Using your personal information
Your personal information (referred to as personal data) is information which, on its own or in conjunction with other information we may have access to, can be used to identify you and to provide you with appropriate products and services. This policy sets out how we collect, store, share and use the personal information we already hold about you and any we may obtain from you or from a third party in the future.
Our Data Protection Officer (DPO) provides help and guidance to assist us in meeting our obligations and to ensure we protect the data we hold about you. If you have any questions about how we use your information our DPO can be contacted by writing to Data Protection Officer, npower, Legal Department, Trigonos, Windmill Hill Business Park, Whitehill Way, Swindon, SN5 6PB. We take your privacy seriously and take appropriate steps to protect the personal information we collect from you and to make sure that your personal information is kept secure and only used in line with this policy.
In addition you have certain rights. See the section on “Your rights” and how our Individual Rights team can help you. If you have any other questions about this policy feel free to contact us using the details set out in section 13.
We are what is known as a controller of the personal information we collect and use about you. When we refer to we”, “us” “our” we mean npower and its group companies whose registered offices are at Windmill Hill Business Park, Whitehill Way, Swindon, Wiltshire, SN5 6PB and consist of the following companies:
npower group company
The current npower group includes the following companies.
- innogy SE
- Npower Group plc (company number 8241182)
- Npower Commercial Gas Limited (company number 3768856)
- Npower Direct Limited (company number 3782443)
- Npower Limited (company number 3653277)
- Npower Gas Limited (company number 2999919)
- Npower Northern Limited (company number 3432100)
- Npower Northern Supply Limited (company number 2845740).
- Npower Yorkshire Limited (company number 3937808)
- Npower Yorkshire Supply Limited (company number 4212116)
- PS Energy UK Limited (9850654)
The address of innogy SE is Opernplatz 1, 45128 Essen, Germany.
The address of the other companies in the npower group is Windmill Hill Business Park, Whitehill Way, Swindon SN5 6PB.
As our products and services may be provided to you by different companies within our group it may be that your personal information is passed to the relevant group company or companies. You can find out more about npower on our website at www.npower.com.
We need to ask you to provide certain personal information depending on the products and services we provide to you. It may be obtained directly from you when we speak to you or via our website or App if you complete an online form/application or from another third party organisation or person.
We’ll tell you if providing that information is optional including where we may require your consent to use your information for specified purposes.
We will collect information about you and other members of your household as requested by our online sign up process, over the phone or through any forms that you may complete. For example, we collect the following to assist us in setting up your account and to verify who we are dealing with:
|Full name (including title), age/date of birth|
|Home address (which may include your previous home addresses if you have lived in your current address for less than 2 years).|
|Phone number, mobile number and email address (which may include home and work phone numbers as well as home and work email addresses depending on how you wish to be contacted).|
|Bank account details as well as credit or debit card details if you pay through those means. If someone else has agreed to pay your bills then we will record their details instead of yours on your account (see section 5(o) for more information).|
|Financial details (e.g. salary, benefits) to assess your ability to pay.|
|Meter details such as the meter serial number, MPAN or MPRN.|
|Gas and electricity usage (via meter reads provided by you or our agents or taken remotely if you have a fully working smart meter).|
|Ethnic origin and physical (such as disabilities, critical illness) or mental health|
|Details about benefit entitlements.|
|We may also collect:||Information about your property’s characteristic (for example its age, number of bedrooms) if you have requested energy efficiency advice or want to compare your energy usage with other properties similar to yours.|
|Occupier details (for example the number of people living in the property) for assessing things like vulnerability and providing you with appropriate products and services or extra assistance.|
|Information about other products and services that you have with us so we can target our communications with you more effectively.|
|From you about other people:||
If you provide information on behalf of anyone else then in doing so you are confirming that you have explained how their information may be used by us and they have given you permission to do so.
If you have provided any sensitive information about yourself or others (such as health related information) you agree (and are confirming that the person who the information is about agreed) that we can use the information as set out in this policy. This may happen because you are acting as the representative on the customer’s behalf or because someone who is living with you requires additional support that we are able to offer.
