What personal information do we collect?
We collect information about you when you sign up for quotes, make a complaint, or when you become our customer. We collect data such as your name, contact details and other relevant details.
How do we use your information?
Our lawful basis for processing your information under the General Data Protection Regulations (GDPR) is under the legitimate interests principle.
We control and process your data to fulfil contractual obligations, but also for wider reasons such as water and energy efficiency. We also use your data to ensure the prevention of fraud and dishonesty, and for the carrying out of analytics across our datasets.
In order to achieve this, we share data with third parties, such as water wholesalers, MOSL, CMA, regulators, Consumer Council for Water, debt recovery agencies, law enforcement agencies, professional advisors, and other relevant parties.
Information we hold about you will be retained for no longer than 6 years after our final correspondence with you, except in order to meet legal, tax or accounting requirements.
Employees and other workers
We collect and maintain personal and sensitive information about employees, contractors and other workers we employ, as well as job applicants and former employees. This information includes: name, contact details, gender, proof of identity, proof of qualifications, bank details, nationality, criminal records check, references, health questionnaire, next of kin.
As an employer we use your data to fulfil our statutory obligations, such as paying salaries, tax, national insurance, health & safety in the workplace, which may also involve sharing information with third parties such as but not limited to: insurers, professional advisors, recruitment agencies, HMRC, DWP, pension and life assurance companies, and other relevant parties.
Information provided to us during the job application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment. This includes your criminal records declaration, fitness to work, accidents at work, records of any security checks, references and eligibility to work in the UK.
If you are unsuccessful at any stage of the process, the information you have provided until that point will be destroyed and deleted from our records after 6 months. We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. Some employee information may be processed by our payroll provider based in India.
Your rights explained
You have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted by us for marketing purposes, please let us know by email dpo@castlewater.co.uk.
You also have the right to ask for a copy of the information we hold about you via a Subject Access Request (SAR). Please see our SAR policy.
You also have the right to ask us to delete or correct any information we hold about you that is incorrect; to restrict the processing of your personal data; and to object to the processing of your data. We will consider and evaluate all such requests received. Such requests should be made to: dpo@castlewater.co.uk
For information relating to Cookies please see our Cookies policy.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review and in accordance with current legislation and guidance. We will notify any changes to this notice by posting on our website. This privacy notice was last updated on 11 May 2018.
Contacting us
If there are any questions regarding this privacy policy, please contact our Data Protection Team at: dpo@castlewater.co.uk
Read further about your information rights from the Information Commissioner’s Office.