Privacy Policy

Alt HAN Co is a vehicle established to allow all GB energy suppliers to deliver Alternative Home Area Network (Alt HAN) technological solutions and services. Our work includes assessing for the deployment of smart metering devices and technological solutions to allow smart meters to communicate with each other, otherwise known as Alt HAN equipment. Alt HAN Co is committed to protecting your privacy and compliance with all relevant legislation, including the General Data Protection Regulation (GDPR), where this applies to EU citizens, in addition to the ePrivacy Directive (implemented in the UK as the Privacy and Electronic Communications Regulations) and other applicable legislation.

This Privacy Policy covers our treatment of information that is gathered by this website and during the course of the deployment and provision of Alt HAN services, including by our third-party partners and contractors. This Policy does not apply to information collected by third party websites, or personal data collected in the context of employment. Additionally, certain information may be collected by energy suppliers, which may be used in the course of the Alt HAN services. In this case, we take steps to ensure such organisation provide notice to these individuals that their personal data will be processed for Alt HAN services, where they are best placed to do so.

The Privacy Policy covering personal data collected in the context of employment is made available to Alt HAN Co employees on the company intranet and can be requested from gdpr@althanco.com.

Typically, we will collect the personal data of energy customers, and residents and landlords in premises that may be suitable to benefit from Alt HAN services, in addition to staff at our suppliers, contractors, partners and other third parties. This will include the following:

Contact & Business Details. You may give us your Contact Details by filling in forms on our website, through an existing business relationship with your company, or through the course of research or surveys conducted in the deployment of Alt HAN services. We may use this information to contact you or in the course of the provision of services to you. This information could also be collected through your interaction with Alt HAN Co in the course of business, including where you provide services to Alt HAN, as is related to the installation of Alt HAN smart metering equipment in your building, or when you submit a complaint to us or make any other request. This will include information such as:
• Your name
• Position and Company
• Phone number
• Physical address
• Email address
• Contact preferences (for marketing purposes)
• Country or location

Financial Details. Where we need to make a payment to you or your organisation, or issue an invoice, we many collect your financial details in order to facilitate this. Generally, this will include:
• Bank name and sort code
• Bank account number

Energy Data. Where you are a resident at a building that may be suitable for the deployment of Alt HAN equipment, or otherwise fall within the remit of smart metering as an energy customer, we may process personal data specific to your smart meter, including meter serial numbers (MPANs, MPRNs, MPxNs). We may receive such data from external energy databases such as those provided by Xoserve and Electralink , as well as directly from your energy supplier. We may also process limited meter reads and consumption data for short durations, as incidentally collected by Alt HAN Co or your energy supplier during the testing of smart metering equipment. We process such data in line with the Smart Energy Code (SEC), which provides the basis for our business processes and use of this data.

Building Data. Where you are a resident, tenant, owner or other occupant at a building that may be suitable for the deployment of Alt HAN equipment, or otherwise fall within the remit of smart metering as an energy customer, we may also collect and store information about your premise, including its address and postcode, from external energy databases. We use this information to conduct a market sizing analysis of the suitability of business premises for Alt HAN smart metering equipment. This will generally not be considered personal information, and will largely consist of location (e.g. GPS coordinates), building measurements and specifications.

Technical Data. Similarly to other websites, we may also collect information from your device and store it in log files, as you interact with our website or websites hosted by our third party partners or cookies embedded in our website, in order to support your website experience and interactions with us. This information could include data on your IP Address, Location, device identifiers and information on links that you click on or content that you view.

Other Information. We may also collect information relating to an activity/complaint or engagement with the member of the public. We may also collect information in relation to Health and Safety incidents that occur with respect to our sub-contractors/surveyors when conducting surveys on-site, as part of our Health and Safety duty of care. This information will be anonymised where possible.

We may also process photographs/video/audio recordings of energy supplier’s employees and other attendees, as collected at Accelerated Solutions Environment (ASE) events as part of the course of our business activities.

Moreover, our surveyors (sub-contractors) may also take photographs of particular residences in the course of surveying them for market sizing activities, which may incidentally include photographs of residents (although we take steps to check and remove photos that include images of residents).

