Privacy Policy
GRID FAERIES PRIVACY NOTICE
The Legal Stuff
Privacy Notice
Last updated: 19 August 2024
1.Introduction
This Privacy Notice is issued by Ecotricity New Ventures Limited (ENVL) for Grid Faeries. Grid Faeries aim to end the use of diesel at festivals and outdoor events by providing battery power in the short term – an onsite source of clean electricity, as well as investigating the installation of permanent grid connections and provide funded solutions to make that happen. Grid Faeries also look to build new green energy generation projects adjacent to festival and event sites, to help cover the cost of bringing in the grid and to directly generate the power needed by the event itself.
We have developed this Privacy Notice to ensure you are informed and confident about the security and privacy of your personal information and set out the basis on which any personal data we collect from you, or that you provide to us, will be processed, shared and used by us and how you can exercise your privacy rights.
This Privacy Notice supplements the Grid Faeries Terms and Conditions found here: Terms & Conditions
Please read the following carefully to understand how we look after your personal data as it contains important information on who we are, how and why we process the personal information that you provide to us, whether through our website, by post, by phone, in person or when you otherwise communicate with us. It also explains your rights in relation to your personal information and how to contact us or the supervisory authority in the event of a complain. If you have any questions or comments about this Privacy Notice, you are able to contact us using the details set out below in Section 13 (Contact) of this Notice.
2.Who We Are
This Privacy Notice applies to personal data collected by Ecotricity New Ventures Limited (ENVL) (registered no. 11099389), a company incorporated in England & Wales and whose registered office is at Lion House, Rowcroft, Stroud, Gloucestershire GL5 3BY. In this Privacy Notice “we”, “our”, “us” means ENVL, and “you” or “your” means you, our customer.
ENVL seeds, funds, owns and operates new businesses and projects in the field of environmental sustainability to help tackle the twin climate and ecological crises (the “Services”).
For the purpose of the Data Protection Legislation (“DPL”), any other applicable laws relating to the protection of personal data and the privacy of individuals and this Privacy Notice, we are the data controller of your personal data for the purpose of providing the Grid Faeries service as detailed in section 1 above. This means that when we process your personal data, we are responsible for looking after and protecting your data. We are registered as a data controller with the Information Commissioner’s Office (“ICO”) and our registration number is ZB586155.
Please note that our Website may contain links to other independent third-party websites or applications outside of Ecotricity Limited, Ecotricity New Venture Limited and the Green Britain Group Limited. These third-party websites are not under our control and clicking on these links may allow third parties to collect or share data about you. We are not responsible for the conduct of third-party companies linked to the services we provide nor the website or contents of their privacy notice. You should refer to the privacy notice of these third parties as to how and why they may handle your personal information. When you leave our website or before you enable any connection, we encourage you to read the privacy notice or each website or application you visit or wish to use.
3.Data Protection Principles
The terms “personal data” or “personal information” in this document mean information that relates to you and from which you could be identified, either directly or in combination with other information which we may have in our possession. To help you understand how we handle your personal information, below is a summary of the data protection principles which guide how we use your personal information.
These principles provide that personal data should be:
Used lawfully, fairly and in a transparent manner;
Collected only for specified and legitimate purposes explained to you at the time of collection and not used in any way that is incompatible with those purposes;
Adequate and relevant for the purposes we have told you about;
Accurate and kept up to date;
Kept only as long as necessary for the purposes we have told you about; and
Kept securely.
4.Information we may collect from you
The personal data you provide to us or that is collected by us (or on our behalf) is used for the Services we provide to you. The different types of personal data which we have grouped together may include (depending on the Service being offered):
Identity Details: full name, title, username (or similar identifier), marital status, data of birth, gender
Contact Details: email address, contact number
Website Access Details: your internet protocol (IP) address, your login data (including browser type/version), time zone setting and location, browser plug-in type and version, operating system and platform
Profile Details: Interests, preferences, feedback, survey responses, information on how you interact with our website
Marketing and Communications Details: Your preferences for receiving marketing from us and any associated third parties as applicable, communication preferences, market research
Note that you do not have to provide your personal information to us. However, if you do not provide your personal information which we request then we may not be able to provide the services to you.
Children’s Data
If you are under 16, do not send any information about yourself to us, including your name, address, telephone numbers, or email address, unless you have your parent's or guardian's permission. In the event we learn that we have collected personal information from anyone under the age of 16, and do not have a parent or guardian's consent, we will delete that information as quickly as possible. In the event that we do hold personal data about children, we will handle that data in accordance with the terms of this Privacy Notice.
