The Data Controller is Neon Reef Ltd, Unit A 18, Arena Business Park, Holy Rood Close, Poole, BH17 7FJ. We are registered with the Information Commissioner’s Office.
This policy explains how we collect information about you and the security measures we take to protect your privacy and security.
neonreef.co.uk is a secure HTTPS website and is hosted on a dedicated and secure server in the UK.
The website may contain links to 3rd party websites (for example; to Apple/Google Play or regulatory bodies). We are not responsible for the privacy practice of these sites.
If you fill out one of our online forms, a notification email will be sent to the relevant team within our company. No copy of the data you submit is stored anywhere. As our website uses SSL (https) the data you submit using the form is encrypted when you press the “Submit” button.
When we first ask for your personal information, or when you get a new product or service from us, we’ll give you the opportunity to tell us whether you want to receive information from us about our other products and services. It will usually be a tick box on an application or contract, and you can change your preferences at any time in your Neon Reef Online Account or by emailing email@example.com
It’s important that you understand what we will do with the data we hold about you, as well as the lawful reasons we are allowed to do this.
We may sometimes combine information we collect from you with information we obtain about you from third parties and affiliates and information derived from any other subscription, product, or service we may provide.
We use the information we hold about you for the following purposes:
5.1 We may use your information to:
• Give you the service you’ve asked for (which might include the loyalty and incentive schemes we run from time to time)
• Offer you account, services and products from us or our partners. To do this, we may use an automated scoring system, which also includes information from credit reference agencies and other companies
• Help run and improve our accounts, services and products – provided at any time, past, present or future
• Create statistics, test our computer systems, create profiles and marketing opportunities and to analyse customer information. To do this we may use information about what you buy from us and how you pay for it – for example how much energy you use and any optional services you’ve selected.
• Help prevent and detect debt, fraud and loss
• Train our staff
• Let you know about products and services that we or our partners offer, by email, phone, text message, multimedia message or other electronic communications.
5.2 We may monitor and record communications we have with you. Including emails and phone calls. We do this to ensure we provide you with an excellent standard of service and to meet our regulatory and legal responsibilities.
We’ll use the information you provide when we need to get in touch.
If we’re contacting you to tell you about any offers we may have, we will try to use your preferred contact method. We will stop sending you these offers at any time if you contact us with us your details.
7.1 We may allow other companies and organisations to use your information. Why?
• To give you the services you’ve asked for, which may include giving information to members of your family, household, anyone acting on your behalf or other interested parties (such as landlords or letting agents).
• As part of our sales process for one or more of our businesses
• To help identify and prevent debt, fraud or loss (for example by passing information to a credit reference agency).
• To transfer any unpaid debt to another organisations – we’ll have to give them information about you and that debt.
• For regulatory or legal purposes
• For future legal action
• As part of any government data sharing initiatives, like those designed to help people may be struggling to pay for their energy.
• As part of any loyalty scheme.
• To providers of any other product or service where Neon Reef act as the introducer. For example, we provide details to enable the providers to contact you and assess your needs and to develop new products and services.
7.2 Occasionally, we may pass your information to organisations outside of the European Economic Area (EEA). Because of that, we may pass your information to countries that have different standards and laws about protecting your information. We will ensure that any such organisation has appropriate controls to ensure Neon Reef continues to meet its obligation to you and that appropriate standards are maintained.
7.3 If we suspect someone has stolen energy or fraud by diverting an energy supply or tampering with the meter, we’ll record this in our records and may share the information with Ofgem, or anyone else who needs to know (such as landlords, housing associations or other suppliers). If the energy (gas or electricity) to your property has been stolen or tampered with (or we suspect it may have been), we may take this into account when we decide what products or services we can offer you, and any terms and conditions we are able to give you.
7.4 We may ask your old energy supplier for information we need to take over your supply, including meter readings, equipment and payments. We can pass on that kind of information to your new supplier should you move on, too.
7.5 If we think that you (or anyone in your household) might need extra support or care (for example; because of age, health, disability or financial circumstances), we may record this in our records. We’ll use this information if things go wrong in the future and may share this information with:
Such as social services, charities or healthcare organisations. We’ll pass on your information to them if we think you (or someone in your household) needs help.
Other energy suppliers
If you’re thinking of changing, we may pass your information on to your new suppliers. We’ll assess which customers may need extra care and record and may share this information in line with the Energy Retail’s Association procedures – which means we may share it with your gas transporter, meter agent or network operator too.
We have strict security measures in place to protect your personal information. This includes following our security procedures (like confirming your identity when you call us) and encrypting data on our websites.
8.1 If you give us information on behalf of someone else, you’re confirming that you’ve given them the information in this policy and that they have agreed for us to use it in the way we’ve described in this document. You also agree, and where appropriate the person the information is about has agreed, that any sensitive information about yourself or other people can be used in the ways set out in this document.
8.2 You’re entitled to have a copy of the information we hold on you and you can have an any inaccurate information corrected.
8.3 Should we update this policy your consent to the updated policy will by continued use of our website, products or services.
Unless stated elsewhere in this document or in our terms and conditions we only store the data necessary to provide the services we provide to you. We will keep this data as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal or regulatory obligation to retain the information, whichever is the longest).
Remember that communications over the internet aren’t secure unless you’ve encrypted them. These kinds of messages can go through a number of countries before they are delivered, and therefore we cannot accept any responsibility for any unauthorised access or loss of personal information if it’s beyond our control.
