Customer Privacy Notice
We collect your personal data so that we can manage our relationships with you. Activities that we require personal data for include:
- Responding to requests and providing information.
- Building, planning and developing electric vehicle charge point networks.
- Building, planning and developing electricity assets.
- Building, planning and developing communications networks.
- Managing the safe, secure and reliable operation of electricity generation assets in Ireland.
- Management of legal queries, disputes and claims.
- Management of financial transactions.
- Recruitment and selection of new employees.
- Preparation and processing of invoices and payments.
- Providing shared services across ESB Group.
- Compliance with legal and regulatory requirements.
- A range of other activities which we are obliged to undertake, or which we have gained consent to complete
We ensure that the information we collect is appropriate to the purposes for which it is obtained.
We keep our computer systems, files and buildings secure by following legal requirements and international security guidance. We make sure that our staff, and anyone with access to personal data that we are responsible for, is fully trained on how to protect personal data. We ensure that our processes clearly identify the requirements for managing personal data and that they are up to date. We regularly audit our systems and processes to ensure that we remain compliant with these policies and legal obligations
At ESB, we recognise the importance of personal data entrusted to us. We may collect and hold a range of information about you. Examples of the types of information we may hold includes:
- Contact details and personal security information that you have provided to allow us to contact you, and to help us correctly identify you when you contact us
- Personal documentation that you have provided to us. This may include documentation you have provided as proof of address, proof of marital status, proof of vehicle or land ownership, etc..
- Contact and identification information that you have provided to us as a visitor to one of our offices or sites.
- Information about you, where you have electricity infrastructure on or near your land
- Information that you have provided to allow us to inform you about high river flows
- Land registration details for property and/or land that you may have a controlling interest in, which you have provided to us or that we have identified through land registry records
- Information about your interactions with us
- Details about legal matters that have been shared with us by you or your legal representatives
- Details of financial transactions between you and ESB.
- Financial data that you have shared with us, or that we have received as a result of carrying out a credit check
- Personal and medical data that you or your legal representatives have shared with us in relation to a legal claim
- Information about your current and past transactions at vehicle charge points, including details of the amount of electricity consumed.
- Recordings of telephone conversations with you.
- CCTV images captured for security purposes
- Information you have provided in your Curriculum Vitae, or in an employment application, including details about your past employment history
- Information about your career history and experience which we receive from recruitment agencies or referees as part of an employment application
- Results of psychometric tests that you have taken part in as part of an employment selection process
- Information about you disclosed to us in tender responses
- Information about you which has been disclosed to us by you or your employer, where your employer is providing services to ESB
We collect most of this information directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, using our website or on social media). Some information is collected as a result of individuals using our services, or interacting with us. We may also obtain information about individuals from external parties, such as credit reference agencies.
Our websites use ‘cookies’ to help us provide users with a better experience each time they visit. A cookie is a small piece of text that is placed directly on a device when it is used to visit a website. This helps to give the user a better experience when using the website. The information gathered by the cookie stays on the user’s device.
We use information gathered from cookies to help improve users’ experience on our website, for security, and to personalise content and advertising. For example, cookies help us to identify that the device has visited our site before, allowing us to customise the experience based on previous browsing history. It also helps us to determine the most relevant, related products to show that user when they are browsing. Further information about the type of cookies that we use and their purpose is available in the Cookies Policy, which you will find in Part II of this document.
Information collected by us will be held for as long as it is required to fulfil the purpose it was collected for and to protect our business and our rights. We are required to keep certain types of information for a specific period of time in order to comply with legal requirements. The length of time we keep any part of your personal information will depend on the type of information and the purpose for which it was obtained
We use personal data so that we can provide our services and perform our statutory function. The following are the main ways we use personal data:
- Discussing and responding to your requests for information
- For the management and supply of electricity through our electric vehicle charge point stations and infrastructure
- Setting up new accounts and billing arrangements
- Monitoring payment activity and managing debt
- Planning the development of electricity generation infrastructure in Ireland
- Responding to and managing legal queries, disputes and claims
- Managing transactions involving the purchase, lease or sale of land and assets
- For the processing and management of wayleave requests and notifications
- Managing access and security of our offices, other facilities and IT systems
- To provide a fishing/boating licence or verify the validity of a licence to use waters that we are responsible for
- In the recruitment and selection of new employees
- To facilitate our involvement in community projects and/or sponsorships
- To communicate with you about events, publications and other matters we are required to tell you about, or that you have requested we update you on
- To protect or enforce our rights or the rights of any third party
- In the detection and prevention of fraud and other crime
- For the purpose of safeguarding someone’s vital interests
- Responding to requests from the courts and enforcement authorities.
