Infinis Energy Group Holdings Limited and its subsidiaries (as defined in section 1159 of the UK Companies Act 2006) including Infinis Energy Services Limited (we or us) are committed to protecting and respecting your privacy.
For the purpose of the Data Protection Act 1998 and the EU General Data Protection Regulation 2016/679, the data controller in respect of any personal data we collect from you is Infinis Energy Services Limited of First Floor, 500 Pavilion Drive, Northampton Business Park, Northampton, NN4 7YJ. This means that we are responsible for, and control the processing of, the personal data that we collect about you.
Personal data we may collect
We may collect and process the following data about you:
- information that you provide by filling in forms on our site, contacting us regarding enquiries or when we ask you for information when you report a problem with our site – this may include your full name, postal address, email address and telephone number;
- records of any correspondence with you;
- details of your visits to our site which may include access time, referring URL, traffic data, location data, weblogs and other communication data and the resources that you access; and
- information about your computer, including where available, your IP address, operating system and browser type
How we use your personal data
We use personal data held about you in the following ways:
- to identify you and manage any issues and/or enquiries that you raise with us;
- to compile statistical data on the use of the site and conduct research, statistical analysis and behavioural analysis;
- to detect and prevent fraud and carry out security vetting;
- to improve the site and our services; and
- for the purpose of system administration and to ensure that content from our site is presented in the most effective manner for you and for your computer (or other electronic device).
Where you contact us in relation to a potential job opportunity (via the Contact Us form on our website or otherwise) we will process your personal data for the purposes set out in and in accordance with our Recruitment Fair Processing Notice. You can obtain a copy of this notice by emailing our Human Resources Department.
Legal grounds for using your personal data
For personal data to be processed lawfully, one of the legal grounds set out in data protection legislation must apply. We will only process your personal data where:
- we have your consent (if consent is needed);
- we need to process the personal data to perform a contract with you;
- we need to process the personal data to comply with our legal obligations;
- processing is necessary to protect your vital interests or the vital interests of another person;
- processing is necessary for the performance of a task carried out in the public interest; or
- it is fair to use the personal data either in our legitimate interests or someone else's legitimate interests, except where these legitimate interests are overridden by your fundamental rights and freedoms relating to the protection of your personal data.
How long we will keep your personal data
We will retain your personal data for so long as necessary for the purpose for which it was obtained, unless we are required by law to retain your personal data for a longer period. For further information about our data retention procedures please contact our Company Secretarial Team.
Sharing your personal data
We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Data is shared intra group where relevant to the business operated by the other group company or relevant to the rights and obligations of the other group company or for its’ administration.
These third parties include Dusted Design Partners Limited, who design and host our website and their sub-processors DigitalOcean (their website hosting partner), Amazon Web Services, Rackspace and Google Analytics.
Please also refer to our Cookie Use policy.
Transfers outside the European Economic Area
We may transfer your personal data outside the European Economic Area (EEA) to our group companies, service providers, agents, subcontractors and regulatory authorities in countries where data protection laws may not provide the same level of protection as those in the EEA. Personal data will only be transferred outside the EEA where adequate safeguards are in place. For further information please contact our Company Secretarial Team.
Our approach to data security
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
To protect your personal data, we have internal policies and procedures in place to try to ensure that your data is not lost, accidentally destroyed, misused or incorrectly disclosed and that only authorised personnel can access your personal data. Your personal data is handled and stored in a secure and sensible manner and our IT systems are robustly protected through appropriate measures which are routinely tested internally and externally to ensure they remain fit for purpose. To make sure all our staff understand these responsibilities they are provided the necessary training and resources they need.
In additional to these operational measures, we also use a range of technologies and security systems to reinforce these policies.
Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under an appropriate duty of confidentiality and we are satisfied that they implement appropriate technical and organisational measures to ensure the security of data.
In those cases where we need your consent to hold and process your personal data, we will ask you to check a box on any form requiring consent. By checking these boxes you are stating that you have been informed as to why we are collecting the information, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject.
In order to process any of your requests listed below, we may need to verify your identify for your own security and in such cases your response in respect of this verification will be necessary to enable you to exercise your right.
The right to access personal data we hold about you
At any point you can contact us to request details of the personal data we hold about you, as well as the reason we hold that personal data, who has access to the personal data and where we obtained the personal data. Once we have received your request we will respond without undue delay (and in any event within a month).
The right to correct and update the personal data we hold about you
If the personal data we hold about you is out of date, incomplete or incorrect, you can inform us and it be will be updated.
The right to have your personal data erased
If you feel that we should no longer be using or holding your personal data or that we are illegally using your personal data, you can request that we erase the personal data we hold. When we receive your request we will confirm whether the personal data has been deleted or the reason why it cannot be deleted.
The right to object to or restrict the processing of your personal data
You have the right to request that we stop processing or restrict the processing of your personal data. Upon receiving the request we will contact you to confirm whether we are able to comply or if not, in light of the legitimate grounds we have to continue processing your personal data. For example, even if your personal data is no longer actively used, we may continue to hold your data to comply with its legal obligations and your other rights.
The right to data portability
You have the right to request that we transfer your personal data to another controller. Once we receive your request, we will comply where it is feasible.
The right to withdraw consent
Where we process your personal data on the basis of your consent, you may withdraw your consent at any time. If you wish to withdraw your consent, please notify us that you are withdrawing your consent in writing. Please note that, even if you have withdrawn your consent, we may continue to process your personal data to the extent that we process it based on other legal grounds.
The right to complain
You have the right to make a complaint to the data protection supervisory authority, the Information Commissioner's Office, at https://ico.org.uk/.
Cookies and tracking
We may obtain information about your general internet usage by using a cookie file which is a small text file which is placed onto your computer (or other electronic device) when you access our website. Please see our Cookie Use policy for more details.