Privacy Policy

Public Power Solutions Website Privacy Notice

1. Introduction

1.1 Public Power Solutions Ltd (PPS) is committed to protecting the privacy and security of your personal information.

1.2 PPS is a “data controller” and this privacy notice describes how we collect and use personal information about you during and after your visit to our website www.publicpowersolutions.co.uk, in accordance with the General Data Protection Regulation (GDPR).

1.3 This notice applies to any visitors to our website. If you become a customer of ours, you should read our privacy notice for Customers.

1.4 It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

1.5 We reserve the right to update this Privacy notice at any time, therefore, on visiting our website, you should ensure that you read this Privacy Notice.

1.6 We have appointed a Data Protection Controller (DPC) who is responsible for overseeing Public Power Solutions Ltd compliance with data protection law. If you have any questions about this Privacy Notice or how we handle your personal information, please contact the DPC by email on pps@publicpowersolutions.co.uk

2. What information do we hold?

2.1 On visiting our website, we will collect information on your visit, such as how long you stayed on the site, what you looked at, number of visits, however, this will not include data that relates to an identifiable living person.

2.2 If you complete the online contact form, send us an email or call our personnel, we may collect the following data:

  • Name

  • Address

  • Contact telephone number

  • Email address

  • Company

  • Reason for making the contact

3. Our Use of Your Information

Information stored or collected regarding your visit to our website helps us improve and offer the services you need. The following list contains how we might use your data:

3.1 Requests you make through our website or personnel, allows us to use information you provided us with, to provide the products or services you may require, or improve our services and products.

3.2 On receipt of your request, we may send your details to relevant personnel within the business to action your request. This may include sending you information on products and / or services that would be of legitimate interest to you.

3.3 We only send out mailings and / or newsletters to customers of the business and at any time, you will have the option to opt out of receiving such information

4. Google Analytics

4.1 When someone visits www.publicpowersolutions.co.uk we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

5. Cookie Usage

Cookies are small files, containing a short string of numbers and letters, that are placed automatically by a website into the cookie folder of your browser or the hard drive of your computer or device. Read our full Cookie Policy here.

6. Squarespace

We use a third-party service, Squarespace.com, to develop our website. These sites are hosted at Squarespace.com.

Squarespace collects personal data when you visit this website, including:

  • Information about your browser, network and device

  • Web pages you visited prior to coming to this website

  • Web pages you view while on this website

  • Your IP address

Squarespace needs the data to run this website, and to protect and improve its platform and services. Squarespace analyses the data in a de-personalized form.

This website uses font files from Google Fonts and Adobe Fonts. To properly display this site to you, servers where the font files are stored may receive personal information about you, including:

  • Information about your browser, network, or device

  • Your IP address

SquareSpace’s privacy policy is available here: https://www.squarespace.com/privacy/

7. Personal Data Storage

7.1 We use Mail Chimp supplied by The Rocket Science Group LLC, a State of Georgia limited liability company to send out mailings and newsletters. This data is stored outside of the European Economic Area. Data held in this system will include name, address and email. If you opt out of receiving mailings from us, you will be removed from this site. The privacy policy for Mail Chimp is available at https://mailchimp.com/legal/privacy/

7.2 All other data is held within the European Economic Area and will not be transferred outside of this area.

7.3 Information we are provided with will be stored on secure servers. Transaction data is encrypted for your safety. All of our servers are located in the UK.

7.4 We will monitor any emails and information sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law

8. Information Disclosure

8.1 At times we may disclose personal information to persons in our group. This can include subsidiaries, holding companies, or any other subsidiaries involved in our business, if applicable.

8.2 Third Party disclosure may occur for the following reasons:

8.2.1 Selling any or all of our business to a third party may result in sharing your information.

8.2.2 At any time when we are legally required to we may disclose information about you and your visits to our site.

8.2.3 To prevent fraud and help in fraud protection in order to reduce credit risk, we may disclose information.

9. Third Party Links

Third party links may exist on our site, such as links to news relating to our services and press articles. When you press on these links, you will be covered by the privacy notice for the website you are visiting. We are not responsible, nor do we accept responsibility for third party links.

10. Information Accessibility

You have the right to access the data we hold on you. You will not have to pay a fee to access your personal information (or to exercise your rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

11. Contacting Us

You can contact us with any queries, requests, or comments that you may have about our Privacy Notice. We welcome any communication via the email address supplied here: pps@publicpowersolutions.co.uk

Customer, Suppliers and Prospects Privacy Policy

1. Introduction

1.1 Public Power Solutions Ltd (PPS) is committed to protecting the privacy and security of your personal information.

1.2 PPS is a “data controller” and this privacy notice describes how we collect and use personal information about you during and after your relationship with us, in accordance with the General Data Protection Regulation (GDPR).