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Consent
This applies where you have given us consent to the processing. We do not generally collect personal data with consent, except perhaps when you have given us consent to send marketing information to you. Where you have given consent, you have the right to withdraw consent to marketing at any time by contacting us.

Legitimate Interests
We may rely on our legitimate interests (or those of a third party) – including in the context of maintaining information on complaints from residents and members of the public and engaging in certain communications about Alt HAN services, where your interests and fundamental rights do not override those interests.

Performance of a contract
We may also process your data for the performance of a contract we have with you or your organisation. This will include, for example, processing information of subcontractors’ staff, and processing data of suppliers and other parties in relation to the installation of Alt HAN Equipment.

Legal Obligations
We may also store your personal data where we need to comply with a legal obligation, such as obligations that apply to Alt HAN Co under the Smart Energy Code (SEC). This will also include processing data for Health and Safety assessments under our Health and Safety duty of care, and where we are obliged to retain payments records pursuant to financial obligations.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

We will retain the following data for the applicable periods below.

Type of dataRetention periodJustification
Contact DetailsStaff at our partners, suppliers, or third parties: For the duration of the business relationship, or 2 years since the last contactTo keep in contact with you in relation to Alt HAN services
Energy DataEnergy customers: For the duration of the provision of Alt HAN services/ Alt HAN ProgrammeTo ensure the analysis of suitability for, and provision of Alt HAN services to, specific residences
Financial Details6 years from the end of the financial year in which the payment was madeFor processing payments and for our legal/financial obligations
Other InformationPhotos from ASE events: For the duration of the provision of Alt HAN ServicesFor administering, carrying out and reporting progress at ASE events
Technical DataDevice identifiers/IP address/Cookies: Variable (See Cookies Policy below)With your consent and/or to understand interactions with our website

Cloud servers

We store personal data within our UK and EEA-hosted servers and other third-party databases. These include:
• Microsoft Office 365/Sharepoint (with data stored in Microsoft Azure data centres in the UK)
• Database providers for HR and Customer Relationship Management (CRM) details (such as Huddle, where data is stored on Rackspace data centres in the UK; and JIRA, where data is stored on UK or EU data centres)
• Finance system providers (including Agresso, with information stored on data centres in UK)

We ensure that security controls are in place around these systems, including that access controls are limited to the appropriate staff and contractors needed (for operational purposes) to access those systems. Where we exchange personal data in attachments via email, we also use password-protection and encryption solutions where possible.

Alt HAN Inventory

The Alt HAN Inventory is a database we have developed with building and premise data, which we use to assess residences for their suitability for the deployment of Alt HAN equipment. This may also include information about residents, including Energy Data. We have several security safeguards in place around the Alt HAN Inventory, which involve i) VPN connections for remove logins, or permitting connections from certain buildings or addresses (such as our office) , or; ii) log-on credentials and 2 factor-authentication in a web-based version of the Inventory interface.

Third Parties
We may also transfer your personal data to our clients and third-parties, as detailed below.. Some of these third-party providers may have staff outside the UK or European Economic Area (EEA), and may access personal data, subject to suitable and secure safeguards. Where these are used, we typically ensure that such systems employ appropriate access controls to limit usage only to the necessary staff. These are discussed further in the section below.

We may share your personal data with the parties set out below. This will typically include in the following circumstances:

• Contractors and partners that we work with to carry out Alt HAN Co business processes (including the identification of residences for Alt HAN equipment), such as Capgemini, who act as an Operational Service Provider, and sub-contractors, such as Daly International
• Our core contractors, including Gemserv, Engage Consulting, Baringa and others, who provide operational and consultancy services to us
• Energy Suppliers, that we may work with to provide your residence with Alt HAN equipment
• Business partners, such as the Technology Services Vendor(s), who work on developing Alt HAN equipment
• Database providers where we store business data and personal data, such as Huddle, JIRA and others
• Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
• HM Revenue & Customs, regulators and other authorities based in the United Kingdom, who require reporting of processing activities in certain circumstances.
• Public authorities who make lawful requests for the disclosure of information by Alt HAN Co, including to meet national security or law enforcement requirements

Alt HAN Co with enter into agreements with third-parties to ensure that they respect the security of your personal data, treat it in accordance with the law, and notify us if any security breaches occur.

