agree we may also share your information with energy distributors and transporters so they can tailor their services to help you e.g. if there is a power loss.
We may contact you in writing, by phone and (where you have consented) via email or SMS with information on products, services and rewards offered by Symbio Energy, identified at the time we collect your information.
Your email may be used to show you digital advertisements via your social media newsfeed, on search engine results pages, or other websites. Unless you have asked us not to.
Your data may be profiled by us, to provide you with marketing and offers that are relevant to you. If you opt-out of profiling, we will still run analysis that includes your data, but any decisions or marketing output that results from that analysis will not be used to market to you. The generic marketing that we send may not be relevant to you. To opt-out of receiving marketing messages, or to object to our use of profiling for direct marketing purposes, contact us on 0333 050 9372 or email us at firstname.lastname@example.org.
With your consent, we will use the information that we collect about your (or a member of your household’s) requirements for your welfare (e.g. due to age, health, disability or financial circumstances), to:
ensure your welfare and the welfare of other householders e.g. ensuring we do not stop your supply and can respond appropriately during a major incident or emergency; provide products and/or services to you in the most appropriate way e.g. if you require large print or braille communications; manage staff and third-party contractors;
With your consent, we may also share this information with the following individuals or organisations:
other energy suppliers if we believe you are considering changing supplier as part of the Energy Retail Association ‘safety net procedures’; relevant metering agents or network operators; and/or other relevant organisations, such as emergency responders or local authorities, which may be able to provide support.
We use details of any criminal offences you have been accused of, together with information about whether the electricity supply to your property has been tampered with or stolen in the past (or if we suspect that it has), for the following purposes:
To make decisions about what products and services we can offer you, and the relevant terms and conditions; to make decisions about whether to disconnect you and To detect and prevent fraud or crime in collaboration with the relevant third parties.
Information we receive from third-party sources
We also receive your personal information from the following third-party sources:
Other electricity suppliers– including meter readings, equipment and payments from your existing energy supplier when you ask to switch your account to us. We may also receive details of suspected fraud or energy theft to identify and prevent fraud or crime;
Metering Agents and Data Collectors – we collect information from third-party data providers, These customer insights help us to plan our marketing activities and conduct market research and business development;
Councils, local authorities or housing associations– we may receive your name, address and contact details where they would like carbon-saving measures applied to your property under relevant government funding schemes;
Letting agents, landlords, cohabitants or previous tenants– if you have recently moved into a rental property that we supply energy to or if that third party introduces you to Symbio Energy Ltd., to set up your account;
Ofgem– as a regulated entity, we may receive your personal information from our regulator, Ofgem, to satisfy our regulatory obligations;
Law enforcement agencies(such as the police) to identify and prevent fraud or crime;
Symbio Energy group companies– for internal administrative purposes such as ensuring consistent delivery of our services to customers;
Third-party introducers(such as price comparison websites) to set up an account for you and to provide the services that you have requested; and
Legal Bases for Processing
We’ve assessed that the legal bases for using your personal information as set out in this notice are as follows:
Contract – use of your personal information is necessary to perform our obligations under any contract we have with you; or
Legal Obligations – our use of your personal information is necessary for complying with our legal obligations, or Our Legitimate Interests – to:
operate and develop our business further, detect and prevent fraud; Enhance the security of our network and information systems; Ensure that our processes, procedures and systems are as efficient as possible; Better understand how people interact with our website; Analyse and enhance the information that we collect; Determine the effectiveness of our promotional campaigns and advertising; and Enhance, modify, personalise or otherwise improve our services and communications for the benefit of our customers.
Consent – In the following specific circumstances we rely on your consent to use your personal information in a particular way:
We use information about vulnerabilities to ensure the welfare of you or your household, or to provide our products and services in the most appropriate way for you, or to send you marketing information by email.
If you have previously provided us consent for using your personal information but have now changed your mind please write to us or email us at email@example.com.
Sharing your personal information
We will share your personal information with the following categories of third parties:
any company that is an affiliate of the Symbio Energy group;
where appropriate, family members or cohabitants, previous tenants, landlords, or letting agents who/which may require information about you or your premises, or who introduced you to Symbio Energy;
our third party suppliers, partners and sub-contractors that provide, review and/or receive services concerning our website, services and/or products, which include: payment processors; suppliers of technical, support and installation services; insurers; logistics providers; security providers; cloud services providers; research agencies; broadband and phone line suppliers; and if you are entitled to claim government funding for energy efficiency measures, installers, energy performance assessors and sales advisers.
if we’re under a duty to disclose your information to comply with any legal obligation, government or law enforcement officials as may be required to meet national security or law enforcement requirements or prevent illegal activity;
Other energy suppliers– if you choose to leave us, we’ll share your information with the other suppliers to assist the switching process, including energy usage and any debts on the account. We may also share your personal information where they carry out services for us, e.g. if they carry out meter readings at your property for us;
regulators or other legally appointed bodies(such as Ofgem) for legal or regulatory purposes, e.g. if requested we may send your information to Ofgem to prove that you qualify for relevant government-funded schemes;
companies or partner organisations which provide services concerning, or use information as part of, market research;
third parties that help us with advertising and marketing. For example, we share limited personal information with the following third parties who serve advertising on their platforms on our behalf: Facebook and Google Adwords;
relevant metering agents or network operators;
debt collection and tracing agents if we provide you with services and you fail to make payments;
authorised third parties or named account holders on any account you hold with us;
if we sell, merge, or perform any internal re-organisations concerning any of our (or any third party’s) business or assets, the personal information will be one of the transferred assets to the relevant buyer and/or new data controller of such business or assets;
any third party where required to:
enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; and protect the rights, property or safety of Symbio Energy, our staff, customers or others.
credit reference agencies
Where it is necessary to credit check you, we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an on-going basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. The identities of the CRAs, and how they use and share personal information, are explained in more detail at www.experian.co.uk/crain/index.html.
fraud prevention agencies
To help us identify fraud and energy theft, we will give details of your account to fraud prevention agencies who will use the information to check public and other databases they hold and may provide information to us to help identify fraud and energy theft. Checks will be performed regularly whilst you hold an account with us.
If we suspect or can confirm theft of energy has occurred, a record will be kept by fraud prevention agencies which may include sensitive information about alleged criminal offences. The fraud prevention agencies may provide the information to other energy companies to help identify fraud and detect energy theft but only in limited circumstances where you have accounts with them. Where theft has been identified, your account terms may change, but we will notify you separately if this is the case.
Personal information transferred outside of the EEA
We, or a third party who we share personal information with, may host, store and handle that personal information outside of the European Economic Area (EEA).
We will only permit this to happen if adequate safeguards have been put in place to protect your personal information.
This means that we will:
ensure that the country in which your personal information will be handled has been deemed “adequate” by the European Commission under Article 45 of the General Data Protection Regulation (GDPR);
include standard data protection clauses approved by the European Commission for transferring personal information outside the EEA into our contracts with those third parties (these are the clauses approved under Article 46.2 of the GDPR); or
(in the case of transfers from the EEA to the USA), ensure that the recipient of the personal information has certified with the US-EU Privacy Shield Framework, as permitted by Article 46.2 of the GPDR.