PAD Technology Data Privacy Policy

Updated 24 May, 2018

Protecting the personal privacy of every customer and vendor is a crucial part of gaining and keeping your trust in PAD Technology Ltd. (the “Company”, “we”, “us”). We strive to provide a high level of privacy protection across all of our services and to deploy consistent, rigorous policies and procedures.

This data privacy statement has been updated to ensure that meet the requirements of the General Data Protection Regulation (GDPR).

PAD Technology Ltd is registered with the Information Commissioner's Office (ICO) , registration number Z345881X

This privacy statement (the “Statement”) serves as our commitment to you to protect the security and privacy of your personal data, and covers the following areas of privacy concerns:

  • The types of data we collect from you
  • When we collect your data
  • How we use and process your data
  • Our legal basis for processing your data
  • When and to whom we share your data
  • For how long we retain your data
  • Whether and how we carry out profiling using your data
  • The security measures we take to protect your data
  • Your rights over your data
  • The choices you have over how your data is collected and used by us
  • Who to contact and what to do if you wish to discuss with us about your data and your rights

This Statement does not apply to third-party applications, products, services, websites or social media features that may be accessed through links that we provide on our websites and interfaces. Accessing those links may result in the collection of information about you by a third party. We do not control or endorse those third-party websites or their privacy practices. We encourage you to review the privacy policies of such third parties before interacting with them.

Your privacy is of utmost importance to us in servicing you. Our products and services are rendered to you on the basis of your understanding of your data privacy rights.

Please read this Statement carefully. When visiting our websites and using our services that link to or reference this Statement, you agree to be bound by the terms and conditions of this Statement.

The types of data we collect from you

Personal data relates to a living individual who can be identified from that data. Identification can be by the data alone or in conjunction with any other data in the data controller’s possession or likely to come into such possession. The processing of your personal data is governed by applicable privacy laws.

PAD Technology Ltd operate a strict policy of minimising personal data to that required to allow us to provide our monitoring services and support our customers. We explicitly avoid collecting personal data beyond this requirement.

The type of data we collect about customers and users of eMIG is limited to:

  • Title, forename and surname
  • Email address
  • Postal address
  • Telephone number
  • Your preferences regarding the receipt of emails or text messages
  • Your status as a "domestic" customer (e.g. householder) or a representative of a commercial organisation
  • The name of the commercial organisation that you are associated with, as appropriate
  • Details of the systems present on eMIG that you are permitted to access or edit
  • History of billing for the eMIG service

In addition to the above personal data, the purpose of the eMIG platform is to remotely collect metering data at regular time intervals. Your account may be linked to one or more meters on the eMIG system.

We do not store any details of credit or debit cards on our systems. All on-line transactions are completed via PayPal.

When we collect your data

We collect data at the point of registration on the eMIG system and when you choose to update your personal information on the eMIG platform.

How we use and process your data

Your personal data is only used to provide the eMIG monitoring and related services. We may occasionally send you emails relating to your service, however you are able to opt out of email receipt at any time.

Our legal basis for processing your data

The personal data we collect include any and all data you provide to us when you enter into contract with us, register an account with us, enter on our website, provide us information on a web form, update or add information to your account, or give us in any other way. You can choose not to provide data to us, but we may then not be able to service you where such services require processing such data. We use the data that you provide for purposes administering your use of our services, such as communicating with you, responding to your requests, managing your account, customizing your service experience with us, improving our products and services, and personalizing marketing measures and activities. We may communicate with you by mail, email or telephone. We will send you strictly service-related announcements or information on rare occasions when it is necessary to do so.

We also receive and store certain types of data whenever you interact with us. We use "cookies," which are unique identifiers that we transfer to your device to enable our systems to provide features of our services, provide remote access for you, allow you to visit our website without re-entering your username and/or password, verify that you have the authorization needed for the services to process your requests, personalize and improve your experience, record your preferences, customize functionalities for your devices, and to improve the functionality and user-friendliness of our services. It also helps us to better understand how you interact with our services and to monitor aggregate usage and web traffic routing on our website. Most of the cookies used by us are so-called "session cookies." Cookies do not cause any damage on your computer and do not contain any viruses. Most browsers automatically accept cookies as the default setting. You can modify your browser setting by editing your browser options to reject our cookies or to prompt you before accepting a cookie. However, if a browser does not accept cookies or if you reject a cookie, some portions of our services may not function properly.

When and to whom we share your data

PAD Technology Ltd do not share personal data held in our database with any third party for marketing purposes.