Where we use such third-party providers as listed in Section 6, we take steps to enter into agreements to ensure that such third parties have the adequate safeguards in place, which include:

Generally, where data has been transferred from Alt HAN Co to other third parties outside the UK, we will ensure that any parties who receive such data have the appropriate measures to ensure secure transfers in place. In particular, this will include our sub-contractors and business partners, whose staff may access personal data on the Alt HAN Inventory from outside the UK, and may include some of our systems used for storing and sharing personal data.

Alt HAN Co will not transfer any data or allow any access to such data to such third parties until one of the following mechanisms are in place:
• An adequacy decision from the Secretary of State or Information Commissioner’s Office (ICO)
• UK-approved Standard Contractual Clauses
• Binding Corporate Rules that have been put into place

Under certain circumstances, you have rights under the GDPR and DPA in relation to your personal data, upon request:

• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully.

• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

• Object to processing of your personal data where you feel it impacts on your fundamental rights and freedoms, by contacting us to inform us of this.

• Opt-out from marketing communications or newsletters we may send to you. You should request this by contacting us at gdpr@althanco.com or replying to the marketing email you received with [OPT OUT].

To exercise these rights with respect to Energy Data, please contact your energy supplier in the first instance.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

At Alt HAN Co, we may use cookies to allow us to personalise your visits to this site, keep track of your preferences and learn about the way you use the site.
A cookie is a small text file that is downloaded onto your computer when you visit our website and allows us to recognise you as a user. Typically, these contain two pieces of information: a site name and unique user ID. All information these cookies collect is aggregated and anonymous. Cookies are essential to the effective operation of our website. Cookies make the interaction between you and the website faster and easier. Cookies may also be set by the website you are visiting (first party cookies) or may be set by other websites who run content on the page you are viewing (third party cookies).
Cookies are generally collected across the following categories:
• Strictly Necessary: Cookies that are strictly necessary to enable you to move around our websites or to provide certain basic features
• Functional: Cookies that are used to enhance the functionality of the website, including by storing your preferences
• Performance: Cookies that track visitor statistics and user traffic that allow us to monitor the popularity of sections of our website (e.g. Google Analytics)
• Marketing: Cookies that are used to track users across pages or websites to build up a user profile and display advertisements relevant to them

Currently, we have the following cookies in use on the Alt HAN Co website:

COOKIE NAME/ID CATEGORYPURPOSERETENTION PERIOD
Complianz (cmplz_all, cmplz_choice, cmplz_id, cmplz_stats)Strictly NecessaryCookies used to record evidence of a user’s consent to cookies1 year

We require you to accept or decline certain cookies by accepting or declining our Cookie Consent Notice when first accessing our website. By accepting and using our websites you consent to our use of cookies as updated from time to time and the cookies we use will be stored on your device (unless this functionality is rejected or disabled by your browser). You may access our Cookie Consent Notice to opt-out of cookies at any time subsequently.
You may access our Cookie Consent Notice to opt-out of cookies at any time subsequently. For more information on how to manage cookies usage on your device, you can visit this link: Managing the Cookies Stored on Your Device

Please note that if you prefer to block some or all of the cookies Alt HAN Co uses, you might lose some of our website’s functionality.

DATA PROTECTION OFFICER

We have appointed a data protection officer (DPO) within Alt HAN Co. If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer (DPO) at gdpr@althanco.com at any time.

For the purposes of compliance with the law, our registered address is:

AltHAN Company Ltd.,
5 Norwich Street,
London,
EC4A 1EJ.

COMPLAINTS

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. You can contact the ICO using the following:

Email address: casework@ico.org.uk
Postal address: Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone number: +44 (0) 303 123 1113

Load More

Sign up

    captcha
    To help us avoid spam, please type the characters above