ESB and Your Data

Electricity Supply Board (ESB) and its wholly and majority-owned entities (collectively, the “ESB Group”), is a leading Irish diversified and vertically integrated utility operating right across the electricity market from generation, through transmission and distribution to the supply of customers, with an expanding presence in the UK generation market.

We employ almost 9,000 employees and through our internal business functions we process information about our staff in order to manage effectively our relationship with our employees. We are committed to safeguarding the privacy of the personal information that we gather concerning our prospective, current and former employees for management, human resources, payroll and related purposes.

Customer Privacy Notice 

Electric Ireland is a retail arm of ESB, supplying electricity, gas and energy services to the business and residential markets in the Republic of Ireland and Northern Ireland. More information here. 

ESB Networks DAC (ESBN), a wholly owned subsidiary of ESB, is the licensed operator of the electricity distribution system in the Republic of Ireland. Serving all electricity customers and electricity market participants across the country, are responsible for building, operating, maintaining and developing the electricity network. ESBN manage electricity meter and meter data operations across the country, coordinating and supporting the operation of the competitive retail and wholesale electricity markets. More information here. 

Note: It is important to highlight that in line with government guidance ESB Networks DAC is a ring-fenced subsidiary of ESB an thus data transfers between ESBN and Electric Ireland or the wider-ESB Group are limited to standard electricity market messages and communications.

ESB ecars is part of the ESB Group, which builds, owns and operates EV charging networks for public use across the island of Ireland. For purposes of data protection law, the following are the “data controllers”, all of whom trade as ESB ecars:

• If you are a Republic of Ireland customer, ESB ecars means ESB Innovation ROI Ltd.
• If you are a Northern Ireland customer, ESB ecars means ESB Innovation UK Ltd.

Personal data will be shared between the two above entities for the purposes of facilitating all island operations.

ESB ecars Privacy Notice

This privacy notice applies to the use of personal data by ESB ecars. It explains what information we collect, how we use it, who we share it with and how we protect it. It also details the rights available to you in relation to how we hold and use your personal data, how to exercise those rights, and what to do if you require more information or wish to make a complaint.

This privacy notice applies to all personal data we hold, irrespective of any relationship with us.

Why we collect your Personal Data

We collect your personal data so that we can manage our relationships with you. Activities that we require personal data for include:

• Responding to requests and providing information
• Account registration and Account management
• Billing you and taking payment
• Issuing a charge point access card to you
• Building, planning and developing electric vehicle charge point networks
• Management of legal queries, disputes and claims
• Compliance with legal and regulatory requirements
• A range of other activities which we are obliged to undertake, or which we have gained consent to complete   

We ensure that the information we collect is appropriate to the purposes for which it is obtained.

Types of Personal Data we may hold and where it comes from

At ESB ecars, we recognise the importance of personal data entrusted to us. We may collect and hold a range of information about you. Examples of the types of information we may hold includes:

• Contact Details: Including your name, address, telephone number and email address
• Personal documentation that you have provided to us. For example, proof of identification, address or vehicle ownership
• Vehicle Information: Details about your vehicle including, make, model, registration number, as well as the year of registration
• Charging data: Charging session details including the date, time, location, duration and energy consumed
• Payment information: Credit/debit card details and bank account details you provide to make payment for the products and services we provide to you; as well as a record of your payment history with us
• Communications: Information about your interactions with us including recording/reporting of faults, issues encountered while charging on our network and account related queries
• Recordings of telephone conversations between you and our customer support teams
• Marketing information: details of your consent for us to send marketing information and your preferences around this
• Information provided by you when you take part in customer surveys or market research
• When you use our website and or mobile application, our cookies collect information about the pages you look at on our website and or mobile application and how you use them, your device type, operating system and browser type
• Any other personal data relating to you that you provide to us or that we generate in connection with our relationship with you

We collect most of this information directly from our interaction with you, when you contact us in writing, by telephone or electronically (by email, using our website or on social media). Some information is collected as a result of you using our services.  Some information may also be collected about you from contracted external third parties, such as Fleet Management service providers.

