Data Controller & Processor

Pure Utilities, also referred to as ‘PURE’, are trading names of Pure (CGV) Limited, company number 09548345 with Registered Office of Unit F, Astra Business Centre, Preston, PR2 5AP, and is a data controller and processor of personal data. We are committed to protecting and respecting privacy and we comply with the UK General Data Protection Regulation (GDPR). This Policy applies to personal information we hold on individuals and sole traders but does not apply to registered Companies and other Organisations. This Policy explains how we collect, process, store and use personal information.

Personal Data We Collect

Market Licensed Provider

The personal data we process internally and via the Central Market Authority (CMA) to carry out our functions as a Licensed Provider includes:

  • Contact and communication details. This includes full name, gender, email address, site and correspondence address, telephone number, job title, the organisation the individual works for, records of any communication with trading parties; and
  • Account details and Supply Point details. This consists of customer classifications including unique identifiers, meter information or market consumption data.

Information from Customers

PURE’s website hosts various online forms and tools where customers can submit details to us. Paper-based forms are available for many of our services as an alternative method for providing details. We are also able to take details from customers over the phone (for most services). Through these communication methods we may receive personal data, which is collected and stored, including: (i) Contact and communication details. This includes full name, gender, email address, correspondence address, telephone number(s), job title, the organisation the individual works for (ii) Account details and Supply Point details. This includes Supply Point ID, Reference Numbers, billing preferences, contact preferences. Basic Bank information may be visible on payments we receive.

Declining to provide certain Personal Data may make it impossible for our website (or our associated tools) to provide its services, but we will comply with such requests wherever possible. If a customer provides sensitive information about themselves such as details of special needs for bills (i.e. large font, braille), the customer agrees to us processing this information in the ways set out in this document.
Customers are responsible for any Personal Data of Third-Parties obtained, published or shared through our website or provided to us by other means. Customers confirm they have the Third-Party’s consent to provide their data and agree to us using their personal information as set out in this document.

Data from Third Parties

We may collect and store information provided to us by a Third-Party on an individual’s behalf, where we deem it to be relevant, necessary and appropriate to do so. If making a joint application or where they have informed us about another financial association with a Third-Party, a ‘Financial Association’ between the customer and the Third-Party (or Parties) may be made by Credit Reference Agencies. This will link their financial records with the Third-Party (or Parties) so we take account of both (or all) of their records in future applications either or both (or all) of them make. This will continue until one or more individuals successfully sends a notice to the Credit Reference Agencies asking for the financial association to be removed.

Other Information

When we provide services to our customers, call recordings and records of correspondence are stored to help document the timeline of events. This also includes responses to any of our surveys where customers have chosen to participate. These are used for internal training and to continually improve our levels of service. We may ask customers to provide further information if they report a technical problem to us about one of our services. We may use Cookies or other tracking tools such as usage data to help identify users and their preferences, to provide the service required and/or requested. Any use of Cookies is governed by our Cookies Policy. Information about how customers access our services, including technical information such as the Internet Protocol (IP) address used to connect a computer to the internet, is stored for system administration. This statistical data about browsing action and patterns does not identify any individual.

Legal Basis of Processing

We process personal information lawfully and fairly, in accordance with the UK General Data Protection Regulation (GDPR). We may process personal information where:

  • It is necessary to provide customers with services, or
  • Individuals have consented to our processing of their personal information, or
  • We have a legal obligation to do so, or
  • It is necessary to perform our functions and activities generally as a Licensed Provider, or
  • We have a legitimate interest to do so, for example on a business sale or fraud prevention purposes.

What We Do with Personal Information

We use personal information to:

  • Identify customers when contacting us
  • Monitor and record communications for quality assurance, compliance and to detect and prevent fraud or money laundering
  • Exercise our rights, perform our contractual obligations and provide customers with the information, products and services they request from us
  • Notify customers about changes to our service
  • Protect public health and safety in an emergency situation, or in the interests of national security
  • Carry out checks with Credit Reference Agencies
  • Allow customers to participate in interactive service features
  • Release information where we are required to do so by Law or a Court Order
  • Release information to regulatory organisations, such as the Water Industry Commission for Scotland, Ofwat, SPSO, the Central Market Agency (CMA), or those employed by or contracted to such organisation.