- To demonstrate compliance with legal and regulatory requirements including the Safety, Health and Welfare Act 2005
In order for us to carry out certain activities using your personal data, we may need to ask for your consent. For example, in order to allow us to make contact with you via email or SMS to make you aware of new products that may be of interest to you, we need you to have provided us with prior consent to do so.
When consent is being requested, we will provide options such as the choice of whether we may contact you by phone, post, email, text or through other digital media.
Where we require consent, we will explain why and provide sufficient information to allow you to make an informed decision.
When we receive consent to perform such activities, that consent may be withdrawn at any time by contacting us.
We may share your personal data with, or disclose your personal data to, the following categories of third party:
- Agents or suppliers: these are persons or companies we have contracts with to provide products or services that we use in conducting our business, including managing our relationship with our customers. In many cases, they will be within the European Economic Area (EEA) but in some cases they may be outside of the EEA. We will only share or disclose to these parties the information that they need in order to provide the products or services, and will require those parties to ensure that the information is always adequately protected.
- Legal and Professional advisers: we may share or disclose personal data to legal and professional advisers we may engage for any reasonable purpose in connection with our business, including assistance in protecting our rights
- Regulatory Authorities: we may be required to disclose personal data to Irish or European regulatory authorities including energy regulators, environmental protection agencies or data protection Supervisory Authorities.
- Other external bodies: in certain circumstances, we may be required by law to disclose personal data to external bodies, such as local authorities, government departments or An Garda Síochána. In these cases, we will only disclose the minimum amount of information required to satisfy our legal obligation. However, once the information is disclosed, we will not be able to control how it is used by those bodies.
The collection and use of your data by ESB is overseen by the ESB Group Data Protection Officer. If you wish to contact our Data Protection Officer, you can email email@example.com or via post at Data Protection Officer, ESB, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92, Ireland
As ESB captures, stores and processes your personal information in order to carry out a range of services and activities, you have a range of rights available to you to give you confidence that your information is appropriately managed.
The rights that you have available to you include:
Gaining access to and copies of your personal data: you are entitled to receive, on request and free of charge, a copy of all your personal data that we hold. There are some limitations to this right. For example, if the data also relates to another person and we do not have that person’s consent, or if the data is subject to legal privilege. Where there is data that we cannot disclose, we will explain this to you.
Ensuring that your data is accurate: our aim is to ensure that the data we hold about you is correct and up to date. From time to time we may contact you to verify the information that we hold. You may also contact us to correct any errors that you notice.
Granting or Removing consent: where we require your consent for any processing, for example, to provide you with direct marketing communications, we will clearly explain what the consent is for, and any consequences of giving or refusing consent, and will provide that consent can only be given by way of a positive action by you. We will also ensure that you are able to withdraw any such consent at any time.
Restricting processing of your data: you have the right to request us to restrict the processing of your personal data in certain circumstances, for example, if there is a dispute over our rights to carry out specific processing activities, or where you do not want us to delete data. We will respond promptly to your request and will provide an explanation if we cannot fully comply.
Deletion of your data: in certain circumstances, you may have the right to have some or all of your personal data deleted from our records. This is sometimes referred to as the “right to be forgotten”. This may occur if, for example, we retain data which is no longer required by us, or if you withdraw a consent. If you continue to have a relationship with us, we must retain the data we need to manage this relationship. We will respond promptly to your request, and provide reasons if we object to the deletion of any of your personal data.
Moving your data: where it is possible for us to provide it, you have the right to receive a digital copy of the personal data that you have provided to us.
International Transfers of Data: in certain circumstances, we may transfer your personal information internationally, including outside of the European Economic Area (EEA). Should we do this, we ensure that all transfers are made in accordance with data protection law and that your data it will be given an equivalent level of protection that it has when it is being managed in Ireland.
If for any reason you have a complaint about our use of your personal information, or you are unhappy in any way with the information we provide to you, we would like you to contact us directly so that we can address your complaint. You can contact us by email at firstname.lastname@example.org or by postal mail at Data Protection Officer, ESB, 27 Fitzwilliam Street Lower
Dublin 2, D02 KT92, Ireland. You may also contact the Data Protection Commission in Ireland on 1890 252 231, by email at email@example.com or by postal mail at Data Protection Commission, Canal House, Station Road, Portarlington R32 AP23, Co. Laois.
We will occasionally update this privacy notice. We will post a notice of any material changes on our website prior to implementing the changes, and, where appropriate, notify you using any of the contact details we hold for you for this purpose. We encourage you to periodically review this notice to be informed of how we use your information.