Heat Geek Ltd. Privacy Policy

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal information about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).

This Privacy Policy does not apply to, and Heat Geek Ltd is not responsible for, any third-party websites which may be accessible through links from this website.

Key terms

It would be helpful to start by explaining some key terms used in this policy:

We, us, our
Heat Geek Ltd.
A company registered in England and Wales under company registration number 11887015. Our registered office is at 63 Bermondsey Street, London, SE1 3XF, England.
Personal information
Any information relating to an identified or identifiable living individual.
Special category personal information
Personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership.
Genetic and biometric data.
Data concerning health, sex life or sexual orientation.

When this Privacy Policy applies

This Privacy Policy applies:

  • to your use of any of our services and products, including when you request information from us, engage our services and engage our other services where we are not merely acting as a processor on your behalf;
  • where you apply to us for a job or work placement;
  • as a result of your relationship with one or more of our clients;     
  • to any personal information collected from third parties where we are the data controller of such information; and     to our website and online services, including https://www.heatgeek.com/ and any other website, mobile app or other online service created or hosted by us from time to time on which this privacy policy appears      through which we may collect certain details if, for example, you want to subscribe to our publications,     (together, our “services”).

Our services are not intended for children, and we do not knowingly collect data relating to children.

If you do not agree with this privacy policy in general or any part of it, you should not access the website, use our services, or otherwise provide your information to us.  

We may change this policy from time to time, when we do, we will inform you via email or by posting a notice on our website. Updates to our privacy policy will apply only to information collected after the date of the change.

Personal information we collect about you

We may collect and use the following personal information about you:

  • your name and contact information, including email address and telephone number
  • Information to enable us to check and verify your identity, e.g. your date of birth
  • your gender information, if you choose to give this to us
  • location data, if you choose to give this to us
  • your billing information, transaction and payment card information
  • your contact history, purchase history and saved items
  • information from accounts you link to us, e.g. Facebook
  • information to enable us to undertake credit or other financial checks on you
  • information about how you use our website, IT, communication and other systems
  • your responses to surveys, competitions and promotions
  • information relating to your use of our services, e.g. data from your heat pump

We may collect and use this personal information to provide services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing services to you.

How your personal information is collected

We collect most of this personal information directly from you—in person, by telephone, text or email and/or via our website and apps where you use our services or engage with us in connection with the services that we provide. However, we may also collect information:

  • from authorised representatives;
  • from publicly accessible sources, e.g. your property’s EPC or HM Land Registry;
  • directly from a third party, e.g.:
    • current or previous employer;
    • recruitment agencies;
    • sanctions screening providers;
    • credit reference agencies;
    • customer due diligence providers;
  • from a third party with your consent, e.g. your bank or building society;
  • from other sources such as social media platforms that share information about how you interact with our social media content;
  • from cookies on our website—for more information on our use of cookies, please see our cookie policy.

How and why we use your personal information

Under the UK GDPR, we can only use your personal information if we have a proper reason for doing so, eg:

  • to comply with our legal and regulatory obligations;
  • for the performance of our contract with you or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use (process) your personal information for and our reasons for doing so. Please note the below table does not apply to special category personal information, which we will only process with your explicit consent.

Personal information

Purpose of processing

 Legal basis for processing

Retention Period

Your name and contact information, including email address and telephone number

location data, if you choose to give this to us

your billing information, transaction and payment card information

information from accounts you link to us, e.g. Facebook

information relating to your use of our services, e.g. data from your heat pump

To provide services    to you.

For the performance of our contract with you or to take steps at your request before entering into a contract.

For the lifetime of your installed hardware products; typically around 15 years and a minimum of 5 years in order to take benefit of the Heat Geek Guarantee

Information to enable us to check and verify your identity, e.g. your date of birth

your gender information, if you choose to give this to us

information to enable us to undertake credit or other financial checks on you

To prevent and detect fraud against you.

For our legitimate interests or those of a third party, i.e. to minimise fraud that could be damaging for us and for you

1 year

information about how you use our website, IT, communication and other systems

Ensuring business policies are adhered to, e.g. policies covering security and internet use.

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you.

1 year

information about how you use our website, IT, communication and other systems

Operational reasons, such as improving efficiency, training and quality control.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price.

