equiwatt Privacy Policy

Updated: 1 August 2023

Table of Contents

  1. Introduction

  2. Data Protection Officer

  3. Data Controller

  4. Service and reason for processing your data

  5. The personal information we collect about you

  6. How we collect your personal data

  7. How we use your personal information

  8. Use of the equiwatt Website and App

  9. Cookies

  10. Sharing your personal information with third parties

  11. Third-party websites and links to other sites

  12. Retaining and deleting personal data

  13. Security of Personal Data

  14. Data Subject Rights

  15. Children’s Data

  16. Questions, concerns or complaints

1. Introduction

Our mission at equiwatt is to put an end to dirty expensive fossil fuel power and make clean energy available to everyone. We do this by notifying you to shift your energy usage at peak times to lower carbon energy emissions and reduce the constraints of the grid.

In order to do this we need to collect some personal data from you, but we promise to only capture the minimum amount of information required to offer our services and to help you. We at equiwatt take your privacy very seriously and will treat your personal data as it it were our own, keeping it secure, never keeping it longer than necessary and only sharing it with your knowledge, permission or if we are required to do so by law.  

This Privacy Policy describes our data processing practices and your options regarding the ways in which your personal data is used. We recognise that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies.

Throughout this policy, we will use the terms ‘equiwatt’, ‘we’, ‘our’ and ‘us’ which refer to Equiwatt Limited. If you have any questions about how we use your personal information, please contact us at support@equiwatt.com.

This privacy policy applies to this website and the services offered by equiwatt be that via the equiwatt platform or the equiwatt app, which you can download from the Google Play and Apple App Store.

We also offer our services via other companies under their branding. This policy also explains how our partners may use your information. For ease of reference, we shall refer to any service we offer directly or via a partner as the “Service”.

2. Data Protection Officer

Equiwatt Limited is headquartered in England. Equiwatt has appointed an internal data protection officer (DPO) for you to contact if you have any questions or concerns about equiwatt’s personal data policies or practices.

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact our DPO by email: mahen@equiwatt.com. You can write to our DPO at the address listed on our ICO registration marked for the attention of “equiwatt DPO”.

3. Data Controller

equiwatt is a data controller of your information. The legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal information we collect and the specific context in which we collect the information.

4. Service and reason for processing your data

We provide software to smart meter owners (collectively known as “Users”) through an app, platform and website (the “Service” we provide). This Service offered by equiwatt is intended for use as is.

The personal information that we collect enables equiwatt to:

  • Deliver and improve the Service;

  • Support you to use the Service;

  • Work with your energy company or Distribution System Operator (DSO) to deliver the Service; and

  • Provide enhanced services and rewards to you (in partnership with third-parties).

Before using the Service, equiwatt will ask for your consent before we process your data. We will only collect the personal data required to enable us to deliver and support our Service to you.

A full list of the personal data we collect is in Section 5. There may be certain aspects of the equiwatt service that we deliver in partnership with third parties. We will only share personal data with third parties that are necessary for the delivery of our Service to you.  We will always explain to you why we are sharing your personal data, our relationship with the third party and how your data will be used. Please see Section 9 for a full list of the data we share.

5. The personal information we collect about you

Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

To deliver our service, we may collect, use, store and transfer different kinds of personal data about you which we have grouped together, including but not limited to:

  • Your contact details including full name, address and postcode, email and contact number

  • Account information such as username and password for our services and connected services

  • General information about you and your household

  • Photographic and/or video materials featuring your name and likeness that you may post to our website or social channels

  • Financial information that you have provided

  • Information about your hardware and software such as IP address; Browser type; operating system; access times; MAC address

  • Energy data relating to your appliance's energy consumption, and home energy usage consumption, including your Electricity Supply Number / Meter Point Administration Number.

  • Third-Party Account Data which allows us to link your equiwatt account to your vehicle, charger or other smart device accounts.

  • Technical Data about the device you use to connect to our platform, your time zone and locale to enable us to tailor the user experience for your device and to ensure we support the devices you want to use to access the app and platform.

  • Transaction and Financial Data about your energy usage and for any services you purchase through the platform

  • Marketing & Communication preferences

  • Feedback and survey responses you have provided and partly anonymised analytical information about how you use our app.

  • Advertising tracking and insights data

For more detail on the specific data within any of the above categories, please see Appendix A.