1.3 This notice applies to prospective, existing and former customers of Public Power Solutions Ltd (including employees and representatives of our customers); individual and business contacts and prospects; referrers; individuals who request information from us; any person who provides services to Public Power Solutions Ltd, either as an individual or as the employee or representative of a corporate service provider; third parties acting for our customer.

1.4 It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

1.5 We reserve the right to update this Privacy notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

1.6 We have appointed a Data Protection Controller (DPC) who is responsible for overseeing Public Power Solutions Ltd compliance with data protection law. If you have any questions about this Privacy Notice or how we handle your personal information, please contact the DPC by email to pps@publicpowersolutions.co.uk

1.7 It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the course of our engagement with you.

2. Data Protection Principles

2.1 We will comply with data protection law. This says that the personal information we hold about you must be:

  • Used lawfully, fairly and in a transparent way.

  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.

  • Relevant to the purposes we have told you about and limited only to those purposes.

  • Accurate and kept up to date.

  • Kept only as long as necessary for the purposes we have told you about.

  • Kept securely.

3. What information do we hold?

3.1 Personal data, or personal information, means any information about an individual from which that person can be identified.

3.2 There are special categories of more sensitive personal data which require a higher level of protection (see further at section 5, below).

3.3 We collect different information depending on your relationship with us (see below)

Individual Customers

We process:

  • Your name, address and contact details. Such processing is necessary for performance of the contract between us.

  • Your bank details. Such processing is necessary where we are required to pay funds and / or refunds to you.

  • Feedback you provide to us on our services. Such processing is necessary for the legitimate interest of managing our business and improving our services (provided that your interests and fundamental rights do not override our interests).

  • Correspondence between us in relation to our contract, this may be emails, documents and / or letters.

  • To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies.

  • We may, from time to time, approach you for your consent to allow us to process your personal information for other purposes. If we do so, we will provide you with details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.

Individual service providers

We process:

  • Your name, title and business contact information including addresses, telephone numbers and email addresses.

  • Details relating to the performance of the contract between us, including financial information and bank details for payment. Such processing is necessary for performance of the contract between us.

  • We may perform due diligence in the form of credit checks and verification of your identity including checking photographic identification and proof of address. We do this to comply with our legal obligations, and as necessary for our legitimate interests (provided that your interests and fundamental rights do not override our interests).

  • Correspondence between us in relation to our contract, this may be emails, documents and / or letters.

  • To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies.

  • We may, from time to time, approach you for your consent to allow us to process your personal information for other purposes. If we do so, we will provide you with details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.

Corporate customers, suppliers and third-party business contacts and prospects

  • We process names, titles and business contact information including addresses, telephone numbers and email addresses for your employees and representatives. Such processing is necessary for performance of the contract between us.

  • We may perform due diligence in the form of credit checks on companies, including checking photographic identification and proof of address of directors and, in some cases, your shareholders, and verification of the company registration details. We do this to comply with our legal obligations, and as necessary for our legitimate interests (provided that the interests and fundamental rights of the individual do not override our interests).

  • If you are an employer, this may include information about your staff.

  • We process personal information contained in documents reviewed by us as part of any due diligence and provided to us in disclosure.

  • We process any feedback you (your employees or representatives) provide to us on our services. Such processing is necessary for the legitimate interest of managing our business and improving our services (provided that the interests and fundamental rights of any individual employees and representatives do not override our interests).

  • We may process background information about you, and your employees and representatives, and your relationship with the firm. Such processing is necessary for the legitimate interest of informing and improving the service we provide to you (provided that the interests and fundamental rights of any individual employees and representatives do not override our interests).

  • To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies.

4. How do we collect information about you?

4.1 We collect personal information direct from you when we establish you as a prospect, customer of the Company, when you complete our website enquiries form, if you register to receive updates and information from us, or where we enter into a contract to receive services from you.

4.2 We collect further information from you during the duration of you providing services to us or during us providing services to you.

4.3 We may collect information from other third parties, such as from referrers, partner organisations, and from credit reference agencies or other background check agencies.

4.4 We may collect information about you from public sources, such as Companies House, from an online search or from social media sites.

5. Our lawful basis for using personal information

5.1 We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

5.2 Where we need to perform the contract we have entered into with you.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Where we rely on legitimate interests for our processing, we will advise you of the relevant interest.

  • Where we need to comply with a legal obligation.

  • Otherwise, with your consent.

  • We may also use your personal information in the following situations, which are likely to be rare:

  • Where we need to protect your vital interests (or someone else’s interests).