|From third parties||Industry organisations who are involved in your gas or electricity (or both) supply like distribution and network companies, meter equipment owners, meter readers, other energy suppliers as well as from industry organisations who operate and maintain databases on behalf of the industry to assist (for example) in the change of supply process.|
|Landlords or letting agents who own or manage your home and who provide your details so we can set up an account in your name or from third party agents like switching sites (brokers) who you authorise to carry out your switch to us.|
|Agents like meter readers (who check your meter to see if it is safe, obtain a read so we can bill you or assist in sorting out meter issues) or debt collection agents or other service providers who are contracted by us to provide services to you on our behalf.|
|Credit reference or fraud prevention agencies in relation to your repayment history or your credit rating which may include public information about bankruptcies or county court judgments against you.|
|Credit reference or fraud prevention agencies and other publically available information (see below) to identify you if you have not told us who you are (i.e. your account is set up in the name of an “occupier”) or we need to trace you or people linked to you because you owe us money.|
|Publically available sources like the electoral role or phone directories (for example 192.com) or from the Land Registry or Companies House or social media to verify your information or to trace you if you have moved without paying your bill.|
|Your smart meter in relation to your energy consumption information from either agents appointed on our behalf or from the industry organisation set up to do so (once they are in a position to do so). See the section on “Use of Smart energy data” for more details.|
|Credit reference agencies and other external data sources and other companies we may partner with to create models based on previous promotions to see what products and services to offer you.|
|Other companies where you have given them your consent to share your personal information with us to market our products and services to you.|
|Other companies or organisations where you have given them your consent to share your personal information with us so we can see if you are eligible for additional financial assistance.|
|Other companies like energy comparison sites or brokers where you sign up to our products and services through their websites or contact centres.|
|Keeping your information up to date: You need to let us know if your details (like your name, email or phone number) change so that we can keep that information up to date. You also should let us know if your circumstances change as you may be eligible for additional support.|
|Communications: We will keep copies of other correspondence or communication you have with us whether written or sent by email or text or provided in the completion of “contact us” or feedback forms on our website or App or posted via social media (Twitter or Facebook etc.) as well as recorded telephone calls (we will always let you know when we record your calls), online web chats or recorded as a result of a visit to your home. We will also record any comments you make to us in free text fields so that we have a record of what you have told us.|
We can only use your personal information where that is permitted by data protection laws. Those laws require that where we use your personal information we must satisfy one condition (legal basis) for processing. The legal bases are consent, to comply with our legal obligations, to perform a contract, if it’s in our legitimate interests and for special category data (health) it is in your vital interests.
Set out below are the different legal bases as well as examples of the types of processing we carry out:
|Legal Basis for Processing||Processing activity (purposes)|
Where you have provided consent we will rely on that to process your information for the purposes set out at the time that the request for consent was made.
You can change that consent at any time (either by withdrawing it or giving your consent where you previously hadn’t). The consequence of withdrawing your consent might be that we are no longer able to do certain things for you.
See the section on “Your rights relating to the personal information we hold about you” then “Right to withdraw Consent”
To provide you with marketing information (including by phone, text message, email, via your online account and via your Smart in home display) about products and services (including third party products and services) which we think may benefit you in your everyday lives (if you have agreed to receive such information). We ask for consent when you sign up with us but you can change your mind at any time.
We may ask you to participate in market research (such as surveys, participation in focus groups etc.) to help improve the way we provide our services and products that we are able to make available to you – if you agree your feedback is given with your consent.
Smart meter half hourly energy use
If you have a smart meter installed at your property, we will only collect details of your half-hourly energy usage if you have given us your consent to do so.
You agree to the disclosure
If you request us to disclose your personal data to other people or organisations such as to a relative to deal with your account on your behalf or to company dealing with a claim on your behalf or you otherwise agree to such disclosures (for example to a charity providing you with debt assistance).
When we process any special categories of personal information at your request (e.g. your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation).
If you elect to either go on our Priority Services Register (which is a set of services that may be available to you or to people who may be living with you where, due to your (or their) health, age or some temporary reason (for example a bereavement) additional assistance may be required) or you agree for us to record details of your health etc. (information about your circumstances) we need your consent to do so. If you consent we will use that information to assist us in providing the priority services you have requested (if any), managing your account so we are aware you may need additional help and support (for example having a bespoke debt pathway), for internal performance review, analysis, reporting and audit purposes (both internally and to report to Ofgem) to ensure our compliance with our obligations and to improve our services to you. We may share information about your circumstances with agents and service providers (like metering companies) who carry out services on our behalf. If you agree we may also share your information with energy distributors and transporters so they can tailor their services to help you e.g. if there is a power loss.
We may need to share information about your circumstances with third parties because we believe you or someone else’s life is in imminent danger. This will be assessed on an individual basis and we will not share information unless we really believe there is a serious risk.
|Whether or not you are registered on PSR referred to above if you are in danger of being cut off and we believe you may need extra help we may record information about your circumstances. You or a member of your household may need this extra help as a result of your (or their) health, age, disability or financial circumstances (we assess and record who may require extra help as a result of their circumstances) to assist you or them and ensure you or they stay on supply.|
Performance of our Contract with you to provide products and services or to take steps at your request prior to entering into that contract
The information described above will be provided to us by you because you want to engage with us or take our products and services.
|To provide you with a quote (which may include making an assessment of your credit worthiness by automated decision making to decide which products and services and payment methods are most suitable for you).|
|To help us identify you so we know who we are talking to and authenticate the information you provide for security purposes. We may check against information we already hold about you as an energy supplier and potentially publically available information such as social media.|
|To set up and manage your account including processing and collecting payments, recovering debts, analysing your account history and improving our service to you.|
|Sending you service messages such as account notifications and communications such as price and other terms and conditions changes.|
Our use of your information will be governed by your contract terms. It is up to you if you provide it but if you do not it may affect the products and services you want.
