Our team of water experts can answer any questions you may have about switching supplier. Just fill out the form below and we'll get back to you with some sound advice at the very least.
Data Controller
Pure Utilities is the trading name of Pure (CGV) Limited, company number 09548345 with Registered Office of Portway House, 1 The Pavilions, Preston, PR2 2YB.
For the purposes described in this policy, we are the data controller of personal data. We are committed to protecting and respecting privacy and we comply with the UK General Data Protection Regulation (GDPR). This policy applies to personal information we hold about individuals, including sole traders, partners and individual contacts at companies and other organisations. This policy explains how we collect, process, store and use personal information.
Market Licensed Provider
The personal data we process internally and via the Central Market Agency to carry out our functions as a Market Licensed Provider includes:
Information from Individuals
Our website hosts various online forms and tools where individuals can submit details to us. Paper-based forms are available for many of our services as an alternative method for providing details. We are also able to take details from individuals over the phone (for most services). Through these communication methods we may receive personal data, which is collected and stored, including: (i) Contact and communication details. This includes full name, title or salutation, email address, correspondence address, telephone number(s), job title, the organisation the individual works for (ii) Account details and Supply Point details. This includes Supply Point ID, Reference Numbers, billing preferences, contact preferences. Basic bank information may be visible on payments we receive.
Declining to provide certain personal data may make it impossible for our website (or our associated tools) to provide its services, but we will comply with such requests wherever possible. Where individuals provide information about accessibility or support needs (such as large font, braille), we will use this information only to provide the requested support, communications or services, and where we have a lawful basis and any additional condition required under data protection law.
Individuals are responsible for any personal data of third parties obtained, published or shared through our website or provided to us by other means. Where individuals provide personal data about another person, they must ensure they have authority to do so and, where appropriate, have made that person aware of this Privacy Policy. We will use that personal data in accordance with this Privacy Policy and data protection law.
Data from Third Parties
We may collect and store information provided to us by a third party on an individual’s behalf, where it is relevant, necessary and appropriate for the purposes described in this policy. If making a joint application or where they have informed us about another financial association with a third party, a ‘Financial Association’ between the customer and the third party (or parties) may be made by Credit Reference Agencies. This will link their financial records with the third party (or parties), so we take account of both (or all) of their records in future applications either or both (or all) of them make. This will continue until one or more individuals successfully sends a notice to the Credit Reference Agencies asking for the financial association to be removed.
Other Information
When we provide services to our customers, call recordings and records of correspondence are stored to help document the timeline of events. This may include records generated through our electronic communications, document management and contract-signing processes, such as whether a communication or document has been delivered, accessed, progressed or completed. We use this information to administer customer accounts, support customers through application or contract processes, maintain accurate records, resolve queries, and evidence the status of communications and contractual documentation.
This also includes responses to any of our surveys where customers have chosen to participate. These are used for internal training and to continually improve our levels of service. We may ask customers to provide further information if they report a technical problem to us about one of our services.
We may use cookies and similar technologies to help identify users and their preferences, provide the services requested, improve our website and services, and understand how our services are used. Any use of cookies is governed by our Cookies Policy.
When individuals access our services, we may also collect technical and usage information, such as the Internet Protocol (IP) address used to connect a device to the internet, browser type and version, time zone setting, operating system and platform, page response times, download errors, length of visits and page interaction information. We generally use this information for system administration, security, analytics and service improvement purposes.
Legal Basis of Processing
We process personal information lawfully and fairly, in accordance with the UK General Data Protection Regulation (GDPR). Depending on the circumstances, we may process personal information where:
We will only rely on legitimate interests where we have considered that our interests are not overridden by the rights and freedoms of the individuals concerned.
We may use personal information to:
We will only share personal data with:
Marketing
We may use personal information to contact customers, prospective customers and business contacts about our own products, services, updates or offers that may be relevant to them.
We will only send direct marketing communications where permitted by law. This may include where we have consent, where the soft opt-in applies, or where we are otherwise permitted to contact business customers and business contacts under applicable data protection and electronic communications laws.