The information that we request will be used and retained by us and only shared with third parties where it is necessary to provide the service to you, and then only as described in this privacy policy. We do not use your data for any automated decision-making or profiling.

We may use, collect, and share aggregated data with third parties. Aggregated Data may be derived from your data, but, as this data does not directly or indirectly reveal your identity, it is not considered personal data in law. 

6. How we collect your personal data

We use different methods to collect data from and about you including through:

You may give us your personal information when you:

  • visit our website or app;

  • apply for our products or services;

  • create an account on our website or app;

  • subscribe to our service or publications;

  • use our website, app or smart devices linked to our services;

  • request marketing to be sent to you;

  • enter a competition, promotion or survey; or

  • give us feedback or contact us.

7. How we use your personal information

Our use of your personal information will always have a lawful basis. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

  • Where we need to comply with a legal or regulatory obligation.

Specifically, we may use your data to:

  • Communicate with you via email notifications and general company emails 

  • Send you our newsletter or advertising emails

  • Promote activity relating to our products and services

  • Help us to measure the effectiveness and manage the frequency of marketing activity

  • Personalise and optimise our services and web experience to you

  • Process your account creation for accessing our services

  • Deliver our energy management services to you

  • Provide energy saving rewards services

  • Implement product and service improvements

  • Conduct research to enhance and improve our services

  • Seek feedback from you about our goods and services

If you prefer not to be contacted through any of the marketing purposes listed above, you can change preferences and unsubscribe in your profile settings or opt-out by using the unsubscribe button at the footer of every email.

8. Use of the equiwatt Website and App

As is true of most other websites and apps, equiwatt collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of equiwatt’s website or app, including a history of the pages you view. We use this information to help us design our platforms to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website or app, analyse trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

equiwatt has a legitimate interest in understanding how members, customers and potential customers use its website and app. This assists equiwatt with providing more relevant products and services, communicating value to our sponsors and corporate members, and providing appropriate staffing to meet member and customer needs.

9. Cookies

Cookies are one of the most widely used technologies on the internet and many essential website functions are dependent on their use. Cookies and other online tracking technologies are small pieces of data or code which contain user IDs that are automatically saved onto your computer or device when you visit a Website. These are used to identify your devices when you use and interact with our Website to personalise your experience. For example, they are often used to remember you are logged in or to remember your preferences.

We use cookies and similar devices to facilitate your browsing on our website, understand how you interact with us and, in certain cases, to be able to show you advertisements in accordance with your browsing habits.

You can read our Cookie Policy here (https://www.equiwatt.com/cookies) to understand this in more detail.

10. Sharing your personal information with third parties

equiwatt may share some of your data with third parties, including but not limited to energy data, appliance power consumption data and service user insights, for the purpose of delivering our services to you and for improving the quality of our services or marketing of those services. We may share this data with network operators and energy companies that require this data in order to validate any energy reduction activities.

A list of our third party sub processors can be found here:

10.1 Sharing your data to deliver and improve our Service

To provide our Service to you, equiwatt users selected third parties to provide you with the service, and shall share some information with them. We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We only permit third parties to process your personal data for specified purposes.

Our service providers include:

N3rgy, to enable us to connect with your smart meter via the smart meter network (DCC) and retrieve your half-hourly energy data (Privacy Policy).

Enode, to provide our electric vehicle smart charging service to you (Privacy Policy).

Kasa, to enable us to connect with your compatible Kasa devices and automate their participation in equivents (Privacy Policy).

10.2 Sharing your data to support you as a customer

If you require support from equiwatt, equiwatt may share your personal data with suppliers and subcontractors to help resolve this issue. The data will include the nature of the query and any data supporting that, which may include Identity and Contact Data, Technical Data, Hardware Data as defined in Section 5.

We will only share the information where it is necessary to allow us to be able to provide those products and services to you.

10.3 Sharing your data to provide enhanced services and rewards

We may offer you enhanced services and rewards (e.g. National Grid Demand Flexibility Service rewards points), which may be delivered in partnership with third-party providers.

For example, our National Grid Demand Flexibility Service equivents are partially funded by National Grid ESO to provide services to support the electricity grid whilst you reduce your energy usage.

To confirm eligibility for these services, we may share Energy Data and Contact Data about you (specifically your postcode, the first line of your address, your meter identification number and your energy usage) with these third-party energy companies:

  • Electricity network companies, who deliver the electricity network in your local area;

  • Electricity market operators who help balance the grid on behalf of energy generators, network companies and consumers; and

  • Energy service providers who provide aggregation or access services to energy markets.