How we may use Personal Data

We use personal data so that we can, in accordance with our customer contracts, provide products and services to you and perform general account management. We may also use your personal data in order to meet our legal and statutory obligations and where we have a legitimate interest to do so, such as market research surveys or to defend against legal claims.

The following are the main ways we use personal data:

• Discussing and responding to your requests for information
• To provide our EV charging services to you and maintaining your account
• Setting up new accounts and billing arrangements
• To send you charge point access cards
• Monitoring payment activity and managing debt
• Delivering service communications
• For the purpose of safeguarding someone’s vital interests, responding to statutory obligations or requests from the courts and enforcement authorities
• In order to respond to emergency situations
• In the detection and prevention of fraud and other crime
• To protect or enforce our rights or the rights of any third party
• Responding to and managing legal queries, disputes and claims
• Developing, maintaining and improving our services. For example, to conduct customer surveys, to analyse usage patterns, conduct research and enhance the performance of our services
• To enable us to provide services to you such as our online account management tool and Mobile Application

Activities that require your consent

In order for us to carry out certain activities using your personal data, we may need to ask for your consent. When consent is being requested, we will provide options such as the choice of whether we may contact you by phone, post, email, text or through other digital media.

Where we require consent, we will explain why and provide sufficient information to allow you to make an informed decision.

When we receive consent to perform such activities, that consent may be withdrawn at any time by contacting us.

Direct Marketing

ESB ecars may contact you for direct marketing purposes via Email, Phone, Post and/or SMS where we have received your consent to do so. You will only receive communication on the channel that you have opted in to. We will always give you an option of unsubscribing from direct marketing via the channel on which you received the communication from us.

Who we share information with

We may share your personal data with, or disclose your personal data to, the following categories of third party:

Agents or suppliers: These are contract bound persons or companies who provide products or services that we use in conducting our business.  These may include companies that: support our IT, process bills and payments, provide customer service and provide charge point network maintenance services. In many cases, they will be within the European Economic Area (EEA) or the United Kingdom but in some cases they may be outside of these jurisdictions. We will only share or disclose to these parties the information that they need in order to provide the products or services and will require those parties to ensure that the information is always adequately protected.

Professional advisers: we may share or disclose personal data to professional advisers we may engage for any reasonable purpose in connection with our business, including assistance in protecting our rights.

EV charge point site owners including local authorities: We may provide third party EV charge point site owners and local authorities with energy consumption data relating to the charge points located at their sites.  All data shared in this manner is fully anonymised.

Other external bodies: In certain circumstances, we may be required by law to disclose personal data to external bodies such as health and safety authorities, the national statistics agencies and law enforcement agencies. 

In certain circumstances we may also provide fully anonymised data to other external bodies such as government departments, research institutions and local authorities.

Our use of Cookies

Our websites use ‘cookies’ to help us provide users with a better experience each time they visit. A cookie is a small piece of text that is placed directly on a device when it is used to visit a website. This helps to give the user a better experience when using the website. The information gathered by the cookie stays on the user’s device.

We use information gathered from cookies to help improve users’ experience on our website, for security, and to personalise content and advertising. For example, cookies help us to identify that the device has visited our site before, allowing us to customise the experience based on previous browsing history. It also helps us to determine the most relevant, related products to show that user when they are browsing. Further information about the type of cookies that we use and their purpose is available in the Cookies Policy, which you will find at Customer Privacy Notice (esb.ie).

We do not use cookies to gather any personal data for storage on our systems. The user can delete the cookie and the information that it gathers at any time using the settings in their internet web browser. 

How long we keep data

Information collected by us will be held for as long as it is required to fulfil the purpose it was collected for and to protect our business and our rights. We are required to keep certain types of information for a specific period of time in order to comply with legal requirements. The length of time we keep any part of your personal information will depend on the type of information and the purpose for which it was obtained. 

Security of your Personal Data

We keep our computer systems, files and buildings secure by following legal requirements and international security guidance. We make sure that our staff, and anyone with access to personal data that we are responsible for, is fully trained on how to protect personal data. We ensure that our processes clearly identify the requirements for managing personal data and that they are up to date. We regularly audit our systems and processes to ensure that we remain compliant with these policies and legal obligations.

