Delta Energy and Environment Limited is listed on the register of data controllers held by the Information Commissioner’s Office. Our data protection registration number is ZA695530.
About this policy
Delta-EE is aware of its obligations under the General Data Protection Regulation (GDPR) and current data protection legislation, and is committed to processing your data securely and transparently. This privacy notice sets out, in line data protection obligations, the types of data that we collect and hold. It also sets out how we use that information, how long we keep it for and other relevant information about your data.
Delta-EE is the data controller meaning that it determines the processes to be used when using your personal data. If you have any queries about the process or how we handle your information please contact us at firstname.lastname@example.org.
Data controller – determines the purposes and means of processing personal data
Data processor – is responsible for processing personal data on behalf of a controller
Data subject – the identified or identifiable living individual to whom personal data relates.
In relation to your personal data, we will:
- Process it fairly, lawfully and in a clear, transparent way
- Collect your data only for reasons that we find proper and legitimate
- Ensure the personal data we process is adequate, relevant and limited to what is necessary
- Take all reasonable steps to ensure the data we process is accurate
- Keep your data for only as long as we need it
- Ensure that we have appropriate security measures in place to protect the personal data we hold
Under the GDPR, the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting Delta-EE
- We have a contractual obligation
- We have a legal obligation
- We have a legitimate interest
- Completion of forms with personal data on Delta-EE’s website
- Sign up to receive direct marketing communications
- Attend an event in person or online that we have organised
- Communicate with us (for example, on a social media site or via email)
- As a subscriber to our products or services
- Surveys that you interact with
- Provision of personal details though non-electronic means such as business cards and letters
- LinkedIn campaigns you interact with
- Registration forms for Webinars
- When you download a document from our website
- You can read our cookies policy here
We may also collect personal data in other contexts that we will notify you of at the time.
Types of data we process
- Your personal details including your name, job title, email address, phone numbers, work address, home address if provided and any other contact details shared by you
- Financial information (processing payments/invoices)
- LinkedIn searches
- Web searches
- Networking contacts
- Our Website logs information about your interaction with our site, such as which pages you visit, IP address/provider, browser and operating system.
- Personal details provided by collaborating organisations, clients, and other contacts through specific research areas in our research work.
- Personal details provided by collaborating organisations, clients, and other contacts through specific consultancy projects. The purpose and specific requirements around GDPR will be specified on a project by project basis in our contracts with the client and sub-contractors where relevant.
Why we process your data
We process your personal data for a range of purposes including:
- To respond to requests and enquiries
- Providing access to Delta-EE products & services
- For configuring user accounts and passwords on our online services
- Performing market research
- Advertising and marketing our products & services
- Providing requested information i.e. when you have signed up to marketing mailing lists
- Providing you with information & invitations to our events
- To determine the effectiveness of our marketing
We use the personal data for the purposes described above because we have a legitimate interest in operating and improving our business that is not overridden by your interests, rights and freedoms to protect personal data about you.
We may also use the information to protect against and prevent fraud, claims, and other liabilities and to comply with or enforce applicable legal requirements, industry standards, and our policies and terms. We use personal data for these purposes when it is necessary to protect, exercise or defend our legal rights, or when we are required to do so by law that applies to us.
Sharing your data
We may share this information with
- Sub-contractors who are performing services for us on specific research or consulting projects
- Partners working alongside us on research and consulting projects
- Service providers who maintain platforms where data is stored
How we store your personal information & retention
Your information is stored in Sage and electronic copies of invoices. We keep this information for a minimum period of 7 years.
Your information is stored in Microsoft Dynamics 365. We will retain your information for 6 years from the last active contact with Delta-EE, unless we have a reason to keep for longer e.g.. you are signed up to a service or mailing list. After this period we will delete your information by completing queries matching this criteria on the data we hold.
Information stored in Dynamics comes from a number of the previously stated sources, ClickDimensions, LinkedIn campaigns, GoToWebinar, email interactions, Delta-EE website interactions, communication with Delta-EE employees/contractors and the provision of services by Delta-EE.
Your information may be used in connection with a consultancy project, including but not limited to the purposes of conducting interviews, producing case studies, or inviting to an event or workshop. This information may be stored in a range of electronic formats including Microsoft Excel spreadsheets which are stored securely on Delta-EE’s SharePoint site. This data will be stored for a maximum of 6 years, or less where specific Data Protection contractual arrangements are in place for the specific project which describe the responsibilities of the Data Processor and the Data Controller.
Your information is stored in our subscriber website database if you have access to our Subscription services. Every 6 months we delete inactive user accounts.
Your information is stored in GoToWebinar when you register to attend a Webinar. We will keep this information for 2 years after the Webinar.
Your information is stored in excel spreadsheets. We will keep this information for as long as necessary to fulfil the purpose for which we collected it. These will be deleted within 2 years after this purpose is fulfiled.
Under the data protection legislation, you have certain rights in relation to the data we hold on you. These are:
- The right to be informed – This means that we must tell you how we use your data, and this is the purpose of this privacy notice.
- The right to access – You have the right to ask us for copies of your personal information which we hold.
- The right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- The right to erasure – If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it.
- The right to restrict processing – to (in certain circumstances) object to or restrict processing of your personal data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.
- The right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- The right to object – You have the right to object to the way we use your data where we are using it for our legitimate interests.
- Rights related to automated decision making including profiling – individuals are permitted to ask for for a copy of our automated processing activities if they believe the is being processed unlawfully.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact email@example.com
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects here.
Delta-EE tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Delta-EE’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
The supervisory authority in the UK for data protection matters is the Information Commissioner’s Office (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Delta-EE tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ or SAR under section 7 of the Data Protection Act 1998. If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to
- to let you have a copy of the information in an intelligible form
To make a request to Delta-EE for any personal information we may hold you need to put the request in writing to firstname.lastname@example.org or in writing to the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need via email within one month. If you have made a number of requests or your request is complex, Delta-EE may require extra time to consider your request, you will be notified should extra time be required.
We keep our privacy notice under regular review and we may update it at any time. This privacy notice was last updated on 17/12/2021.
How to contact us
Delta Energy & Environment
3 Lady Lawson Street
Phone Number: +44 (0)131 625 1011
Data Protection officer: Andrew Turton, Head of Operations.