Privacy Policy

Puredrive Energy Ltd (“PDE”, “we”, “us”, or “our”) is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.

Personal data is any information relating to an identified or identifiable living person. PDE processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.

When collecting and using personal data, our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please go to the relevant sections of this statement.

Our processing activities

To find out more please go to the sections of this statement that are relevant
to you.

Security
PDE takes the security of all the data we hold very seriously. We have
policies, procedures and training in place covering data protection,
confidentiality and security and regularly review the appropriateness of the
measures we have in place to keep the data we hold secure.

When
and how we share personal data and locations of processing
We will only share personal data with others when we are legally permitted to
do so. When we share data with others, we put contractual arrangements in place
to protect the data and to comply with our data protection, confidentiality and
security standards.

PDE are engaged with a number of firms that have global network. As a result,
personal data may be transferred outside the countries where we and our clients
are located. This includes to countries outside the European Union
(“EU”) and to countries that do not have laws that provide specific
protection for personal data. We have taken steps to ensure all personal data
is provided with adequate protection and that all transfers of personal data
outside the EU are done lawfully. Where we transfer personal data outside of
the EU to a country not determined by the European Commission as providing an
adequate level of protection for personal data, the transfers will be under an
agreement which covers the EU requirements for the transfer of personal data
outside the EU, such as the European Commission approved standard contractual
clauses.

Personal data held by us may be transferred to:
• Other firms
We may share personal data with other firms where necessary for administrative
purposes and to provide professional services to our clients
• Third party organisations that provide applications/functionality, data
processing or IT services to us
We use third parties to support us in providing our services and to help
provide, run and manage our internal IT systems. For example, providers of
information technology, cloud based software as a service providers, identity
management, website hosting and management, data analysis, data back-up,
security and storage services. The servers powering and facilitating that cloud
infrastructure are located in secure data centres around the world, and
personal data may be stored in any one of them.
• Third party organisations that otherwise assist us in providing goods,
services or information• Auditors and other professional advisers

• Law enforcement or other government and regulatory agencies or to other third
parties as required by, and in accordance with, applicable law or regulation.
Occasionally, we may receive requests from third parties with authority to
obtain disclosure of personal data, such as to check that we are complying with
applicable law and regulation, to investigate an alleged crime, to establish,
exercise or defend legal rights. We will only fulfil requests for personal data
where we are permitted to do so in accordance with applicable law or
regulation.
Changes
to this privacy statement
We recognise that transparency is an ongoing responsibility so we will keep
this privacy statement under regular review.
This privacy statement was last updated on 07 February 2020.
Data
controller and contact information
The data controller is Christine Mitchell-Doyle.
If you have any questions about this privacy statement or how and why we
process personal data, please contact us at:
Puredrive Energy Ltd
Tel: 01386 577845 | Website: www.puredrive-energy.co.uk/
Address: Unit 18a & 18b, Orchard Industrial Estate, Evesham Rd, Toddington, Cheltenham, GL54 5EB

Individuals’
rights and how to exercise them
Individuals have certain rights over their personal data and data controllers
are responsible for fulfilling these rights. Where we decide how and why
personal data is processed, we are a data controller and include further
information about the rights that individuals have and how to exercise them
below.

Access to personal data
You have a right of access to personal data held by us as a data controller.
This right may be exercised by emailing us at christine@puredrive-energy.co.uk We may charge for a request for access in accordance
with applicable law. We will aim to respond to any requests for information
promptly, and in any event within the legally required time limits (currently
40 days).

Amendment of personal data
To update personal data submitted to us, you may email us at christine@puredrive-energy.co.uk or, where appropriate, contact us via the relevant
website registration page or by amending the personal details held on relevant
applications with which you registered.
When practically possible, once we are informed that any personal data
processed by us is no longer accurate, we will make corrections (where
appropriate) based on your updated information.

Withdrawal of consent
Where we process personal data based on consent, individuals have a right to
withdraw consent at any time. We do not generally process personal data based
on consent (as we can usually rely on another legal basis). To withdraw consent
to our processing of your personal data please email us at christine@puredrive-energy.co.uk or, to stop receiving an email from a PDE marketing
list, please email us at christine@puredrive-energy.co.uk.Retention/Deletion of Data

Warranty information supplied by customers
and/or installers will be held for a period of 13 years from receipt of data.
After which it will be purged and permanently deleted from our system

Other data subject rights
This privacy statement is intended to provide information about what personal
data we collect about you and how it is used. As well as rights of access and
amendment referred to above, individuals may have other rights in relation to
the personal data we hold, such as a right to erasure/deletion, to restrict or
object to our processing of personal data and the right to data portability.
Some of these rights will only be available from 25 May 2018.
If you wish to exercise any of these rights, please send an email to christine@puredrive-energy.co.uk

Complaints
We hope that you won’t ever need to, but if you do want to complain about our
use of personal data, please send an email with the details of your complaint
to christine@puredrive-energy.co.uk We will look into and respond to any
complaints we receive.
You also have the right to lodge a complaint with the Information
Commissioner’s Office (“ICO”) (the UK data protection regulator). For further
information on your rights and how to complain to the ICO, please refer to the ICO website.