At Ceres Energy we take your privacy seriously and will only use your personal information for operational purposes to administer your account, respond to emails/ phone calls and to provide you with any products or services you have requested from us. This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from our users.
This policy sets out the different aspects of where a user’s privacy is concerned and outlines the obligations and requirements of the user, the website, the website owners and the company. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.
Our website is not intended for children and we do not knowingly collect information relating to children.
Ceres Energy Limited is the controller and responsible for your personal information. Our General Manager is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the General Manager using the ‘CONTACT US’ details below.
Ceres Energy deems that information that is provided by users (primary contact information, including but not limited to name, personal telephone number and personal email address(es)) is provided on a voluntary basis and therefore is provided with deemed consent to the company. Individuals may refuse to consent to the collection, use or disclosure of their personal information by Ceres Energy or withdraw a previously given consent at any time. Should consent for use and/ or disclosure of personal information provided to Ceres Energy be withdrawn or insufficient for Ceres Energy to manage an ordinary business relationship, Ceres Energy may be prevented from proceeding with the relationship.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our website that you visited, the time and date of your visit, the time spent on those pages and other statistics.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
Like many sites, we use “cookies” to collect information. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we employ reasonable, technical and organisational measures to keep personal data safe and to prevent loss, misuse and unauthorised access. These measures include encryption, firewalls and password protection. It is, however, your responsibility to ensure that your device is adequately secured and protected.
All personal details relating to subscriptions are held securely and in accordance with the DPA 1998 and GDPR.
We will never sell your personal information or share it with third parties who might use it for their own purposes without your express opt-in consent or as set out below.
Any third parties handling personally identifiable information, such as Mailchimp, will act as data processor, on behalf of Ceres Energy. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
We may have to share your personal information with the parties set out below:
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy notice.
- Service providers who provide services such as IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers.
- HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.
We do not envisage the need to transfer any data outside of the EEA. If we do need to for operational purposes, we will ensure at least one of the following safeguards is implemented:
- We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- If we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer information to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the Europe and the US.
We will retain your data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
Our retention period will usually be 6 years from when we have fulfilled the purposes we collected it for. However, this may be adjusted when we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
The GDPR provides the following rights to individuals regarding your personal information.
Your Subject Access Rights (SARS)
- the right to be informed
- the right of access
- the right to rectification
- the right to delete
- the right to restrict processing
- the right to data portability
- the right to object
- rights in relation to automated decision making and profiling
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Correspondence Office: The Old Grammar School, Hallgate, Hexham, NE46 1XD
Registered Office: Harlequin House, Clayton Road, Jesmond, Newcastle upon Tyne, NE2 4AP