|To supply you with any products or services you have asked us for such as the supply of gas or electricity (or both), which may include passing your details on to third parties and partnerships to fulfil offers or cashback to you.|
|To enable you to access our website or App (including your online account if you have one) to use our services.|
|To set you up in the appropriate industry systems based on agreed industry processes when you change your supply to or away from us including obtaining meter reads, resolving metering disputes etc.|
|To measure your gas or electricity use (or both) and to work out your bills.|
|To assess health and safety, environmental and financial risks to you.|
|To provide and improve customer support.|
|To resolve complaints and query resolution.|
|To train our staff and monitor our services. This may involve us recording our conversations with you or keeping copies of our correspondence with you to make sure we are providing you with a good service and are keeping to our legal and regulatory obligations.|
As necessary to fulfil a Legal Obligation
This is where we are required to do something by law, regulatory requirement or by way of a court order.
|To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance, and audit|
|To help prevent and detect debt, theft, fraud or loss of gas or electricity (or both) including preparing and sending reports to the entity contracted to run the Theft Risk Assessment Service. See the section headed “Theft and Fraud Prevention”.|
|To comply with legal and regulatory requirements including those set out in the relevant gas and electricity Acts, our licence conditions and industry codes which govern how we operate.|
|To provide certain information to Ofgem as regulator for the energy industry either as part of an investigation by them or as part of request for information or as part of an audit of our services.|
|If you have a Green Deal plan to manage the collection of the monies you owe to the relevant Green Deal provider and to update the industry parties and industry database as appropriate in line with agreed industry processes.|
|For demand forecasting and settlement in so far as is required to meet our industry requirements.|
|To relevant law enforcement agencies or government agencies where we have been asked to provide the information for legal or regulatory reasons (if we receive a legitimate request for the information).|
|To assist you if you exercise your legal rights under data protection law.|
|For the establishment and defence of legal rights.|
|To verify your identity, make credit fraud prevention and anti-money laundering checks.|
As necessary for our own Legitimate Interests
This is where we use your personal information for our normal business purposes where the benefits of doing so are not outweighed by your fundamental rights or freedoms.
You have a right to object to this type of processing. See the section on “Your rights relating to the personal information we hold about you” then “Right to object”
|To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance, and audit.|
|To help prevent and detect crime such as fraud and money laundering where this is not covered by our legal requirements and we are processing your personal information to help reduce the cost of this activity being spread across all customers by way of increased prices.|
|To send you service messages that are not strictly necessary for the performance of our contract but we believe will assist you and will improve our service to you unless in each case (with the exception of service messages or online notifications via your online account (if you have one) which you are required to receive as part of having an online account), you tell us you do not wish to receive such service messages, notifications and communications by those means and you are not required to receive them as part of the product and/or services you have signed up to.|
|To use your information for marketing purposes so for example we can see what products and services may be of interest to you.|
|To provide you with advertising about our products and services which we think may benefit you in your everyday lives, using the internet and digital media technologies provided by third parties such as Facebook and Google. You can opt out of such marketing purposes by changing your settings on Facebook or Google or by contacting us.|
|To assist in debt prevention and debt recovery which may include tracing where you have moved to and identifying who is responsible for taking supply where such processes go beyond what is strictly necessary for the performance of our contract with you.|
|For demand forecasting and settlement to assist us in purchasing energy more efficiently.|
|To resolve complaints and query resolution which go beyond strictly performing our contract with you.|
|To carry out credit checks or otherwise assessing your credit worthiness.|
|To carry out performance reviews, monitoring, modelling and analysis, reporting, profiling, auditing, market research (where the analysis is carried out by third parties who do not provide us with your details unless we have your specific consent to do so and may extend beyond energy usage to include aspects of your lifestyle, payment history etc.) and statistical analysis to assist us in ensuring we can comply with legal and regulatory requirements (including those set out in our licence conditions and industry codes) as well as to help improve the way we provide our services and the products that we are able to make available to you.|
|To test systems to help improve the way we provide our services and the products that we are able to make available to you.|
|To monitor emails, calls, other communications, and activities on your account|
|To carry out data enrichment and ensure the information we hold is accurate and up to date.|
|To report to and pay our referral partners such as telesales and broker websites like uswitch.|
|Web analytics to analyse and better configure our website and App.|
|To take part in government or industry initiatives (for example to tackle fuel poverty, improve energy efficiency or other social or consumer interests).|
|Whether or not you are registered on PSR referred to above if you are in danger of being cut off or we believe you (or someone who lives with you) may need extra help we may record a generic vulnerability marker (not going into any specific details about you or them). You or a member of your household may need this extra help as a result of your (or their) health, age, disability or financial circumstances (we assess and record who may require extra help as a result of their circumstances) to assist you or them and ensure you or they stay on supply. We will use it to assist us in providing the priority services you have requested (if any), managing your account so we are aware you may need additional help and support (for example having a bespoke debt pathway), for internal performance review, analysis, reporting and audit purposes (both internally and to report to Ofgem) to ensure our compliance with our obligations and to improve our services to you. We may share information about your circumstances with agents and service providers (like metering companies) who carry out services on our behalf.|
|If you have a display unit with your smart meter, we may send messages (for example, general energy-efficiency messages) direct to it, unless you let us know at any time that you do not want to receive such information.|
|If you have a smart meter to record your daily smart meter energy use unless you have told us otherwise (see the section on “Use of smart energy data” below).|
We may give your personal information to others in connection with the purposes set out above, including to the following:
- Agents and service providers (including IT service providers who host our databases) to support our business who may have access to our systems and data in order to provide services to us and/or to you on our behalf. For example we outsource some of our customer services activity (such as call handling, metering services, debt collection), and use fulfilment companies to send out our service and marketing communications to you. In addition we work with companies who process payment vouchers and take payments on our behalf (for example the Post Office, Payzone and PayPoint) as well as passing on your information to third parties and partners to fulfil promotional offers and cashback you have asked for.