We may disclose personal data to:

  • governments and/or government-affiliated institutions, courts, or law enforcement agencies, to comply with our obligations under relevant laws and regulations, enforce or defend our policies or contract with you, respond to claims, or in response to a verified request relating to a government or criminal investigation or suspected fraud or illegal activity that may expose us, you, or any other of our customers to legal liability; provided that, if any law enforcement agency requests your data, we will attempt to redirect the law enforcement agency to request that data directly from you, and in such event, we may provide your basic contact information to the law enforcement agency.
  • third parties involved in a legal proceeding, if they provide us with a court order or substantially similar legal procedure requiring us to do so.

For how long we retain your data

We keep your personal data for no longer than reasonably necessary for the given purpose for which your data is processed. If you will provide us, or have provided us, consent for us to process your data, we will process your data for no longer than your consent is effective. Notwithstanding the above, we may retain your personal data as required by applicable laws and regulations, as necessary to assist with any government and judicial investigations, to initiate or defend legal claims or for the purpose of civil, criminal or administrative proceedings. If none of the above grounds for us to keep your data apply, we will delete and dispose of your data in a secure manner according to our data protection policy.

Whether and how we carry out profiling using your data

PAD Technology Ltd do not perform personal profiling, beyond having an awareness of whether our customers are domestic (e.g. householders monitoring their home PV system) or commercial. We use metering data to establish whether energy systems are performing as expected and may inform you of under-performance, according to your preferences. We may use this information to recommend additional services, improvements or equipment.

The security measures we take to protect your data

We protect your data using technical measures to minimize the risks of misuse, unauthorized access, unauthorized disclosure, loss or theft, and loss of access. Some of the safeguards we use are data encryption, the use of firewalls and data access authorization controls. We take our data security very seriously. Therefore, the security mechanisms used to protect your data are checked and updated regularly to provide effective protection against abuse.

The eMIG website is protected by HTTPS encryption using SSL (Secure Socket Layers) via a Trustico digital certificate. This means that all web traffic to or from the eMIG website is encrypted, to prevent interception of your data by third parties.

For your confidentiality and security, we use a username and a password to secure your personal information. It is important for you to protect your username, password, or any personal information. Do not disclose your personal information (especially password) to anyone. When you are finished using our services, please do not forget to log out from your account. If you share a computer, whether in a public or private setting, be sure to sign off and close your browsers when finished using a shared computer.

We recommend that you avoid reusing passwords on different websites.

Despite our best efforts, however, security cannot be absolutely guaranteed against all threats. If you believe that the security of your data has been compromised, or if you like more information on the measures we use to protect your data, please contact us following the instructions in the “Contact Us” section below.

Your rights and choices over your data

You have the choice to allow us to collect and process your data. The collection and processing of your personal data is neither a statutory nor a contractual requirement, although as noted above, we will be unable to provide you with aspects of the monitoring service (for example warning emails or SMS messages) without the necessary data.

If you are dealing with us online, note that most browsers will inform you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and how to disable cookies. Additionally, you can disable or delete data used by browser add-ons, such as Flash cookies, on your browser or on the website of its manufacturer.

You can always choose not to provide your data to us, although we may need such data to process your requests, in which case we will inform you of our constraints.

To the extent that you have consented to our processing of your data, you can choose to discontinue our processing at any time.

You can choose to request from us a copy of the personal data we store and process regarding you.

You can choose to add or update data that you have provided to us.

You can choose to erase your data, or you may choose to restrict our processing of your data instead.

You can choose to object to our processing of your data.

You can choose to not allow us to engage in building a personalized marketing profile based on such profile.

Your choice or request on any aspects of data processing listed above can be communicated to us using the channels set forth in the “Contact Us” section of this Statement.

In summary, what we are allowed to do with your data is, with limited exceptions under applicable privacy laws, up to you. However, in the event that you choose for us not to further process your data, such choice may affect the delivery of our obligations or services to you; in this situation, we will inform you of our constraints.

Who to contact and what to do if you wish to discuss with us about your data and your rights

If you have any question about this Statement, or if you would like to exercise any of your rights, or if you have any complaints that you would like to discuss with us, please in the first instance send us your signed and dated request, together with your username, if available. Please be as accurate as possible:

by post to:

PAD Technology Ltd
Data Protection Officer
Unit 1C, Cooper Drive
Springwood Industrial Estate
Braintree
Essex
United Kingdom
CM7 2RF

or

by e-mail to info@padtechnology.co.uk