ESB’s Privacy Notice and Cookies Policy
About ESB Group
Electricity Supply Board (ESB) and its wholly and majority-owned entities (collectively, the “ESB Group”), is a leading Irish diversified and vertically integrated utility operating right across the electricity market from generation, through transmission and distribution to the supply of customers, with an expanding presence in the GB generation market. For the purposes of this Privacy Notice, “ESB Group” means ESB and each of its subsidiaries, to the extent that any such subsidiaries is the controller or processor of personal data.
For more information about the ESB Group of companies, please see the ‘our businesses’ section of our website.
We respect your privacy
This privacy notice applies to the use of personal data by all companies within the ESB Group, other than Electric Ireland, Electric Ireland Northern Ireland, ESB UK Energy and ESB Networks DAC, which are governed by separate privacy notices. Additionally, this notice does not apply to personal data we process in respect of the employment relationship with current or past employees which is outlined in our employee privacy notice.
This notice explains what information we collect, how we use it, who we share it with and how we protect it. It also details the rights available to you in relation to how we hold and use your personal data, how to exercise those rights, and what to do if you require more information or wish to make a complaint.
Why we collect your Personal Data
We collect your personal data so that we can manage our relationships with you. Activities that we require personal data for include:
- Responding to requests and providing information.
- Building, planning and developing electric vehicle charge point networks.
- Building, planning and developing electricity assets.
- Building, planning and developing communications networks.
- Managing the safe, secure and reliable operation of electricity generation assets in Ireland.
- Management of legal queries, disputes and claims.
- Management of financial transactions.
- Recruitment and selection of new employees.
- Preparation and processing of invoices and payments.
- Providing shared services across ESB Group.
- Compliance with legal and regulatory requirements.
- A range of other activities which we are obliged to undertake, or which we have gained consent to completeWe ensure that the information we collect is appropriate to the purposes for which it is obtained.
Security of your Personal Data
We keep our computer systems, files and buildings secure by following legal requirements and international security guidance. We make sure that our staff, and anyone with access to personal data that we are responsible for, is fully trained on how to protect personal data. We ensure that our processes clearly identify the requirements for managing personal data and that they are up to date. We regularly audit our systems and processes to ensure that we remain compliant with these policies and legal obligations
Types of Personal Data we may hold and where it comes from
At ESB, we recognise the importance of personal data entrusted to us. We may collect and hold a range of information about you. Examples of the types of information we may hold includes:
- Contact details and personal security information that you have provided to allow us to contact you, and to help us correctly identify you when you contact us
- Personal documentation that you have provided to us. This may include documentation you have provided as proof of address, proof of marital status, proof of vehicle or land ownership, etc..
- Contact and identification information that you have provided to us as a visitor to one of our offices or sites.
- Information about you, where you have electricity infrastructure on or near your land
- Information that you have provided to allow us to inform you about high river flows
- Land registration details for property and/or land that you may have a controlling interest in, which you have provided to us or that we have identified through land registry records
- Information about your interactions with us
- Details about legal matters that have been shared with us by you or your legal representatives
- Details of financial transactions between you and ESB.
- Financial data that you have shared with us, or that we have received as a result of carrying out a credit check
- Personal and medical data that you or your legal representatives have shared with us in relation to a legal claim
- Information about your current and past transactions at vehicle charge points, including details of the amount of electricity consumed.
- Recordings of telephone conversations with you.
- CCTV images captured for security purposes
- Information you have provided in your Curriculum Vitae, or in an employment application, including details about your past employment history
- Information about your career history and experience which we receive from recruitment agencies or referees as part of an employment application
- Results of psychometric tests that you have taken part in as part of an employment selection process
- Information about you disclosed to us in tender responses
- Information about you which has been disclosed to us by you or your employer, where your employer is providing services to ESB
We collect most of this information directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, using our website or on social media). Some information is collected as a result of individuals using our services, or interacting with us. We may also obtain information about individuals from external parties, such as credit reference agencies.
Our websites use ‘cookies’ to help us provide users with a better experience each time they visit. A cookie is a small piece of text that is placed directly on a device when it is used to visit a website. This helps to give the user a better experience when using the website. The information gathered by the cookie stays on the user’s device.