- Agents and service providers acting on our behalf to carry out profiling, modelling and analysis, market and customer research, statistical analysis and the testing of our systems to help improve the way we provide our services and the products that we are able to make available to you. These agents and service providers include creative agencies, professional user experience testing agencies and search engine optimisation agents. We do not provide personal information unless it is specifically required for the services they are providing.
- Our legal and professional advisors including our auditors.
- Our processors and sub-processors who are involved in the hosting, development and testing of our IT systems.
- Other members of the npower group of companies as we may benefit from large IT infrastructure and expertise that exists within our business. This means that your personal information may be accessed for support and administration purposes.
- Relevant industry organisations and agencies, based on agreed industry processes who are involved in your gas or electricity (or both) supply like distribution and network companies, transmission companies, meter equipment owners, meter readers, other energy suppliers as well as industry organisations who operate and maintain databases on behalf of the industry to assist (for example) in the change of supply process, collection of green deal payments or the provision of industry data analytics to improve or enhance the energy efficiency in the energy market and/or to improve or enhance the efficiency of our operations compared to other energy suppliers.
- Credit-reference agencies such as Experian (see the section headed “Credit Reference Agencies” below).
- If we suspect someone has committed fraud or stolen energy by tampering with the meter or diverting supply we’ll record those details on your account and may share that information with Ofgem, the industry appointed TRAS Fraud Prevention Agency (being the organisation appointed on behalf of the energy industry as required under energy suppliers licence conditions to provide a service to all UK energy suppliers to facilitate the prevention, detection and any subsequent investigation of energy theft) and other interested parties such as other energy suppliers, landlords, housing associations, fraud prevention agencies and other organisations (such as the police) involved in crime and fraud prevention who may also use this information (see the section on “Theft and Fraud Prevention” below).
- The police, other relevant law enforcement agencies, regulators, public bodies such as local and central authorities (including government agencies/departments) where we have been asked to provide the information for legal or regulatory reasons (such as prosecuting offenders, assessing or collecting tax, investigating complaints or assessing how the energy sector is working) for example by a lawyer or Ofgem or to the Information Commissioner (if we receive a legitimate request for the information).
- If you do not pay a debt, we may ask debt recovery agents to pursue that debt on our behalf or we may transfer your debt to another organisation and give them details about you and that debt or we may use a credit reference agency or fraud prevention agency to trace you if you have not provided your contact details or a forwarding address so that we can recover your debt or we may pass your details on as part of current or future legal action.
- We may share limited information we hold about you (for example your email address) with third parties such as Facebook and Google that also hold your information or have an existing online relationship with you in order to identify you as our customer and to enable us (or third parties on our behalf) to provide you with relevant marketing/service messages online via the third parties sites.
- For regulatory purposes to Ofgem (or any organisation which takes over Ofgem's role) or directly to an agent acting on their behalf, or as part of a government data-sharing initiative for example ones aimed at helping people who cannot afford to pay for their heating and electricity. They may pass that information to other agencies to be analysed or for other purposes relevant to their request or investigation.
- We may share your information about your circumstances with Social services, and with medical and healthcare professionals or other similar support agencies and provide this information to other energy suppliers in line with the Energy UK “safety net procedures” if you decide to change supplier. We may also share this information with the relevant gas transporter, metering agents or network operator.
- We may share information with the Department of Works and Pensions, and organisations like Charis Grant, Fuel Direct, StepChange and Christians Against Poverty if you have agreed to us doing so to see if you are eligible for additional financial support.
- We may share information with Members of Parliament, journalists or Citizens Advice if you have asked them to assist you in dealing with a complaint.
- If someone else who is not our customer has agreed with you that they will pay your bills and has provided their payment details to us to do so we will only share your personal information with them (and vice versa) in so far as is strictly required to assist in making those payments.
- If an organisation takes over all (or nearly all) of our business or assets, we may pass your personal information to them and we may pass details of any debt you may have with us to your future service provider.
- To other parties connected with your account for example if you have provided a delegation of your authority to a partner, relative or a friend to allow them to assist you in dealing with your account.
- You if you make a request to obtain a copy of your information (see the section “Your rights relating to the personal information we hold about you”)
- If we suspect that someone has committed fraud or stolen energy by tampering with the meter or interfering with the supply we will record this information on your account and we may share this information (for as long as you have an account with us) on a regular basis (including occupier details, property type and consumption data), with the industry appointed TRAS Fraud Prevention Agency (including their sub-contractors (if any)) who will use that information and that of other customers (whether or not supplied by us) to check public and other databases they hold or have access to so that they can profile geographical, behavioural and other similar trends for the purpose of theft and fraud risk assessment and to generate leads based on that analysis which they will pass on to us for the purpose of preventing and detecting the theft of energy and the prosecution of offenders (“theft leads”).