5.How we collect your personal data
The circumstances in which we will collect personal data about you may include:
Information that you provide directly - we collect your identity & contact details when you contact us to enquire about our Services; register with us to receive the Services; use the Services; use our website under the domain name <
www.gridfaeries.live (the “Website”) or request information or assistance from us.
Information that we obtain from third party sources - we may collect your personal information, particularly financial data, from third party sources, but only where we have checked that these third parties either have your consent, are otherwise legally permitted or required to disclose your personal information to us. We may also collect information about you, including identity and contact details, that is publicly available, for example, from business directories.
Information that we collect automatically - when you use our Website, we collect technical data about your activity by using cookies and similar tracking technologies (see Section 11 Cookies)
6.How and why we use your personal data
We will only collect, process and share your personal information where we are satisfied that we have the appropriate legal basis to do so. Most commonly, we will use your personal data in the following circumstances:
to supply information about our Services to you;
to give you access to all parts of the Website;
to register you on our system;
to manage our relationship with you, including by verifying your identity, administering the Services, contacting you where necessary concerning your use of the Services and the Website, and handling any complaints or queries you may have;
for our legitimate interests, including to administer, support, improve and develop our business and the Services;
to contact you for your views on the Services;
to notify you occasionally about important changes or developments to the Services or the Website;
to administer competitions or prize draws that you may enter
Legal basis for processing personal information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
We will normally collect personal information from you only where we need the personal information to perform a contract with you, where we have your consent to do so, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person (for example, if we are asked to provide your telephone number or location data to the emergency services in an emergency situation).
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information)
Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
The legal bases on which we may use your personal data and the legal basis on which we may perform such processing is set out below:
Legal basis for processing | Purposes of processing |
Contract | Providing you with electricity , gas and/or batteries |
Administering Feed-in Tariff (FIT) payments | |
Providing and running Customer helplines | |
Complaints handling | |
Setting up and otherwise administering your account(s) for Services and products which we provide to you, this may include linking different services which you receive from us | |
Contacting you in connection with the Services and your account (including through the use of electronic communication, e-mail, SMS or telephone) | |
Tracing you, where we are unable to make contact with you using the details we hold | |
Commencing legal or recovery proceedings against you to recover unpaid charges, where this is necessary | |
Informing credit reference agencies about unpaid charges and debt, which information will be recorded and may impact your ability to obtain credit in the future | |
Administering competitions and prize draws | |
Legitimate interests | Verifying your identity when you make enquiries by phone, email or letter |
Marketing of our products and services to existing customers and customers who have left us in the preceding 18 months (you have the right to object) | |
Contacting you in relation to a quotation in respect of the Services we provide | |
Informing credit reference agencies about unpaid charges and debt, which information will be recorded and may impact your ability to obtain credit in the future | |
Commencing legal or recovery proceedings against you to recover unpaid charges, where this is necessary | |
Assisting with statistical analysis to assess and improve our Services and systems | |
Recording calls made to our helpdesks and contact centres for staff training and improvements to our processes and services | |
Administering competitions and prize draws, including providing the surname and county of winners to those who enquire, or in order to comply with the requirements of the CAP Code. | |
Transfer of Personal and Special Category Data to water providers for the purpose of safeguarding vulnerable individuals. | |
Legal obligation | Complying with energy supply and distribution laws |
Responding to requests by law enforcement authorities for access to your personal information | |
Protecting our businesses and other customers from criminal or fraudulent activities | |
Enforcing a judgment of a court of law | |
The detection and prevention of theft, fraud, and money laundering offences | |
Recording calls made to our helpdesks and contact centres for legal and regulatory requirements and security purposes. | |
Our debt recovery agents may on occasion wear Body Worn Video cameras attached to their uniform. This is to establish the facts as an impartial witness in cases where there may be a dispute or altercation, which can impact on criminal or civil court proceedings. | |
Vital interests | Protecting your vital interests or those of another person |
Maintaining the priority services register | |
Preventing damage to your property, or to neighbouring properties | |
Consent | Where we have no other basis to rely on, we shall ask you for your consent. This may include but is not limited to letters of authority. |
Marketing the services of our other Group Companies (you have the right to withdraw) | |
Credit checking to confirm your eligibility to receive the Services from us, and assisting with the provision of reference information in relation to credit applications that may be made by you or other members of your household you are connected to financially | |
Maintaining the priority services register, we need your consent to share this information with the relevant parties. | |
Transfer of Personal and Special Category Data to water providers for the purpose of safeguarding vulnerable individuals |
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with this policy, where this is required or permitted by law.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact our Data Protection Officer at dataprotectionofficer@ecotricity.co.uk.