We use information gathered from cookies to help improve users’ experience on our website, for security, and to personalise content and advertising. For example, cookies help us to identify that the device has visited our site before, allowing us to customise the experience based on previous browsing history. It also helps us to determine the most relevant, related products to show that user when they are browsing. Further information about the type of cookies that we use and their purpose is available in the Cookies Policy, which you will find in Part II of this document.
How long we keep data
Information collected by us will be held for as long as it is required to fulfil the purpose it was collected for and to protect our business and our rights. We are required to keep certain types of information for a specific period of time in order to comply with legal requirements. The length of time we keep any part of your personal information will depend on the type of information and the purpose for which it was obtained
How we may use Personal Data
We use personal data so that we can provide our services and perform our statutory function. The following are the main ways we use personal data:
- Discussing and responding to your requests for information
- For the management and supply of electricity through our electric vehicle charge point stations and infrastructure
- Setting up new accounts and billing arrangements
- Monitoring payment activity and managing debt
- Planning the development of electricity generation infrastructure in Ireland
- Responding to and managing legal queries, disputes and claims
- Managing transactions involving the purchase, lease or sale of land and assets
- For the processing and management of wayleave requests and notifications
- Managing access and security of our offices, other facilities and IT systems
- To provide a fishing/boating licence or verify the validity of a licence to use waters that we are responsible for
- In the recruitment and selection of new employees
- To facilitate our involvement in community projects and/or sponsorships
- To communicate with you about events, publications and other matters we are required to tell you about, or that you have requested we update you on
- To protect or enforce our rights or the rights of any third party
- In the detection and prevention of fraud and other crime
- For the purpose of safeguarding someone’s vital interests
- Responding to requests from the courts and enforcement authorities.
- To demonstrate compliance with legal and regulatory requirements including the Safety, Health and Welfare Act 2005
Activities that require your consent
In order for us to carry out certain activities using your personal data, we may need to ask for your consent. For example, in order to allow us to make contact with you via email or SMS to make you aware of new products that may be of interest to you, we need you to have provided us with prior consent to do so.
When consent is being requested, we will provide options such as the choice of whether we may contact you by phone, post, email, text or through other digital media.
Where we require consent, we will explain why and provide sufficient information to allow you to make an informed decision.
When we receive consent to perform such activities, that consent may be withdrawn at any time by contacting us.
Who we share information with
We may share your personal data with, or disclose your personal data to, the following categories of third party:
- Agents or suppliers: these are persons or companies we have contracts with to provide products or services that we use in conducting our business, including managing our relationship with our customers. In many cases, they will be within the European Economic Area (EEA) but in some cases they may be outside of the EEA. We will only share or disclose to these parties the information that they need in order to provide the products or services, and will require those parties to ensure that the information is always adequately protected.
- Legal and Professional advisers: we may share or disclose personal data to legal and professional advisers we may engage for any reasonable purpose in connection with our business, including assistance in protecting our rights
- Regulatory Authorities: we may be required to disclose personal data to Irish or European regulatory authorities including energy regulators, environmental protection agencies or data protection Supervisory Authorities.
- Other external bodies: in certain circumstances, we may be required by law to disclose personal data to external bodies, such as local authorities, government departments or An Garda Síochána. In these cases, we will only disclose the minimum amount of information required to satisfy our legal obligation. However, once the information is disclosed, we will not be able to control how it is used by those bodies.
How to contact us
The collection and use of your data by ESB is overseen by the ESB Group Data Protection Officer. If you wish to contact our Data Protection Officer, you can email email@example.com or via post at Data Protection Officer, ESB, Two Gateway, East Wall Road D03 A995, Dublin 3.
How we address your rights
As ESB captures, stores and processes your personal information in order to carry out a range of services and activities, you have a range of rights available to you to give you confidence that your information is appropriately managed.
The rights that you have available to you include:
Gaining access to and copies of your personal data: you are entitled to receive, on request and free of charge, a copy of all your personal data that we hold. There are some limitations to this right. For example, if the data also relates to another person and we do not have that person’s consent, or if the data is subject to legal privilege. Where there is data that we cannot disclose, we will explain this to you.