- The TRAS Fraud Prevention Agency will hold this information and may provide it to other energy suppliers (where you have an energy account with them) or to Ofgem and other industry bodies in accordance with agreed industry processes and the information may continue to be used even following termination of this agreement where you are supplied by a different supplier.
- We may use any information we have collected as well as any theft leads received from third parties including the TRAS Fraud Prevention Agency to (where relevant and appropriate) detect, investigate, pursue (including prosecute) and prevent (in so far as possible) theft and fraud.
- If we suspect or confirm that you have committed energy theft a record of this will be kept by us and the TRAS Fraud Prevention Agency. We may use this information to assist us in making decisions about your payment arrangements and the products and services we offer you in the future.
We have set out below how we may share your personal information with credit-reference agencies and how they may record and use your personal information.
- In order to process your application (for example when you apply to take supply from us or you move home), we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”) as well as using information we already hold about you for internal credit risk and debt management and to help us assess your ability to pay. Where you take products and services from us we may also make periodic searches at CRAs to manage your account with us.
- To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your application and about your financial situation and financial history. CRAs will supply to us both public (including the Electoral Register) and shared credit, financial situation and financial history information and fraud prevention information.
- We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your closed accounts. We record your current balance and how you manage your account and may share this information with CRAs. If you owe us money and when requested do not repay in full and on time we may share this information with CRAs. This information may be supplied to other organisations (like banks, other utility companies, companies who offer you credit to purchase goods) by CRAs which may affect your ability to obtain credit.
- If we consider that your account is in default (i.e. you have not paid us and are in breach of your agreement with us or you are making ‘token’ payments towards your debt) we will notify you and if you do not pay us we will report the unpaid debt to CRAs who will record that default on your credit file. If you set up an instalment plan or some other form of payment arrangement with us to repay a debt (including paying off a debt through a prepayment meter) then a payment arrangement flag may be recorded on your credit file. We may record such a flag whether you are a current customer with us or one who has left us to go to another supplier and had their account closed with an outstanding debt that remains to be paid. This information may be supplied to other organisations (as described above) by CRAs and may affect your ability to obtain credit.
- We will use information we receive from CRAs along with information we already hold about you to:
- Assess your creditworthiness and whether you can afford to take the product and/or services;
- Verify the accuracy of the data you have provided to us;
- Prevent criminal activity, fraud and money laundering;
- Manage your account(s);
- Trace and recover debts;
- Ensure any offers provided to you are appropriate to your circumstances;
- To assess your ability to pay versus financial risk to decide on the appropriate debt recovery activity and the application of debt recovery fees (in line with guidance on ability to pay from Ofgem) including sending you timely service messages and/or contacting you by telephone if it looks like you are or are about to get into payment difficulties.
- When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other organisations (like banks, other utility companies, companies who offer you credit to purchase goods).
- If there are people who are associated with your account for example you tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before making your application or providing their details (for example adding them as a person who has authority to act on your behalf in relation to dealing with your account). CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
- We may also use information obtained from CRAs where you have failed to tell us that you are the owner and/or occupier of the property we supply. In the event that the CRAs are able to positively match your details from their search of information from other companies, the Electoral Register etc. then we will use that information to follow our internal processes to take steps to set up an account for that property using the details provided by the CRAs. Before we do so we will contact you and provide you with the opportunity to correct any information we have obtained. Where it is clear that you are the owner/occupier of the property and taking energy supply we will set the account up in your name and record the current balance and share that with CRAs. If you owe us money and when requested do not repay in full and on time we may share this information with CRAs which may affect your ability to obtain credit.
- The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail in the Credit Reference Agency Information Notice (CRAIN). CRAIN is accessible from each of the three CRAs – clicking on any of these three links will also take you to the same CRAIN document:
- If you would like to see what information the CRAs hold about you, you can contact those currently operating in the UK. The information they hold may not be the same so it is worth contacting them all. They will charge a small statutory fee.
|Credit reference agency||Contact details|
Post: Callcredit Information Group, One Park Lane, Leeds, West Yorkshire LS3 1EP.
Phone: 0330 024 7574
Post: Equifax Ltd, PO Box 10036, Leicester LE3 4FS
Phone: 0333 321 4043 or 0800 014 2955
Post: Experian, PO BOX 8000, Nottingham, NG80 7WF
Phone: 0344 481 0800 or 0800 013 8888
From the date your smart meter is installed or the date we notify you we are able to utilise the functionality of a smart meter that a previous supplier fitted, or from the date we take over your supply and your smart meter functionality is already available to us (as appropriate), we will use the smart energy consumption data for the purposes set out in this policy.