1 year

Your name and contact information, including email address and telephone number

location data, if you choose to give this to us

your billing information, transaction and payment card information

To confirm your identity, create and file mandatory regulatory documentation on your behalf

To comply with our legal and regulatory obligations.

6 years

Information about how you use our website, IT, communication and other systems

Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, services range or other efficiency measures.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price.

1 year

information about how you use our website, IT, communication and other systems

Preventing unauthorised access and modifications to systems.

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you.

To comply with our legal and regulatory obligations.

1 year

Your name and contact information, including email address and telephone number

location data, if you choose to give this to us

your billing information, transaction and payment card information

Updating and enhancing customer records.

For the performance of our contract with you or to take steps at your request before entering into a contract.

To comply with our legal and regulatory obligations.

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new services.

1 year

Your name and contact information, including email address and telephone number

Marketing our services to:

—existing and former customers;

—third parties who have previously expressed an interest in our services; and

—third parties with whom we have had no previous dealings.

For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers.

1 year

Your name and contact information, including email address and telephone number

location data, if you choose to give this to us

your billing information, bank account information, transaction and payment card information

External audits and quality checks, e.g. for ISO or Investors in People accreditation and the audit of our accounts.

For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards.

To comply with our legal and regulatory obligations.

1 year

The above table does not apply to special category personal information, which we will only process with your explicit consent.

Promotional communications

We may use your personal information to send you updates (by email, text message, telephone or post) about our services, including exclusive offers, promotions or new      services.

We have a legitimate interest in processing your personal information for promotional purposes (see above ‘How and why we use your personal information’). This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

We will always treat your personal information with the utmost respect and never sell it with other organisations for marketing purposes.

You have the right to opt out of receiving promotional communications at any time by:

  • contacting us in accordance with the ‘How to contact us’ details below; or
  • using the ‘unsubscribe’ link in emails.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

Who we share your personal information with

We may, in providing our services and operating our business routinely share personal information with:

  • Affiliates: different departments and/or business units within the skoon Energy Group for internal administrative purposes such as billing, promoting our events and services, and providing you or your organisation with services. 
  • Service providers: third parties we use to help deliver our services to you, e.g. payment service providers; other third parties we use to help us run our business, e.g. marketing agencies or website hosts; 
  • Social media: third parties approved by you, e.g. social media sites you choose to link your account to or third-party payment providers;      
  • Credit processors: credit reference agencies; 
  • Third parties involved in the installation of our services: for Heat Geek Installations we may share information relating to use of our services, e.g. data from your heat pump, with third parties; and
  • Channel Partners: Organisations we're working with to offer customers better experiences (e.g. installing a heat pump with cheaper electricity). 

We may also share personal information with our professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us in our legitimate interest to protect our business or as required by law.     

We own the database rights in the information collected via our services. We do not sell, rent, or otherwise share information that reasonably identifies you or your organisation with unaffiliated entities for their independent use except as expressly described in this Privacy Policy or with your express prior permission.

We may disclose and exchange information with law enforcement agencies, public authorities, regulatory bodies and any other relevant organisations : (i) in response to a legal obligation; (ii) if we have determined that it is necessary to share your personal information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries; (iii) to protect the interests of, and ensure the safety and security, of us, our users, a third party or the public; (iv) to exercise or defend legal claims; and (v) to enforce our terms and conditions, other applicable terms of service, or other agreements.     

We may also need to share some personal information with other parties, such as potential buyers of some or all our business or during a re-structuring, in our legitimate interest to run a successful business.

Where your personal information is held

After you have terminated your use of our services, we may store your information in an aggregated and anonymised format.

We will keep your personal information for as long as you have an account with us, or we are providing services to you. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

Keeping your personal information secure

We have appropriate security measures to prevent personal information from being accidentally lost or used or accessed unlawfully. This includes the use of SSL technology, two-factor authentication and Wordfence security.

We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our services which is at your own risk.

If you communicate with us using a non-secure web platform, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from, Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

Cookie Policy

Our services use cookies and other similar technologies, for example, to distinguish you from other users when you browse our websites or use our services and also to allow us to improve our services.

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently to improve the user experience, as well as to provide certain information to the owners of the site.

We may, for example, collect information about the type of device you use to access these services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access, the web pages you view immediately before and after you access the services, whether and how you interact with content available on our services, and the search terms you enter on the services.