How to contact us

The collection and use of your data by ESB ecars is overseen by the ESB Group Data Protection Officer. If you wish to contact our Data Protection Officer, you can email dpo@esb.ie or via post at Data Protection Officer, ESB Head Office, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92. If you wish to speak with an ESB ecars customer service representative, you can contact the Customer Support Centre in the Republic of Ireland on 00 353 1 258 3799 or in Northern Ireland on 00 44 345 601 8303.

How we address your rights

As ESB ecars captures, stores and processes your personal information in order to carry out a range of services and activities, you have a range of rights available to you to give you confidence that your information is appropriately managed.

Gaining access to and copies of your personal data: you are entitled to receive, on request and free of charge, a copy of all your personal data that we hold. There are some limitations to this right. For example, if the data also relates to another person and we do not have that person’s consent, or if the data is subject to legal privilege. Where there is data that we cannot disclose, we will explain this to you. To request a copy of your data, please email dpo@esb.ie or send a letter to Data Protection Office, ESB Head Office, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92.

Ensuring that your data is accurate: our aim is to ensure that the data we hold about you is correct and up to date. From time to time we may contact you to verify the information that we hold. You may also contact us to correct any errors that you notice.

Granting or Removing consent: where we require your consent for any processing, for example, to provide you with direct marketing communications, we will clearly explain what the consent is for, and any consequences of giving or refusing consent, and will provide that consent can only be given by way of a positive action by you. We will also ensure that you are able to withdraw any such consent at any time.

Restricting processing of your data: you have the right to request us to restrict the processing of your personal data in certain circumstances, for example, if there is a dispute over our rights to carry out specific processing activities, or where you do not want us to delete data. We will respond promptly to your request and will provide an explanation if we cannot fully comply.

Deletion of your data: in certain circumstances, you may have the right to have some or all of your personal data deleted from our records. This is sometimes referred to as the “right to be forgotten”. This may occur if, for example, we retain data which is no longer required by us, or if you withdraw consent. If you continue to have a relationship with us, we must retain the data we need to manage this relationship. We will respond promptly to your request and provide reasons if we object to the deletion of any of your personal data.

Moving your data: where it is possible for us to provide it, you have the right to receive a digital copy of the personal data that you have provided to us.

International Transfers of Data: in certain circumstances, we may transfer your personal information internationally, including outside of the European Economic Area (EEA) or the United Kingdom. Should we do this, we ensure that all transfers are made in accordance with data protection law and that your data it will be given an equivalent level of protection that it has when it is being managed in Ireland.

How to make a complaint

If for any reason you have a complaint about our use of your personal information, or you are unhappy in any way with the information we provide to you, we would like you to contact us directly so that we can address your complaint. You can contact us by email at dpo@esb.ie or by postal mail at Data Protection Officer, ESB Head Office, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92. 

You may also contact the Data Protection Commission in the Republic of Ireland or the Information Commissioners Office in Northern Ireland via the following methods:

Data Protection Commission: Telephone: 1800 437 737, Email: info@dataprotection.ie, Post: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28

Information Commissioners Office: Telephone: 028 9027 8757 / 0303 123 1114, Email: ni@ico.org.uk, Post: Information Commissioner's Office - Northern Ireland, 3rd Floor, 14 Cormac Place, Belfast, BT7 2JB.

Changes to our privacy notice

We will occasionally update this privacy notice. We will post a notice of any material changes on our website prior to implementing the changes, and, where appropriate, notify you using any of the contact details we hold for you for this purpose. We encourage you to periodically review this notice to be informed of how we use your information. Version updated October 2023.

ESB has been Ireland's foremost energy company since it was established in 1927, driven by an unwavering commitment to power society forward and deliver a net-zero future for our customers and the communities we serve.  We employ more than 9,000 employees and through our internal business functions we process information about our staff to manage our relationship with employees. We are committed to safeguarding the privacy of the personal information that we gather concerning our prospective, current, and former employees for management, human resources, payroll, and related purposes. 