Sharing of Personal Data

We will only share personal data with:

  • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or our customers
  • Any regulatory organisation (such as the Water Industry Commission for Scotland, Ofwat, SPSO, the Central Market Agency (CMA), or those employed by or contracted to such organisation
  • Anti-fraud organisations and Credit Reference Agencies
  • Analytics and search engine providers, who assist us in the improvement and optimisation of our site
  • Our professional advisers and services providers
  • Third-Parties in the event we sell or buy any business or assets, in which case we will disclose personal information to the prospective seller or buyer of such business or assets
  • A Third-Party if we, and/or our assets are acquired, in which case personal data held by us about our customers will be one of the transferred assets.


We inform our customers (before collecting their data) if we intend to use it for such purpose and obtain permission. We do not share data with Third-Parties for any marketing purposes.

Processing, Storage & Retention

Data is held and processed only within the EEA. The Data is processed at our Registered Office and at other locations where a party involved with the processing of the data is located at that particular time, including permanent and temporary locations. Whilst the transmission of information via the internet is not completely secure, we do our utmost to protect personal information. Whilst we cannot guarantee the security of personal information transmitted to our site and transmission
is at customer’s own risk, once we have received personal information we use strict procedures and security features to prevent unauthorised access. Personal information is held for the period we provide services to the customer and afterwards for as long as may be necessary for establishing, exercising or defending legal rights. We delete personal data which no longer meets these criteria.

Additional Information

Automated Payment Processes

We may use a secure online, real-time payment service provider, allowing customers to pay via a credit or debit card. The payment service provider is the data controller of this particular information. We do not store or hold credit/debit card details at any time.

Specific Privacy Information

Where we cannot provide specific privacy information at certain times, we only use the information we collect in a way that members of the public are likely to anticipate, understand and accept. Where we identify these situations exist, we will regularly review our processes to determine if greater clarity can be incorporated. If it is deemed an individual would not reasonably expect our use of their details, we will actively provide privacy information, rather than simply providing it through our Policy documentation. Where we decide we need to actively communicate privacy information, we may do this by:  Contacting customers or potential customers by letter or email  Delivering a scripted message during a phone call  Providing interactive information in an online form, to explain why we need specific information  Showing a brief text notification when a particular field is highlighted.

Third-Party Links

Where we list Third-Party links to external websites on our site, these are not covered under our Privacy Policy and we cannot accept responsibility or liability for their content.

Personal Information Requests

When providing corrections or updates to personal data, customers should contact us by the method of their choice. Where there is a change of data held, we will confirm with the customer once this has been processed. If a customer requires a copy of the personal information we may hold, they should submit a Subject Access Request, preferably in writing. Please see the ‘Contact Us’ section below and note an administration fee is usually not required, however at times (usually from complex requests) we may need to request a suitable payment in advance per request made. We will provide the information required in a reasonable timeframe, or if we cannot, we will explain why this has not been possible.

Updating This Policy

PURE’s Privacy Policy is regularly reviewed to protect and inform our customers. We may update our Privacy Policy from time to time and encourage customers to ensure they have the latest version available on our website. We will not substantially change the way we use personal information already provided to us, without appropriate and prior agreement.

Contact Us

Any queries, questions or comments regarding any aspect of this Policy or the processing of personal information, please contact us.

Postal Address

Compliance Team, Pure Utilities, Portway House, 1 The Pavilions, Preston PR2 2YB.



0330 113 3050 (option 4)


Customers have the right to complain to the Information Commissioner’s Office (ICO) if they believe there is a problem with the way we handle their data. We kindly request customers contact us in the first instance, to raise awareness of any potential data issue.