Our cookies don’t store sensitive information like your name, address or payment details: they simply hold the ‘key’ that, once you’re signed in, is associated with this information. However, if you’d prefer to restrict, block or delete these cookies, you can use your browser to do this.
Each browser is different, so check the ‘Help’ menu of your particular browser (or your mobile phone’s handset manual) to learn how to change your cookie preferences.
What is a cookie?
To use www.neonreef.co.uk, you need to have cookies enabled, as we will need to place cookies in your device to enable any sign up to go through.
If you don’t want to enable cookies, that will mean that your experience of using the site will be impaired – as some of the cookies help us to identify and resolve errors when you’re browsing. Most web browsers have cookies enabled, but you can turn them off/on should you need to.
Do not track (DNT) is a feature offered by some browsers, with some newer browsers offering it as default. If you enable it, it sends a signal to websites to request that your browsing isn’t tracked, for example by third party ad or social networks, or analytic companies.
At present no industry-wide uniform standard has been agreed and adopted to determine how DNT requests should be managed, so www.neonreef.co.uk doesn’t currently respond to DNT requests. Until that standard is established, we’ll continue to review DNT and other new technologies, but won’t respond to DNT requests.
We’re giving you this information as part of our initiative to both comply with legislation, and make sure we’re honest and clear about your privacy when using our website.
How do I stop using cookies?
You can normally alter the settings on your browser to prevent it from accepting cookies, or to tell you when a website tries to put a cookie on your computer. www.neonreef.co.uk does not operate properly without cookies, but you can delete them at anytime using your web browser.
We provide links to websites provided by other providers (for example, App Store or Google Play). We are not responsible for the privacy practice of those sites.
We use a number of third-party cloud-based services for the purposes of effectively running our business and providing our services to you. We also use a number of third-party organisations (e.g. accountants, Recruitment agencies etc.).
In all cases where we are using a third-party service or company, we will only provide the minimal amount of information for the purposes of delivering the service to us and to meet our requirements.
The information we collect includes your name and contact information that you volunteer such as your telephone number, email address, mobile number and postal address. We also ask you for your date of birth and bank details during the course of creating your account. We will collect information about your bank account or credit card details where appropriate. Where you elect to register for our PSR service (priority services register) we may collect sensitive information you volunteer such as medical conditions solely for the purpose of providing the appropriate support. We will never collect other sensitive information such as your religious or political beliefs.
We may also use third party providers to obtain contact information in order to market our products and services to you, but only in accordance with latest law and will always respect your marketing preferences as well as the telephone preference service.
Under current data protection legislation in the UK, you have rights as an individual you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website:
If you want to make a complaint about the way we are processing your data, you can contact us. You also have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns
How to withdraw consent and object to processing
Where we are processing your data and needed to ask your permission to do so, you are able to withdraw your consent at any time. If you want to stop receiving our marketing emails you can do so by clicking the “unsubscribe” link at the bottom of the email, changing your preferences in your online account or by contacting us using the details below.
If you want to raise concerns about the way we are processing your data or would like to raise an objection then please email us via firstname.lastname@example.org with your concerns.
Keeping your data up to date
It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information we hold about you, please contact us using the contact details below.
Erasure of your data (the “right to be forgotten”)
Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems.
If you want to exercise your right to be forgotten, please email email@example.com.
Your right to portability allows you to request a machine-readable format of the data you supplied to us and associated service logs (where we store them). Please contact us, using the contact details below, if you’d like to receive a CSV export of your data.
Access to your data
You have the right to ask us about what data we hold about you, how we process it and provide you with a copy of the information, free of charge and within one month of your request.
To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses below. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.
We do not share any personal data with any third parties unless it is lawful for us to do so, if required by law to do so or if you provide us with permission to do so.
For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk
If you have any questions about how we collect and use your information not covered in this privacy notice, or if you wish to speak to someone about our approach to data protection and privacy, please email firstname.lastname@example.org
Or write to Data Protection Officer, Neon Reef, Unit A 18, Arena Business Park, Holy Rood Close, Poole, BH17 7FJ
We may change or update elements of this privacy notice from time to time or as required by law. The most current version of our privacy notice is available on our website at https://www.neonreef.co.uk/privacy-policy/
This means that using your information is necessary for us to build our business and provide our services to you. We consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. Our legitimate interests include:
Maintaining and improving our services: for example, we may use your information that we obtain through your emails and calls to train our team. We may also use your information to ensure that our services are working as intended – for example, understanding which parts of the website are easiest to use. We may also contact you for suggestions on how we can improve the way we provide our services to you.
Providing personalised services, including suggested payment amounts: for example, we may use information such as your account balance and expected annual energy use to make an automatic adjustment to your payment amount.
Providing personalised advertising: we may let advertising platforms like Facebook and Google know that you are a member of Neon Reef by sharing your contact details with them. This means we can stop asking you to join Neon Reef once you’re with us, and instead share information with you that we think you might be interested in.
Communicating with you about our services: we may contact you about Neon Reef news, product updates and new products that we think you might be interested in. We may also contact you to provide you with offers, competitions, marketing materials and other promotional materials, both online and through other marketing channels, such as third-party social networks, like Facebook.
Measuring our performance and developing new services: for example, we use data for measurement to understand how our services are used. We also use aggregated data to understand our members and their energy usage better. This helps us develop offerings such as our Annual Impact Report.
Helping to prevent and detect fraud or debt: we also need to be able to detect and prevent fraud and recover unpaid bills.
If you have questions about the lawful basis on which we collect and use your information, you can email our Data Protection Officer at email@example.com.