7.Direct Marketing
Where you have consented to such communications, we will use your personal information to send you updates by the agreed media routes about our services that we believe will be of interest to you.
We will always treat your personal information with the utmost respect and never sell your information or share with other organisations without your prior permission for marketing purposes. We take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
You have the right to opt out of receiving marketing communications by using the unsubscribe option included on our marketing communications or sending an email to: hello@gridfaeries.live.
8.Sharing your Personal Data
We will only disclose personal information to a third party in very limited circumstances, or where we are permitted or required to do so by law.
The third parties we may share your personal data with include:
Other companies within the Ecotricity Limited, Ecotricity New Ventures Limited or Green Britain Group Limited group, where such disclosure is necessary to provide you with our services or to manage our business
Third parties we use to help deliver our services to you
Third parties approved by you such as when you request your details to be transferred
We may transfer your personal information as part of a corporate reorganisation, restructuring, merger, acquisition, sale or transfer of assets. In such cases, we will take the appropriate steps to make sure that such transfer is in accordance with the applicable data protection laws.
We also impose data protection obligations on contracted third parties to ensure they can only use your data when providing services to us for the purposes listed above. These third parties cannot pass your details on to any other parties unless instructed to by us unless they are required to do so by law.
Transfer of Your Personal Data outside of UK/EEA
The personal information that we collect from you may be transferred to, and stored at, a destination outside the UK or European Economic Area ("EEA"). Countries outside the UK or EEA do not always have strong data protection laws which afford adequate protection to individuals’ personal data, so in the event that your personal information may need to be transferred outside of the UK/EEA, we will take appropriate steps to ensure that transfers of personal data are in accordance with applicable law(s) and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection, or where we are satisfied that alternative arrangements are in place to protect your privacy rights.
9.Security
We take precautions including administrative, technical and physical measures to safeguard your personal information against loss, theft and misuse, as well as against unauthorised access, modification, disclosure, alteration and destruction. We protect personal data using a variety of security measures including (but not limited to):
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Protection of the registration details and any debit or credit card information you give to us is a major priority. We have implemented a security policy that guards against unauthorised access. Data on our secure pages is encrypted using SSL technology.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential, and for letting us know if you think that your password has been compromised.
All your private data will be encrypted at all times whilst in transit over the Internet. SSL is special software that automatically encrypts any data sent by you on our secure pages. Our server then reads the data using a private key. This means that your data, be it debit or credit card information or any other personal details, is turned into code that can only be decoded with the private key or password. All pages on the site that require you to enter personal or sensitive information are secure. Your browser will indicate that the page is secure by displaying a padlock or key in the status bar at the bottom of the window. If your browser is suitably configured, you will receive a warning message when you first access any secure page on the site. This is simply information to advise you that the site is protecting your data.
Although ENVL will do its best to protect your personal data, it cannot guarantee the security of any personal data that you disclose online. You must accept the inherent security implications of using the Internet and we will not be responsible for any breach of security unless we have been in breach of applicable laws and then only to the limits set out in the terms and conditions for the Website.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates and members of our corporate group. If you follow a link to any of these websites, please note that these websites have their own privacy policies/web site terms of use and we do not accept any responsibility or liability for these policies. Please check such policies before you submit any personal data to them.
10.Data Retention
We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this Privacy Notice. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner.
If you are a Customer, we will retain your information for as long as you continue to use the Services and for a period of 7 years (or as long as the law requires) after your account has closed. We may decide it is necessary to retain your information for longer for the purpose of resolving disputes or payment issues, or because it is still useful (in an anonymised form) to us to analyse your use of the Services.
If you have requested information about the Services we provide, for example a quotation, we will retain your information for a period of up to 2 years from the provision of the information requested, after which your personal data will be deleted, providing that there is no ongoing legitimate reason for us to retain it.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until permanent deletion is possible.