This website sets cookies which remain on your computer for differing times. Some expire at the end of each session, and some remain for longer so that when you return to this website, you will have a better user experience.

Which cookie we use:


Cookie Name


Cookie Description


Expiry Duration


sessionid


Session ID - required for our services


Expires after session

__stripe_mid

Stripe MID - required for Stripe payments

Expires after session

__stripe_sid

Stripe SID - required for Stripe payments

Expires after session

csrftoken

CSRF Token - required for security purposes

Expires after session

cookie_consent

Cookie Consent - required to track users consent to other cookies

Expires after session

_ga

Google analytics - enables Google analytics

Expires after session

_gcl_au

Enables Google analytics

Expires after session

_ga_741BV30JK7

Enables Google analytics

Expires after session

_ga_KCEGG164JZ

Enables Google analytics

Expires after session

Control of cookies:

Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites.

Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on this website will be lost.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit allaboutcookies.org which includes information on how to manage your settings for the major browser providers.

Transferring your personal information out of the UK

Where you are submitting personal information from within the UK, such information may be transferred to countries outside the UK     .

By way of example, this may happen if one or more of our third-party service providers with whom we share personal information are located, or have their servers located, outside the UK     .

Whenever we transfer your personal information out of the UK we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for individuals’ rights and freedoms for their personal      information; or
  • Where we use certain service providers, we may use specific contracts approved (such as from the UK Information Commissioner’s Office (ICO)) for use in the UK which give personal information the same protection it has in the UK     .

Please contact us in accordance with the ‘How to contact us’ details below should you wish to examine a copy of the specific contracts.

Third party sites, services and content

In addition to our services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include:

  • Twitter, LinkedIn and YouTube, where we have certain company accounts and profiles.
  • Facebook, Instagram and TikTok, where we have a social page.

If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you.

Our services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Policy does not address the privacy, security, or other practices of the third parties that provide such content.

We engage third parties that support the operation of our services, such as analytics providers. These third parties may use technologies to track your online activities over time and across different websites and online platforms. Please see our Cookies Policy for more information

Your rights

You have certain rights in relation to your personal information:

Access

The right to be provided with a copy of your personal information (the right of access)

Rectification

The right to require us to correct any mistakes in your personal information

To be forgotten

The right to require us to delete your personal information—in certain situations

Restriction of processing

The right to require us to restrict processing of your personal information—in certain circumstances, eg if you contest the accuracy of the data

Data portability

The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

To object

The right to object:

—at any time to your personal information being processed for direct marketing (including profiling);

—in certain other situations to our continued processing of your personal information, eg processing carried out for the purpose of our legitimate interests.

Not to be subject to automated individual decision making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

Withdrawal of consent

Where we rely on consent to process your personal data, you have the right to withdraw this consent at any time by contacting us at in accordance with the ‘How to contact us’ details below. You can also use the opt-out links available on each communication you send us.

Please note that a number of these rights only apply in certain circumstances, and all of these rights may be limited by law. For example, where fulfilling your request would adversely affect other individuals or our trade secrets or intellectual property, where there are overriding public interests or where we are required by law to retain your personal data.

For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the ICO on individuals’ rights under the UK GDPR.

 

If you would like to exercise any of those rights, please:

  • email, call or write to us—see below: ‘How to contact us’;
  • let us have enough information to identify you;
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
  • let us know what right you want to exercise and the information to which your request relates.

How to complain

We hope to resolve any query or concern you may raise about our use of your information.

The supervisory authority in the UK is the Information Commissioner who may be contacted at https://www.ico.org.uk or telephone: 0303 123 1113 or their address at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

How to contact us

Please contact us by post, email, or telephone if you have any questions about this privacy policy or the information that we hold about you.

Our contact details are shown below:

 

Our contact details

Heat Geek Ltd

Office address: Sustainable Ventures, County Hall, Westminster Bridge Road, London SE1 7PB

Registered Office Address: 63 Bermondsey Street, London, SE1 3XF, England

[email protected]

 

Do you need extra help?

If you would like this notice in another format (for example audio, large print, braille) please contact us (see ‘How to contact us’ above).

C/O Dragon Argent Limited, 63 Bermondsey Street, London, SE1 3XF
Vat number: 364541984
Company number: 11887015
chevron-down