- We will use the smart energy consumption data we obtain remotely for the following purposes depending on what level of smart energy data you have chosen:
How your smart energy data will be used Monthly Daily Half Hourly To produce bills based on actual reads reducing the need to estimate your bills. To provide information and feedback to you about your energy consumption and how you could manage your energy usage better and save money (this won’t include using your smart energy data for marketing purposes unless you’ve already agreed that we can). The greater the frequency of energy usage we can obtain the more tailored the feedback can be. To track trends in energy consumption and analyse your energy data and compare it over time with other customers’ usage so we can develop tailored products and services for you (this won’t include using your smart energy data for marketing purposes unless you’ve already agreed that we can). The greater the frequency of energy usage we can obtain the more tailored the products and services we can offer to meet your specific needs. To calculate your energy usage and any debt or credit accrued To provide energy usage for industry purposes in line with industry regulations To identify and fix faults or issues with your meter more quickly. The greater the frequency of energy usage provided the easier it will be for us to identify issues with the meter at an earlier stage. To provide you with interactive tools to analyse your energy consumption through your online account or through communications we may send to you for example to provide you with energy saving advice. The greater the frequency of energy usage we can obtain the more detailed and tailored the analysis will be. To help us forecast demand for energy. The greater the frequency of energy usage we can obtain the more efficiently and accurately we can do this meaning we can purchase wholesale energy at the best price. To give you tailored advice and recommendations on how to reduce the amount of energy you use based on your specific energy usage. To carry out internal reporting, modelling and analysis to understand our customers better. Provision of daily and/or half hourly energy usage will give us a more detailed view of our customers and how they use energy to help us understand our customer needs better, help improve the way we provide our services and the types of services we offer as well as enabling us to develop the right types of products for our customers.
Monthly is the minimum level of data we are allowed to take for billing and regulatory purposes. If this is the level of consent you select we are also allowed to take ad hoc daily meter reads to maintain accurate billing where we need to send you a bill after changes to your account (for example if you move home or change your energy product), if we need to use the data to resolve a query or a complaint from you or if we think your smart meters have been damaged or been compromised in any way. Daily meter reads will help us understand the meter's recent activity so that we can diagnose and resolve the problem.
Unless you tell us you wish to opt out (object), not only will we collect your monthly energy data as set out above, we will also collect your smart energy data on a daily basis. If you would prefer us not to collect this level of energy data daily you can let us know at any time by logging in to your online account (if you have one) at www.npower.com/login and going to the “Settings” page or by calling us on 0800 980 9907 or textphone 0800 413 016 (generally free from most landlines).
Subject to section 8(l) below, if you permit us to, not only will we collect your monthly and daily energy data as set out above, your energy data will be measured every half hour. The data will only be collected by us once a day (during a daily download of that data from your smart meter).
We will discuss the purposes for which your smart energy data may be used in greater detail with you either when you contact us, or we will get in touch with you prior to your smart meter being installed, or when you transfer your energy supply over to us, so that we gain your explicit consent for us to collect and use your half hourly data. Your half hourly smart energy data will not be collected and used by us unless we get your consent to do so.
To discuss your options or change what level of energy data we collect, please call 0800 980 9907 (generally free from most landlines) or, where you just want to make a change, by logging in to your online account (if you have one). You can change your mind about the use of your data whenever you like – but we are allowed to take monthly energy usage for the purposes set out above so that we can service your account.
If you decide that you want to change the level of smart energy data that you want us to collect that change will not be reflected at a meter level for up to 2-3 days from the date that you contacted us and the smart energy data for that period either may still be available to us and to you or may not be available to us or to you until your meter is updated depending on whether you were increasing or decreasing the level of energy data you want to have access to.
We sometimes use your personal information in automated processes to make decisions about you such as credit scoring. We may also use an automated process to create a profile of you. Automated decision making involves processing your personal information without human intervention to evaluate things like your financial situation, personal preferences, interests or behaviour for example in the payments you make to us or other providers or where we may wish to send you more targeted marketing communications.
- Credit scoring
We use automated profiling to create a profile of you so we can predict your credit worthiness based on your financial profile. To do this we use information you give to us, information we obtain from credit reference agencies as well as internal information relating to how you have used other products and services we provide to you. We analyse this information to create a “scorecard” and assess you against that to see how likely you are to pay your debts. We use the results of that processing to decide on what types of products and service to offer to you and whether we require a security deposit. In carrying out that processing we are relying on the legal basis we are taking steps to enter into or perform a contract.
- Profiling for marketing
We want you to get the most relevant information about products and services we think may be of interest to you at the right time. The most effective way for us to do this is to use automated processes to create a profile of you for marketing. To do this we use information you give to us, information we obtain in relation to how you have used other products and services you have with us, your feedback (if any) as well as information we have obtained from credit reference agencies and other external data sources like Experian who provide us with customer insights.
We use an analytical program that collates the information we hold and analyses it to create models based on previous promotions to decide what products and services to offer to you and to prioritise the marketing messages you receive by; assessing your eligibility, how likely they are to be useful for you; and deciding how likely you are to respond. This information is not used to make any specific decisions about you as an individual.
All this activity is carried out on the basis of our legitimate interests to operate our business and to develop and improve our products and services.