• Personal identification information such as name, address, gender, date of birth, marital status, PPSN, nationality, staff number.
• Other information which you have provided to allow us to identify and contact you such as phone number, passport, photographic identification.
• Your contract of employment and any amendments to it.
• Details that you have provided about your emergency contact(s), next of kin, spouse, partner, dependents, or other beneficiaries.
• Employment identifiers such as staff number or business email address that have been provided or have been assigned.
• Information that you have provided about academic background or professional certifications.
• Information you have provided in your curriculum vitae, or in an employment application, including details about your past employment history.
• Information about memberships of groups or societies (e.g. trade union membership, staff sports and social club membership) that you have provided to facilitate us processing salary deductions.
• Information that you have consented to provide as part of our equal opportunities or diversity and inclusion programmes.
• Information which you have provided as a director of a subsidiary company to ensure we comply with our legal, tax and regulatory obligations such as PPSN, passport, photographic identification, and utility bill.
• Photographic images used for security and identification information or for use in internal and external purposes.
• CCTV images captured for security, safety, compliance of ESB policies or other lawful purposes.
• Building access data captured for security, safety, and building management purposes.
• Voice recordings of telephone calls where you have been notified that the calls are being recorded.
• Video recordings of business related meetings that you have attended where it has been notified that the meeting is being recorded.
• Copy of driving licence, insurance details, work permits and safe pass details.
• Electricity Account number (for electricity discount).
• Vehicle and driving licence details to facilitate payment of expenses and compliance with legal obligations.
• Copy of passport and travel visas.
• Banking details that you have provided to facilitate electronic payments.
• Financial data in relation to payroll, pension, benefits, and expenses.
• Medical data that is relevant to the performance of your duties or entitlements.
• Intoxicant test data that is relevant to the performance of your duties where a risk of being under the influence of an intoxicant at work has been highlighted on a risk assessment.
• Other medical data that you choose to share with us.
• Career history and performance data that is collected as part of our performance management activities including, where appropriate, disciplinary and grievance records.
• Correspondence with or about you, for example a letter to your mortgage company.
• Information regarding your use of ESB equipment.
• Personal email addresses for use in specific situations.
• Locational data (fleet management system).
• Religion in one jurisdiction for equality purposes.
• Psychometric test results for recruitment and development purposes. 

Much of the information we hold will have been provided directly by you, but it may also come from other internal sources, such as your manager or a colleague, or external sources, such as referees, employment agencies or a family member. 

• Processing in relation to salary, benefits, expenses, allowances, and deductions. 
• For HR Approvals such as moving from temporary to permanent status.
• To manage employee relations (e.g. grievance processes).
• For recruitment and selection processes such as internal or external recruitment.
• For performance and development activities such as goals setting, development plans, training.
• For administering pensions processes such as pensions contributions or pension adjustment orders.
• For arranging business travel and accommodation.
• To validate eligibility to drive ESB owned vehicles or to be covered by ESB insurance policies.
• To comply with legal or regulatory requirements.
• Processing of personal and medical data for health insurance processes such as membership subscriptions or medical related claims or travel/motor insurance.
• Conduct of staff surveys.
• In the development, monitoring and enforcement of ESB policies and guidance.
• To manage the appointment of staff members nominated as a director to subsidiary boards and to comply with legal, tax and regulatory requirements and the maintenance of an Ultimate Beneficial Owners register.
• To run elections for the selection of worker directors, pursuant to the Worker Participation State Enterprises) Acts.
• To run elections for the selection of staff representatives on the Joint Industrial Council. 

Should there be any reason for us to collect sensitive personal information (e.g. medical data or trade union membership) other than as outlined in your contract of employment, we ask for consent to collect it. Before consent is given, we explain what information will be collected and what we will use it for. Again, this consent can be withdrawn by contacting us. 

Changes to our Privacy Notice

We will occasionally update this privacy notice. We will post a notice of any material changes on our website prior to implementing the changes, and, where appropriate, notify you using any of the contact details we hold for you for this purpose. We encourage you to periodically review this notice to be informed of how we use your information.