We may also share your email address and contact details to enable us to deliver an enhanced service and/or reward to you (e.g. send you a reward card from a well-known retailer).

You can opt-out of any of these enhanced services at any time.

10.4 Sharing your data with your energy company or DSO

We may work with your energy company or DSO to deliver our Service to you and may share your personal data with them, subject to the contractual relationship you have entered with them.

10.5 Sharing your data for legal reasons

We will share personal data where we have a legal obligation to do so; for example when directed by a court, or if requested with an appropriate warrant by law enforcement or tax agencies.

We may also share information without your permission where a person’s life is in danger and to instigate or defend a legal claim, for example, with a solicitor, our professional advisors, or a court.

10.6 Sharing your data for other reasons

We may share anonymised data with energy companies, DSOs and other Third Parties. The information transmitted is anonymised, which means no personal information about you is provided and location data is obfuscated to a larger area (such as a neighbourhood, or a position to within 100m to suitably ensure anonymity). Consequently, a third-party will not be able to identify you from any data shared directly from equiwatt.

We may employ third-party companies and individuals to help us deliver and improve our Service to you.

We will take all reasonable precautions to ensure that any third party who processes your personal information on our behalf does so lawfully, commits to keeping your personal data both safe and secure, and will not share it with any other parties without our explicit permission. All third-parties will undergo a due-diligence assessment and a written agreement with specific terms around data security and privacy is in place.

We may share your personal data with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy policy.

11. Third-party websites and links to other sites

This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. We do not operate these external sites and we therefore strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. Retaining and deleting personal data

We will retain your data no longer than is required, as per data protection laws. We will keep data relating to your continued usage of our service and programmes for as long as you remain a customer and then for a period of time following cessation of use of the equiwatt service unless you exercise your ‘right to erasure’ and we have no overriding grounds to retain your personal data. Occasionally, there will be ad-hoc consideration to delete data we no longer require.

There may be circumstances in which we cannot delete some personal data where we have a legal requirement to retain it, such as participation in a Flexible Grid Services project. If you have any questions or want to know more about the data we are unable to delete, feel free to contact us using the details provided below. 

Users can initiate account deletion, i.e. exercising their right to erasure, in our app by heading to ‘Profile’ > ‘Settings’ and then pressing ‘Delete Account’. 

The longest equiwatt will retain your personally identifiable information is seven (7) years from the date you last used our Service to ensure compliance with legal obligations. Anonymised statistical data regarding the use of the app, services and charging activity will be kept indefinitely but will have no personal data associated with this information.

13. Security of Personal Data

equiwatt is committed to maintaining the security of the data you provide us and will take all reasonable measures to protect it. Your personal data is stored by equiwatt on its servers, and on the servers of the cloud-based database management services equiwatt engages, located in the United Kingdom.

All personal Data is collected, stored and deleted strictly in line with GDPR regulations. The Personal Data you provide to us when you register to participate in equiwatt services and technology trials will be used to administer your participation for the purposes described in the equiwatt Terms of Use (https://www.equiwatt.com/terms).

We encrypt all data within our systems at rest. For services provided by third parties , we ensure that, at a minimum, confidential and financial data (such as passwords and cardholder data) are encrypted at rest, and access to all data are encrypted in transit.

Only secure access (such as HTTPS or WSS) is possible to the equiwatt platform. We send all information to the app securely, protected by encryption, to your device. Additionally, where data are accessed directly on our platform by third-parties, access to your data is secure, encrypted and logged.

We will take every precaution to protect your personal data once in our care; however, the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent by you or us over the internet. We value your trust in providing your personal data to us, and we will use all reasonable and commercially acceptable means to protect it. Still, unfortunately, no method of transmission over the internet, or method of electronic storage is 100% secure and reliable.

To help protect your account and personal information, you should ensure that your password is not susceptible to being guessed, whether by a person or a computer program. You are responsible for keeping the password you use for accessing our website confidential, and we will not ask you for your password (except when you log in to our platform). The ICO has some great advice for protecting your information online. 

We won’t ask you to share sensitive information either, such as bank details, for the purpose of verifying your identity. If anyone purporting to be from equiwatt does ask for sensitive information, then please contact us using the details provided below.

For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: privacy@equiwatt.com

14. Data Subject Rights

If you are a resident of the UK or the European Economic Area (EEA), you have certain data protection rights. 