  • Where it is needed in the public interest.

  • Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

  • We will only use your personal information for the purposes for which we collected it, as outlined above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

  • Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

6. How we use particularly sensitive personal information

6.1 Special categories of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information.

6.2 We do not envisage the need to hold such sensitive information however, if we are required to do so, we will process it according to what is permitted by law.

6.3 Depending on the nature of our relationship, we may collect, store and use any of the following special categories of information about customers and prospective customers of Public Power Solutions Ltd.

6.3.1 Physical or mental health, including any medical condition or disability; nationality, race or ethnicity; political opinions; religious or philosophical beliefs; trade union membership; sexual orientation or sex life; genetic information and biometric data; or information relating to criminal convictions and offences.

6.4 We may process particularly sensitive personal information if we are under a legal obligation to do so, or if it becomes necessary to protect your vital interests or those of another person, or for reasons of substantial public interest.

6.5 We do not process particularly sensitive personal information for non-customers as part of our usual course of business. However, we may process information:

6.5.1 relating to a health condition or disability in order to make reasonable adjustments in the provision of our services;

6.5.2 where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public; and

6.5.3 about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting. We make every effort to anonymise such information.

6.6 We may approach you for your written consent to allow us to process certain particularly sensitive information. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.

7. Information about criminal convictions

7.1 We may only use information relating to criminal convictions where the law allows us to do so. Except in exceptional circumstances, we do not envisage that we will hold information about criminal convictions.

7.2 We may use information relating to criminal convictions where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

8. Data sharing

8.1 We may share personal data between Public Power Solutions Ltd and Swindon Borough Council as our owner, as necessary to ensure the smooth running of our business and to improve the service we provide.

8.2 We may share your personal data with third-party service providers who provide services to us and to other third parties who use your information, as data controller, for their own purposes.

8.3 If you are a customer, we share your personal information with other data controllers where required by law, or to meet our regulatory requirements or as required by our insurers.

8.4 We share personal information with:

  • HMRC or other government or law enforcement agencies;

  • our bankers (on a pseudonsymised basis)

  • our insurance and our professional indemnity insurance broker; and

  • Auditors

8.5 Where we share information with other data controllers they are responsible to you for their use of your information and compliance with the law.

8.6 The following activities are carried out by third-party service providers on our behalf: IT support and maintenance; hosting our website (including analytics); bespoke IT systems.

8.7 All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal information for their own purposes. We only permit them to process your personal information for specified purposes and in accordance with our instructions.

9. Transferring information outside the European Economic Area (EEA)

9.1 All our personal information is hosted on servers located within the UK.

9.2 If we are required to transfer information outside the EEA, we only do so where permitted by law, and where we have put in place appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection.

9.3 If you are based outside the EEA we may transfer personal information to the correspondence address you provide to us. We will take all reasonable steps to ensure that such transfers are secure, including use of encryption for all transfers. By instructing us from outside the EEA you acknowledge and agree that such transfers are necessary for us to provide services to you.

10. Data security

10.1 We have put in place measures to protect the security of your information. Details of these measures are available upon request.

10.2 Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

10.3 We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

10.4 We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

10.5 Further details of the security measures we take are available from the DPC.

11. Automated Decision-making

11.1 Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in the following circumstances:

  • Where we have notified you of the decision and given you 21 days to request a reconsideration.

  • Where it is necessary to perform the contract with you and appropriate measures are in place to safeguard your rights.

  • In limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.

11.2 If we make an automated decision on the basis of any particularly sensitive personal information, we must have either your explicit written consent or it must be justified in the public interest, and we must also put in place appropriate measures to safeguard your rights.

12. How long will we keep your information for?

12.1 We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

12.2 To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

12.3 Where a minimum retention period is required by law (such as retaining records for HMRC purposes) we comply with that minimum period plus up to 12 months to allow time for us to anonymise or delete information in accordance with our internal data management processes.

12.4 If we are required to retain your information longer than our standard retention periods, we will let you know (unless we are prevented by law from doing so.)

12.5 In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

13. Your rights in connection with personal information

13.1 Under certain circumstances, by law you have the right to:

13.1.1 Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

13.1.2 Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

13.1.3 Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

13.1.4 Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

13.1.5 Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

13.1.6 Request the transfer of your personal information to another party.

13.1.7 Withdraw consent in the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are required to continue to process your information in accordance with another lawful basis which has been notified to you.

13.1.8 To exercise any of the above rights, please contact the DPC by email at pps@publicpowersolutions.co.uk.

13.1.9 You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

13.1.10 We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

14. Complaints

14.1 You have the right to make a complaint at any time to the Data Protection Controller by emailing pps@publicpowersolutions.co.uk or to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.