We take the security of your personal information very seriously and operate to the standards required by law to protect it against unlawful or unauthorised processing. We train our staff to protect your personal information and check your details when you contact us. We maintain data security by protecting the confidentiality, integrity and availability of your personal information so only those people who are required to access it are able to do so and those staff receive training to ensure they know how to handle your personal information in an appropriate manner.
Whilst we put in place appropriate measures the internet and electronic means of communication are not secure and you use those to communicate with us or to receive services from us at your own risk. You must ensure you keep any account and login details and passwords secure and do not disclose them to anyone. Please ensure that you log out of your account and close your browser when you have finished.
We use a third party service provider to help maintain the security and performance of our website. To deliver this service it processes the IP addresses of visitors to the website. We use a Secure Socket Layer (SSL) protocol that provides a secure encrypted connection between you and us (the information is decrypted or put back into readable format when it reaches its destination). When you visit our website you may move in and out of secure areas. If you are requested to provide credit/debit card or bank details or any personal information to sign up to our products and services you will be in a secured area.
Although we are based in the UK we also may pass your personal information to service providers, agents and subcontractors based in countries outside the European Economic Area (EEA). For example we outsource some of our customer and IT services to organisations based in India, the USA and South Africa.
These countries may not have the same level of data protection as we operate in the UK. To make sure we keep your information secure we apply strict safeguards when transferring and processing your information outside of the EEA. We will only transfer your personal information:
- to countries approved by the European Commission as having appropriate data protection laws to ensure an adequate level of protection for your personal information such as Canada, New Zealand; or
- where we have put in place our own measures to ensure an adequate level security as required by data protection law. These measures include ensuring that your personal information is kept safe by carrying out strict security checks on our oversees agents, service providers etc. backed by strong contractual undertakings approved by the relevant regulators for example the EU style Model Clauses. Visit the ICO website ico.org.uk and search for “international transfers” for more information; or
- to a member organisation approved by the European Commission as having a suitable level of data protection for example the EU-US Privacy Shield which covers transfers to the US. Visit www.privacyshield.gov for more information.
We use the following criteria to determine the appropriate data retention periods for your personal data:
- We’ll keep your information for as long as we need it to provide you with the products and services you have signed up to.
- We’ll keep your personal information for as long as is necessary to deal with any queries or to resolve any disputes.
- We’ll keep your personal information for as long as we might legally bring a claim against you or defend a claim made by you.
- We’ll keep your personal information for as long as we might need to do so to meet our legal and regulatory requirements (for example for tax purposes, reporting to Ofgem, to meet our licence condition obligations etc.).
- We’ll keep your personal information after you are no longer a customer and your account has been closed based on our legal and regulatory requirements.
After you are no longer a customer of ours we will retain your information for 6 years unless we require it for longer to meet our legal and regulatory requirements (for example you are in dispute with us or still owe us for energy you used whilst you were our customer). However, the reasons we need to keep your personal information can vary from one piece of information to the next and may vary in relation to the different products and services you have signed up to so the length of time we keep your information for may also vary. Any information that is no longer required for any purposes will be disposed of by an appropriate means.
- You have the following rights in relation to how we deal with your personal information. However, in some cases where you ask us to correct, delete or stop processing your personal information we won’t always be required to do so. If we believe that is the case we will explain why.
- Right to withdraw Consent – if you’ve given us consent to process your personal information you have the right to withdraw that consent at any time by utilising the available unsubscribe options to marketing emails or texts or by making changes to your preferences in your online account (if you have one) or contacting us on 0800 073 3000 or textphone 0800 413 016 (generally free from most landlines) Monday – Friday 8am-8pm or Saturday 8am-6pm.
- Right to be Informed – you are entitled to be told about the collection and use of your personal information. This is achieved by this policy which set outs what data we collect, how we use it and who it is shared with etc. along with giving you appropriate “just in time” notices when we collect your information at different points in time through your dealings with us be that on the phone, by letter, via our online journeys etc.
- Right to object to processing based on it being in our legitimate interests – where we rely on this legal basis to process your data (i.e. that it is fair to use your personal information either in our interests or in someone else’s interests where there is no disadvantage to you (as opposed to any other ground)) you have the right to object to us using your personal information for those purposes. We do not have to stop processing your personal information if we can show that it is in our overriding interests to carry on processing your personal information and it will not cause you unjustified harm. In making this assessment we will balance our interests against yours.
- Access to your personal information – you are entitled to see the personal information that we hold about you at any time so you are aware of and can verify the lawfulness of how we are using it. If you write to, email or phone us and ask to see this information, it is known as a 'subject access request' or “SAR” for short. If it is not clear who we are dealing with or we are unsure precisely what you are asking for we may need to ask you to provide some additional information. We will not charge a fee unless your request is manifestly unfounded or excessive (particularly if it is repetitive) when we may charge you a reasonable fee for obtaining your information based on the administrative costs of providing it.
- Erasure (also known as the right to be forgotten) – you have the right to have personal information deleted where it is no longer necessary for us to use it, you have withdrawn consent or we have no lawful basis to keep it.
- Rectification – you can ask us to change or complete any inaccurate or incomplete or incorrect personal information that we hold about you.