Data Subject rights under GDPR include the following:

The right to be informed – an obligation on us to tell you what we do with your personal data (which we do in our software and via this privacy policy) and we shall inform you if there is a serious breach of your personal data which would result in a high risk to your fundamental rights and freedoms.

The right of access – a right to be told what personal data we hold about you and obtain a copy of that information.

The right of rectification – an obligation in certain circumstances to correct your personal data if it’s inaccurate or incomplete.

The right to erasure – an obligation in certain circumstances to delete or remove your personal data where there is no compelling reason for its continued processing (some jurisdictions also call this right ‘the right to be forgotten’). In some cases we are legally required to retain some personal data about you, for more information on exemptions on the right to erasure, see this information from [ICO: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/#ib6]

The right to restrict processing – an obligation in certain circumstances to stop actively processing your personal data.

The right to data portability – an obligation in certain circumstances to allow you to transfer your personal data from us to a third party.

The right to object – an obligation in certain circumstances to allow you to object to us processing your personal data where we do not have an overriding reason. You also have an absolute right to object to use of your personal information for direct marketing purposes.

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

You have the right to be made aware of any automated decision-making, made without any human involvement, or profiling of your personal information by equiwatt. Currently, we don’t use any automated decision-making.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

If you ask for a copy of your personal information we will need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights), to ensure that we do not disclose personal data to any person who has no right to it. We may also contact you to ask you for further information concerning your request to speed up our response.

Should you wish to exercise any of your rights listed here, please contact our support team at privacy@equiwatt.com.

We try to complete all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you informed of how we will deal with your requests.

If you have made an enquiry directly to us and we have not dealt with it to your satisfaction, you have the right to complain to the supervisory authority responsible for data protection in whichever state or country you reside. The data protection authority in the UK is the ICO.

15. Children's Data

These Services do not address anyone under the age of 16. We neither target or knowingly collect personally identifiable information from children under 16. In the case we discover that a child under 16 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to perform the necessary actions.

16. Questions, concerns or complaints

If you would like to know more about how we use your information, or if for any reason you do not wish to have your information used in any of the ways described here, please email us at privacy@equiwatt.com.

 

Appendix A

Not all of the below data is personal data nor is it all relevant in every use case, however, our aim is to be transparent in how we process data in the course providing a service to our users.

Identity and Contact Data

  • First name and last name

  • Your username or similar identifier in the equiwatt platform

  • An encrypted version of your password

  • Your social media username (if you interact with us via social media)

  • Your home address, email address(es) and telephone number(s)

Profile and Consent Data

  • Your preferences on how and when we can contact you

  • Preferences on your subscriptions to digital marketing and non-marketing communications

  • A record of where you have provided or withdrawn consent to share your data with third-parties

  • Feedback to surveys and questionnaires delivered via email and in-app

  • Feedback provided during research programmes (which may be anonymised or semi-anonymised)

  • Partly anonymised data from app analytics platforms such as Google Analytics which show an aggregated view of how you use our apps and website

Energy Data

  • Your energy supplier name and price plan or tariff name

  • Your home energy consumption (this can include your EV and Kasa smart plug consumption)

  • Billing information about your supply such as your energy supplier account number

  • MPAN or Meter Serial Number

Hardware Data

  • The make and model of your electric vehicle

  • The battery size and charging capabilities of your electric vehicle

  • The make, model and configuration of your smart charger

  • The state of charge of your electric vehicle

  • The location of your electric vehicle and charger

  • If your electric vehicle and charger are connected

  • If your electric vehicle is charging

  • The make and model of your smart device(s)

  • The state of your smart device(s)

  • If your smart device(s) are connected

Third-Party Account Data

  • Encrypted username and password or access token for a third-party service kept in a secure enclave

  • Account identifiers or references to identify your account in a third-party’s system

  • These data will only be requested and stored after you have provided consent

Technical Data

  • Connection information such as IP address

  • Device geolocation

  • Client information such as the type and version of the device, operating system, browser and any plugins you may be using

  • Your time zone and locale

Transaction and Financial Data

  • Details of the products and services you have purchased or claimed from us (e.g. gifts redeemed via the gift store)

  • Details of how much energy used to charge your electric vehicle, and when this charging happened

  • Payment information made to us from you, including references to your account stored in our payment providers’ system

Tracking Data

  • Includes information we or others collect about you from cookies, user attribution and similar tracking technologies