11.Your Legal Rights in Respect of your Personal Information
You have legal rights in connection with your personal information that we process. Under certain circumstances, under DPL you have the right to:
Request access
to your personal information which is known as a data subject access request. This will enable you to receive a copy of the personal data we hold about you
Request Correction
of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Portability
of the personal information you provided us, in certain situations.
Request erasure
of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
Object to processing
of your personal information by us or on our behalf for direct marketing (including profiling) and in certain other situations (such as processing carried out for legitimate interests).
Request the restriction of processing
of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer
of your personal information to another party.
Withdraw consent
to processing where the legal basis for processing is solely justified on the grounds of consent
To ensure security of personal information, we may ask you to verify your identity before proceeding with any such request. We may also charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
If you would like to exercise any of these rights, please submit your requests to the Data Protection Office as detailed in Section 13. Subject to legal and other permissible considerations, we will make every effort to honour your request promptly to inform you if we require further information in order to fulfil your request. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we have to others, or if we are legally entitled to deal with the request in a different way.
For any personal information processed by a third party for which they are a data controller and not as a joint data controller with ENVL, please contact that third party direct to exercise your rights.
12.Cookies
We use cookies on our website. Cookies are small text files that are downloaded onto your device when you visit a website. Cookies make it easier for you to log on to and use the Website during future visits. They also allow us to monitor Website traffic and to personalise the content of the Website for you. You may set up your computer to reject cookies by modifying the settings in your browser although, in that case, you may not be able to use certain features on our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log onto our website. Collecting this information enables us to better understand the visitors who come to our website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our website to our visitors.
Our emails use tracking to show how they’ve been interacted with. We do this to help improve our emails and for analysing how successful they are. You can opt out of email tracking at any time by clicking a link in the footer of our marketing emails.
We use the following Cookies on our website, however, should you decline the collection of Cookies when you visit our page only essential cookies which enable the running and performance of the website can be used.
Cookie | Placed by | Description |
_fbp | Used by Facebook to store and track visits across websites for marketing/tracking purposes. This cookie is essential / non-essential. | |
_li_sugr, _guid, lissc | Used by LinkedIn to track conversions and retarget visitors for marketing/tracking purposes. These cookies are essential / non-essential. | |
_twitter_sess, guest_id | Used by Twitter to track user actions and measure ad effectiveness. These cookies are essential / non-essential. | |
_gcl_au, IDE, 1P_JAR | Google Ads | Set by Google Ads to track conversions and target ads. These cookies are essential / non-essential. |
_ga, _gid, _gat | Google Analytics | Set by Google Analytics and used to distinguish users for marketing and/or tracking purposes. These cookies are essential / non-essential. |
dc_gtm , gtm_auth | Google Tag Manager | Used by Google Tag Manager to load scripts and manage tracking tags. These cookies are essential / non-essential. |
13.Contact
If you have any questions about this Privacy Notice or how we handle your personal data, please contact us using the following details:
The Data Protection Officer, Ecotricity New Ventures Limited, Lion House, Rowcroft, Stroud GL5 3BY
Alternatively, please email dataprotectionofficer@ecotricity.co.uk or call the Customer Services hotline:
Within the UK - 0345 555 7100
Outside the UK - +44 3455 557 100
For EEA based Nationals, please contact our European Representative. Details are as follows:
Company Name: Instant EU GDPR Representative Ltd
Company Number: 665191
Contact Name: Adam Brogden
Contact Email: contact@gdprlocal.com
Contact Tel: +353 (0) 15549700
EU Dublin Address: INSTANT EU GDPR REPRESENTATIVE LTD, Office 2, 12A Lower Main Street, Lucan Co. Dublin, K78 X5P8 Ireland
14.Complaints
You have the right to complain about our collection and use of your personal information. In the first instance you should contact our Data Protection Officer by emailing dataprotectionofficer@ecotricity.co.uk
If you are unhappy with the Data Protection Officer’s response you may raise your concerns with the Information Commissioner’s Office at https://ico.org.uk/concerns or via telephone: 0303 123 1113 and the ICO will then investigate your complaint accordingly.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
15.Changes to this Privacy Notice
We may amend this Privacy Notice as and when required to keep it up to date with legal requirements and any applicable changes to the controller business. Any changes to this Privacy Notice will be posted to the Website.
Any changes will be effective when posted and your continued use of the Website will indicate your acceptance of these changes.
If there are material changes to this Privacy Notice, we may notify you of these via the Website or by email and/or post.
This Privacy Notice was last reviewed and updated in August 2024