Ensuring that your data is accurate: our aim is to ensure that the data we hold about you is correct and up to date. From time to time we may contact you to verify the information that we hold. You may also contact us to correct any errors that you notice.
Granting or Removing consent: where we require your consent for any processing, for example, to provide you with direct marketing communications, we will clearly explain what the consent is for, and any consequences of giving or refusing consent, and will provide that consent can only be given by way of a positive action by you. We will also ensure that you are able to withdraw any such consent at any time.
Restricting processing of your data: you have the right to request us to restrict the processing of your personal data in certain circumstances, for example, if there is a dispute over our rights to carry out specific processing activities, or where you do not want us to delete data. We will respond promptly to your request and will provide an explanation if we cannot fully comply.
Deletion of your data: in certain circumstances, you may have the right to have some or all of your personal data deleted from our records. This is sometimes referred to as the “right to be forgotten”. This may occur if, for example, we retain data which is no longer required by us, or if you withdraw a consent. If you continue to have a relationship with us, we must retain the data we need to manage this relationship. We will respond promptly to your request, and provide reasons if we object to the deletion of any of your personal data.
Moving your data: where it is possible for us to provide it, you have the right to receive a digital copy of the personal data that you have provided to us.
International Transfers of Data: in certain circumstances, we may transfer your personal information internationally, including outside of the European Economic Area (EEA). Should we do this, we ensure that all transfers are made in accordance with data protection law and that your data it will be given an equivalent level of protection that it has when it is being managed in Ireland.
How to make a complaint
If for any reason you have a complaint about our use of your personal information, or you are unhappy in any way with the information we provide to you, we would like you to contact us directly so that we can address your complaint. You can contact us by email at firstname.lastname@example.org or by postal mail at Data Protection Officer, ESB, Two Gateway, East Wall Road D03 A995, Dublin 3. You may also contact the Data Protection Commission in Ireland on 1890 252 231, by email at email@example.com or by postal mail at Data Protection Commission, Canal House, Station Road, Portarlington R32 AP23, Co. Laois.
Changes to our privacy notice
We will occasionally update this privacy notice. We will post a notice of any material changes on our website prior to implementing the changes, and, where appropriate, notify you using any of the contact details we hold for you for this purpose. We encourage you to periodically review this notice to be informed of how we use your information.
What is a cookie
A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device.
Cookies make it easy for websites to collect precise user-specific information about their visitors. This generally makes it simpler for you to navigate the web and enjoy a personalised experience.
Many cookies do essential jobs. For example, authentication cookies identify who you are when you try to log into an account. Other types of cookies enable you to shop online, storing items as you add them to your virtual shopping basket
Types of cookie
Cookies can be either temporary (session cookie) or permanent (persistent cookie).
Session cookies are stored in your device’s temporary memory – not on your hard drive – while you’re browsing a website. Usually these cookies are deleted when you close the browser. If you were to reopen the browser and revisit the website, the site would not ‘remember’ that you had visited previously. Session cookies remain active only until you leave a site.
Persistent cookies remain stored on your hard drive, persisting from session to session until you delete them or they reach a set expiration date. Persistent cookies can store information such as log-in details, bookmarks, credit card details and preferred settings and themes – resulting in a faster and smoother web journey.
How to control cookies
You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work
The cookies we use on our website can be grouped into four different categories.
Strictly necessary cookies: are essential in order to enable you to navigate around our website and use its features. Without these cookies, we would be unable to provide you with the services you have asked for.
Functionality cookies: allows our website to remember choices you make and help to provide an enhanced, more personal experience on our website.
Performance cookies: helps us improve our website and our online services. These cookies gather information about how our site is used, including which pages are visited most often. This helps us to provide a better user experience. These cookies are anonymous – which means that they won’t collect information to identify you.
Targeting & Advertising cookies: are used to help us better understand our advertising campaigns and how we can make these more relevant to you. These cookies are also anonymous, they won’t collect information to identify you.
Our website can send cookies to your web browser if your browser’s preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows. ESB’s websites, including the customer account portal, requires cookies to be enabled in order for the service to function properly. If you disable cookies, you may not be able to avail of some of our online services. If you use the website without changing your settings, we’ll assume that you are happy to receive all cookies on the ESB websites.
© Copyright Tilbury Green Power Limited 2016