- Data portability – you can ask us to provide you or a third party with some of the information we hold about you in a structured, commonly used electronic form so it can be easily transferred.
- Restriction – you can ask us to restrict the personal information we use about you where you have asked it to be erased or you have objected to our use of it.
- You may exercise any of the rights set out above by:
- Write: npower – Rainton House, Individual Rights Team, PO Box 177, Houghton–le-Spring, DH4 5OZ; or
- Call: 0800 073 3000 or textphone 0800 413 016 (generally free from most landlines) Monday – Friday 8am-8pm or Saturday 8am-6pm.
- Right to complain
If you are unhappy about the way we handle or use your personal information please write to us at Data Protection Officer, npower, Legal Department, Trigonos, Windmill Hill Business Park, Whitehill Way, Swindon, SN5 6PB and we will do our best to resolve your complaint. If you wish to make a complaint about any other matter please see the details on how to complain as set out in the Standard Terms section on “Service Levels and Complaints” or see the section on how to do so on our website at www.npower.com.
If you’re still unhappy and you do not believe we have resolved your complaint you have the right to contact the Information Commissioner’s Office (ICO). They are the supervisory body that regulates how personal data is handled in the UK. If you go to them before you have contacted us they may ask you to get in touch with us first to see if we can help you and resolve your complaint before they will investigate it.
The ICO can be contacted by their website at www.ico.org.uk, by phone on 0303 123 1113 or by post to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.
From time to time we may include hypertext links to sites which are created by individuals and companies outside of our group companies. We do this when there is a particular relevance to the topic you're reading about. Whilst we endeavour to check that the content of these sites is suitable, we unfortunately cannot take any responsibility for the practices of the companies who publish the sites that we link to, nor the integrity of the content contained within them.
This policy does not cover the links within this site or App linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Our website/App keyword search functionality is powered by npower. Search queries and results are logged anonymously to help us improve our website and App search functionality. No user-specific data is collected by us or any third party.
We use a third party provider, Oracle (using the platform RightNow), to supply and support our Webchat service, which we use to handle customer enquiries in real time.
If you use the Webchat service we will collect your name, email address (optional) and the contents of your Webchat session. This information will be retained for one year and will not be shared with any other organisations.
You can request a transcript of your Webchat session if you provide your email address at the start of your session or when prompted at the end.
When you use a debit or credit card during sign up or to top up your smart meter(s) online or to make any other payments online your debit card or credit card information is transmitted using Secure Socket Layer (SSL) protocol, this encrypts your information. We will share that information with third parties such as Payzone (smart online top up) or Netbanx who we use to process the payments for you. We may also collect your bank details for similar reasons – again these will be held securely by us and wherever possible we will only display the last four digits of your account number. We will only ever collect your credit/debit card and bank account details when you are in a secure area of our website/App. On the website you can see that you are in a secure area if you can see a closed padlock or “https” at the top of your screen. On the App we display a padlock symbol on the “continue” button after you start a payment journey. We are also PCI (payment card industry) compliant.
Our App is produced in partnership with by Black Swan Data Limited. It includes functionality to send meter readings, view energy bills, pay energy bills, see your energy usage and contact us through Webchat.
Before you can use the App services you will need to register for a npower online account via www.npower.com or the App and subsequently use those details to login. When you register with us and use our App, you provide information which identifies you as an individual which we will use to manage your gas or electricity account (or both) with us.
During the course of providing you with our App services, we sometimes need to collect information about you and your use of our App. From time-to-time you may be prompted to take part in a survey run by Foresee. This is to help us gauge your current level of satisfaction and help understand the best ways for us to improve the functionality and experience. You do not have to take part in the survey, but we appreciate every response we get.
When you use the App we may ask if you would like to receive marketing messages from us. You can opt in or out of receiving these messages you by changing your preferences within your profile.
We use a third party provider, Lithium Technologies to manage our social media interactions. If you send us a private or direct message via social media the message will be stored in accordance with section 12. It will not be shared with any other organisations.;
When someone visits our website or uses our App we currently use a third party service provider, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. These analytics enable us to see how people use our website and App and give us the information needed to make improvements and make our website and App easier to use. We also do this to find out things such as the number of visitors to the various parts of the website and the App. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google Analytics to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website or our App, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Like most websites and Apps, we use "cookies" - small text files that are saved to your device. We test different versions of the App and the website before we finalise changes to ensure that any improvements make it easier to use. Cookies help us to track how a user progresses through sections of the App and our website that we are testing.
More details about cookies, how we use them and how you can disable them can be found at http://www.npower.com/home/about-npower/cookies/.
We will retain data you have provided to us, including journey information and device model, to monitor the performance of our website and App and identify any problems. All data is completely anonymous and can’t be used to identify the user in any way.
This data will be retained within the App when the device is not connected to the internet, and then sent to the Google Analytics servers when reconnected.
This policy was updated in April 2018 and it replaces any previous policies we may have provided to you. We regularly review it and we can update it at any time so it is a good idea to check it from time to time to see if anything has changed. If we make any significant changes to this policy or to how we use your personal data we will contact you to let you know about the change and where appropriate ask for your consent.