The purpose of this notice is to inform you how we collect and use (process) your personal data during and after your relationship with us, in accordance with applicable Data Protection Laws.
ATE Solutions is a broker of energy, water, telecommunications and similar utility products and services to business. The personal data we collect and process is limited to the employees of those businesses and only ever in their capacity as a representative of the company. We are what is referred to in law as the data controller of your personal data. As the data controller we have a number of legal obligations to ensure that we only use personal data in a fair, transparent and secure manner. If you have any questions regarding this privacy notice, our use of your personal data or wish to exercise any of your legal rights under data protection law, you can contact us either by writing to The Data Protection Officer, ATE Solutions (Yorkshire) Limited, 366 Allerton road BB15
7BN or by email Callum@askate.co.uk
How we obtain your data
In most cases the personal data that we process will be provided by you. This may be in relation to an enquiry you have made, where you have instructed us to act on your behalf as a broker and when signing up to a marketing list. Correspondence between us in writing, by telephone and when attending meetings. We may also receive personal data from third parties such as credit reference agencies and your representatives. If you visit our offices, we operate a CCTV system. We require all visitors to sign our site register. We may also ask you to provide information regarding your satisfaction of the service we have provided to you. Please help us to keep your information up to date by informing us of any changes to your contact details.
What data do we capture
We will only ever ask for the minimum personal data required to fulfil the task in hand. In most cases we would only process some or all of the following personal data:
- Your name and where relevant job title
- Contact information, for example telephone numbers, email address and postal address
- CCTV images
- Telephone call recordings
- Bank account and payment details (financial records)
- Energy consumption, telephone and data usage
- Credit reports
- Customer satisfaction correspondence
- Marketing preferences
Not all of the above are considered personal data if you are trading as a legal corporate entity, for example a limited company. If you are a sole trader or limited liability partnership the scope of what is considered to be personal data is broader.
How we use your data and our lawful basis for processing
We will only use your personal data where the law allows us. This is likely to be limited to the following examples.
- When responding to your enquiry, for example taking steps to entering in to a contract with you.
- To carry out our obligations arising from any contracts entered by you, your company and us. This may include disclosing your data to a third party utility provider and credit reference agency.
- For our own internal record keeping where there is either a legal requirement for us to do so or where it is in our legitimate interest.
- To control access to, and/or provide security at our offices where it is in our legitimate interest to do so.
- To seek your views or comments on the services we provide as part of the contract you have entered in to.
- To contact you with information about company updates, services, offers and other things we think might be relevant to you where it is in our legitimate interest to do so or where you have consented to the processing.
Disclosure of your data
We will only ever disclose your personal data to a third party where contractually required to do so or where we have your consent or are required to do so by law. To enable us to provide you with quotes it is necessary that we disclose your data to a number of utility providers who will use this data to provide us with a quote. As part of the quotation process we, or the utility company, may undertake a credit check on the business. We may also pass your information to our auditors, regulator and other associated organisations for the purpose of regulatory compliance. When using third party service providers we only disclose the personal data that is necessary to deliver the service. We have a contract in place that requires them to keep your information secure and prohibits them from using your data for their own purposes. All third parties are subject to a duty of confidentiality.
Security of your personal data
We undertake regular IT security and data protection auditing to ensure our systems meet the expectations of the law and those of our clients. Those of our employees and suppliers who have access to personal data are required to undertake data protection training.
Transfers of data outside of the EEA
We may transfer your personal information to third party data processors who are based in countries outside the European Economic Area (EEA). We use some US-based companies that provide services such as IT, communications and data analytics service such as MailChimp and Google Analytics. We only use US-based organisations that are self-certified as adhering to the EUUS Privacy Shield. We will not transfer your information to any processors based in other countries outside the EEA unless there is a European Commission adequacy decision for the specific country to which the data is transferred, or where we can be certain that there are adequate safeguards provided for your information and individual rights standards that meet the GDPR requirements.
How long we keep your personal data
We will retain your personal data as long as is necessary to provide the services to which you have requested, or where we have another legitimate and lawful reason to do so. We may need to retain some information to comply with our legal obligations such as financial and accounting records. Unless there is an ongoing business relationship, we will only retain your personal data for 7 years
after our last contact with you.
Your rights in respect of your personal data
You have a number of rights under data protection law. In summary these include:
- Subject Access – you have the right to request details of the personal data which we hold about you and a copy of that data
- Right to Withdraw Consent – where our use of your personal data is based upon your consent, you have the right to withdraw that consent at any time. In the event you wish to withdraw your consent to processing, please contact us using. You should be aware that withdrawing consent may result in us no longer being able to provide you with the service you originally requested
- Data Portability – you may, in certain circumstances request us to provide with a copy of your data for transfer to another organisation. In view of the services we offer it is unlikely that this right would be relevant to our data relationship with you
- Rectification – we want to ensure that the personal data we hold is accurate and up to date. If you believe that any data we have about you is incorrect or incomplete, please let us know. To the extent required by applicable laws, we will rectify or update any incorrect or inaccurate personal data about you
- Erasure (‘right to be forgotten’) – you have the right to have your personal data ‘erased’ in certain specified situations
- Restriction of processing – you have the right in certain specified situations to require us to stop processing your personal data and to only store such personal data
- Object to processing – You have the right to object to specific types of processing of your personal data, for example, where we are processing your personal data for the purposes of direct marketing
- Prevent automated decision-taking – in certain circumstances, you have the right not to be subject to decisions being taken solely on the basis of automated processing
To exercise any of these rights or if you have any questions about our Privacy Notice please contact our Data Protection Lead using the contact details provided at the top of this notice. You should also be aware that these same rights apply in respect of any third party company we may have disclosed your data to as part of the quotation process. You would need to contact those organisations directly should you wish to exercise any of your rights.
While we hope to be able to resolve any concerns you have about the way that we are processing your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been processed in a way that does not comply with the GDPR or have any wider concerns about our compliance with data protection law. You can do so by
calling the ICO helpline on 0303 123 1113 or via their website https://ico.org.uk/
We keep our privacy notices under regular review. This notice was last updated on 30th April 2020.