Customers, prospective customers and business contacts can opt out of marketing communications at any time by contacting us or by using any unsubscribe or opt-out option included in our communications. We do not sell personal data to third parties or share it with third parties for their own marketing purposes.
Processing, Storage & Retention
Personal data is generally held and processed in the UK and, where applicable, the EEA. Where we or our service providers transfer personal data outside the UK or EEA, we will ensure appropriate safeguards are in place in accordance with data protection law.
Personal data is processed at our Registered Office and at other locations where a party involved with the processing of the data is located at that particular time, including permanent and temporary locations. Whilst the transmission of information via the internet is not completely secure, we do our utmost to protect personal information. Whilst we cannot guarantee the security of personal information transmitted to our site and transmission is at customer’s own risk, once we have received personal information we use strict procedures and security features to prevent unauthorised access.
We retain personal data in accordance with our data retention policy and only for as long as necessary for the purposes for which it was collected, including to meet legal, regulatory, accounting, reporting, contract management, complaint handling, debt recovery, or dispute-resolution requirements.
How long we keep personal data will depend on the type of information, the purpose for which it is used, and any legal, regulatory or operational requirements that apply. For example, account, billing and contract records may be kept for the duration of the customer relationship and for a period afterwards where required for legal, regulatory, accounting, audit or dispute-resolution purposes. Call recordings, correspondence and service records may be kept for as long as needed to manage the account, evidence communications, improve service quality, handle complaints or resolve disputes.
Automated Payment Processes
We may use a secure online, real-time payment service provider, allowing customers to pay via a credit or debit card. The payment service provider is the data controller of this particular information. We do not store or hold credit/debit card details at any time.
Specific Privacy Information
Where we cannot provide specific privacy information at certain times, we only use the information we collect in a way that members of the public are likely to anticipate, understand and accept. Where we identify these situations exist, we will regularly review our processes to determine if greater clarity can be incorporated. If it is deemed an individual would not reasonably expect our use of their details, we will actively provide privacy information, rather than simply providing it through our policy documentation. Where we decide we need to actively communicate privacy information, we may do this by: (1) Contacting customers or potential customers by letter or email (2) Delivering a scripted message during a phone call (3) Providing interactive information in an online form, to explain why we need specific information, or (4) Showing a brief text notification when a particular field is highlighted.
Third Party Links
Where we list third party links to external websites on our site, these are not covered under our Privacy Policy and we cannot accept responsibility or liability for their content.
Personal Information Requests
Individuals have rights under data protection law, including the right to access their personal data, request correction or deletion, restrict or object to processing, and request data portability where applicable. Individuals may also have rights in relation to automated decision-making and profiling. These rights may not apply in all circumstances. We do not make decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects.
When providing corrections or updates to personal data, customers should contact us by the method of their choice. Where there is a change of data held, we will confirm with the customer once this has been processed. If a customer requires a copy of the personal information we may hold, they should submit a Data Subject Access Request (DSAR), preferably in writing. Please see the ‘Contact Us’ section below.
We will not usually charge a fee for responding to a request. However, we may charge a reasonable fee or refuse to act on a request where permitted by data protection law, for example where a request is manifestly unfounded or excessive. We will provide the information required in a reasonable timeframe, or if we cannot, we will explain why this has not been possible.
Updating This Policy
Our Privacy Policy is periodically reviewed to protect and inform our customers. We may update our Privacy Policy from time to time and encourage customers to ensure they have the latest version available on our website. We will not substantially change the way we use personal information already provided to us, without appropriate and prior agreement.
Contact Us
Any queries, questions or comments regarding any aspect of this policy or the processing of personal information, please contact us.
Postal Address
Compliance Team, Pure Utilities, Portway House, 1 The Pavilions, Preston PR2 2YB.
compliance@pureutilities.co.uk
Phone
0330 113 3050
Escalations
Customers have the right to complain to the Information Commissioner’s Office (ICO) if they believe there is a problem with the way we handle their data. We kindly request customers contact us in the first instance, to raise awareness of any potential data issue.