Privacy policy

Infinis Energy Group Holdings Limited and its subsidiaries (as defined in section 1159 of the UK Companies Act 2006) including Infinis Energy Services Limited (we or us) are committed to protecting and respecting your privacy.

This privacy policy applies to all users of, and visitors to, our site. Your use of our site means that you accept this policy and all the policies referred to in this privacy policy, which supplement our terms of website use.

For the purpose of the Data Protection Act 1998 and the EU General Data Protection Regulation 2016/679, the data controller in respect of any personal data we collect from you is Infinis Energy Services Limited of First Floor, 500 Pavilion Drive, Northampton Business Park, Northampton, NN4 7YJ. This means that we are responsible for, and control the processing of, the personal data that we collect about you. 

This policy (together with our terms of use and any other documents referred to in either document) contains important information about the personal data that we collect about you, how we process your personal data and with whom your personal data might be shared.  Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Personal data we may collect

We may collect and process the following data about you:

  • information that you provide by filling in forms on our site, contacting us regarding enquiries or when we ask you for information when you report a problem with our site – this may include your full name, postal address, email address and telephone number;
  • records of any correspondence with you;
  • details of your visits to our site which may include access time, referring URL, traffic data, location data, weblogs and other communication data and the resources that you access; and
  • information about your computer, including where available, your IP address, operating system and browser type 

Some of this data is collected using Cookies. Further information on our use of Cookies is provided below and in our Cookie Use policy.

How we use your personal data

We use personal data held about you in the following ways:

  • to identify you and manage any issues and/or enquiries that you raise with us;
  • to compile statistical data on the use of the site and conduct research, statistical analysis and behavioural analysis;
  • to detect and prevent fraud and carry out security vetting;
  • to improve the site and our services; and
  • for the purpose of system administration and to ensure that content from our site is presented in the most effective manner for you and for your computer (or other electronic device).

Where you contact us in relation to a potential job opportunity (via the Contact Us form on our website or otherwise) we will process your personal data for the purposes set out in and in accordance with our Recruitment Fair Processing Notice. You can obtain a copy of this notice by emailing our Human Resources Department.

 

Legal grounds for using your personal data

For personal data to be processed lawfully, one of the legal grounds set out in data protection legislation must apply. We will only process your personal data where:

  • we have your consent (if consent is needed);
  • we need to process the personal data to perform a contract with you;
  • we need to process the personal data to comply with our legal obligations;
  • processing is necessary to protect your vital interests or the vital interests of another person;
  • processing is necessary for the performance of a task carried out in the public interest; or
  • it is fair to use the personal data either in our legitimate interests or someone else's legitimate interests, except where these legitimate interests are overridden by your fundamental rights and freedoms relating to the protection of your personal data.

We most often rely on the ground of legitimate interests when processing your personal data in the manner described in this Privacy Notice. These legitimate interests include the general management of our business; in order to enforce or apply our terms of use and other agreements; or in order to protect the rights, property, or safety of the Infinis group, our suppliers, customers, or others. We also need to process your information to comply with a contract with you or to comply with our legal obligations.

How long we will keep your personal data

We will retain your personal data for so long as necessary for the purpose for which it was obtained, unless we are required by law to retain your personal data for a longer period. For further information about our data retention procedures please contact our Company Secretarial Team.

Sharing your personal data

We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Data is shared intra group where relevant to the business operated by the other group company or relevant to the rights and obligations of the other group company or for its’ administration.

We may disclose your personal data to third parties (including to other members of our group): in order to fulfill our obligations to you; in order to run our business; if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; in order to enforce or apply our terms of use and other agreements; or in order to protect the rights, property, or safety of the Infinis group, our suppliers,  customers, or others. This may also include exchanging data with other companies and organisations for the purposes of fraud protection and cyber security.

These third parties include Dusted Design Partners Limited, who design and host our website and their sub-processors DigitalOcean (their website hosting partner), Amazon Web Services, Rackspace and Google Analytics.

For further information about the third parties with whom your personal data may be shared, please email our Company Secretarial Team. Information can also be found on the Dusted website and in the Google Analytics Privacy Policy.

Please also refer to our Cookie Use policy.

Transfers outside the European Economic Area

We may transfer your personal data outside the European Economic Area (EEA) to our group companies, service providers, agents, subcontractors and regulatory authorities in countries where data protection laws may not provide the same level of protection as those in the EEA. Personal data will only be transferred outside the EEA  where adequate safeguards are in place. For further information please contact our Company Secretarial Team.

Our approach to data security

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

To protect your personal data, we have internal policies and procedures in place to try to ensure that your data is not lost, accidentally destroyed, misused or incorrectly disclosed and that only authorised personnel can access your personal data. Your personal data is handled and stored in a secure and sensible manner and our IT systems are robustly protected through appropriate measures which are routinely tested internally and externally to ensure they remain fit for purpose. To make sure all our staff understand these responsibilities they are provided the necessary training and resources they need.

In additional to these operational measures, we also use a range of technologies and security systems to reinforce these policies.

Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under an appropriate duty of confidentiality and we are satisfied that they implement appropriate technical and organisational measures to ensure the security of data.

Consent

In those cases where we need your consent to hold and process your personal data, we will ask you to check a box on any form requiring consent. By checking these boxes you are stating that you have been informed as to why we are collecting the information, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject.

Your rights

In order to process any of your requests listed below, we may need to verify your identify for your own security and in such cases your response in respect of this verification will be necessary to enable you to exercise your right.

The right to access personal data we hold about you

At any point you can contact us to request details of the personal data we hold about you, as well as the reason we hold that personal data, who has access to the personal data and where we obtained the personal data. Once we have received your request we will respond without undue delay (and in any event within a month).

The right to correct and update the personal data we hold about you

If the personal data we hold about you is out of date, incomplete or incorrect, you can inform us and it be will be updated. 

The right to have your personal data erased

If you feel that we should no longer be using or holding your personal data or that we are illegally using your personal data, you can request that we erase the personal data we hold. When we receive your request we will confirm whether the personal data has been deleted or the reason why it cannot be deleted.

The right to object to or restrict the processing of your personal data

You have the right to request that we stop processing or restrict the processing of your personal data. Upon receiving the request we will contact you to confirm whether we are able to comply or if not, in light of the legitimate grounds we have to continue processing your personal data. For example, even if your personal data is no longer actively used, we may continue to hold your data to comply with its legal obligations and your other rights.

The right to data portability

You have the right to request that we transfer your personal data to another controller. Once we receive your request, we will comply where it is feasible.

The right to withdraw consent

Where we process your personal data on the basis of your consent, you may withdraw your consent at any time. If you wish to withdraw your consent, please notify us that you are withdrawing your consent in writing. Please note that, even if you have withdrawn your consent, we may continue to process your personal data to the extent that we process it based on other legal grounds.

The right to complain

You have the right to make a complaint to the data protection supervisory authority, the Information Commissioner's Office, at https://ico.org.uk/.

Cookies and tracking

We may obtain information about your general internet usage by using a cookie file which is a small text file which is placed onto your computer (or other electronic device) when you access our website. Please see our Cookie Use policy for more details.

Changes to our privacy policy

We may change this privacy policy from time to time. Any changes we may make to our privacy policy in the future will be posted on this page. You should check this privacy policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to the Company Secretarial Team.