Privacy Policy

This privacy policy is for the website www.ceresenergy.co.uk and the company Ceres Energy Limited. This policy governs the privacy of the website and the company’s users.We are committed to protecting and respecting your personal data in accordance with the Data Protection Act 1998 (DPA) and the new EU General Data Protection Regulation (GDPR).

At Ceres Energy we take your privacy seriously and will only use your personal information for operational purposes to administer your account, respond to emails/ phone calls and to provide you with any products or services you have requested from us. This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from our users.

This policy sets out the different aspects of where a user’s privacy is concerned and outlines the obligations and requirements of the user, the website, the website owners and the company. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.

Our website is not intended for children and we do not knowingly collect information relating to children.

 

ABOUT US

Ceres Energy Limited is the controller and responsible for your personal information. Our General Manager is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the General Manager using the ‘CONTACT US’ details below.

Ceres Energy deems that information that is provided by users (primary contact information, including but not limited to name, personal telephone number and personal email address(es)) is provided on a voluntary basis and therefore is provided with deemed consent to the company. Individuals may refuse to consent to the collection, use or disclosure of their personal information by Ceres Energy or withdraw a previously given consent at any time. Should consent for use and/ or disclosure of personal information provided to Ceres Energy be withdrawn or insufficient for Ceres Energy to manage an ordinary business relationship, Ceres Energy may be prevented from proceeding with the relationship.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

CERES WEBSITE

LOG DATA

Like many site operators, our site uses tracking software to collect information that your browser sends whenever you visit our website (“Log Data”). We use Google Analytics to collect, monitor and analyse this information. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here https://policies.google.com/privacy

This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our website that you visited, the time and date of your visit, the time spent on those pages and other statistics.

COOKIES

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.

Like many sites, we use “cookies” to collect information. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.

SECURITY

The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we employ reasonable, technical and organisational measures to keep personal data safe and to prevent loss, misuse and unauthorised access. These measures include encryption, firewalls and password protection. It is, however, your responsibility to ensure that your device is adequately secured and protected.

 

TETHRA NEWSLETTER

Ceres Energy’s sister company Tethra Energy operates a weekly newsletter subscription service from the Ceres Energy website. Users can subscribe using an online automated process at their own discretion. This automated service is provided by Mailchimp. You can read Mailchimp’s privacy policy here https://mailchimp.com/legal/privacy. On occasion it may be possible, with prior written consent to process the subscription manually. By subscribing to receive this newsletter you are consenting for us to collect your personal data.

All personal details relating to subscriptions are held securely and in accordance with the DPA 1998 and GDPR.

 

SHARING INFORMATION

We will never sell your personal information or share it with third parties who might use it for their own purposes without your express opt-in consent or as set out below.

Any third parties handling personally identifiable information, such as Mailchimp, will act as data processor, on behalf of Ceres Energy. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

We may have to share your personal information with the parties set out below:

  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy notice.
  • Service providers who provide services such as IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers.
  • HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.

International Transfers

We do not envisage the need to transfer any data outside of the EEA. If we do need to for operational purposes, we will ensure at least one of the following safeguards is implemented:

  • We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • If we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer information to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the Europe and the US.

 

DATA RETENTION

We will retain your data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

Our retention period will usually be 6 years from when we have fulfilled the purposes we collected it for. However, this may be adjusted when we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

YOUR RIGHTS

The GDPR provides the following rights to individuals regarding your personal information.

Your Subject Access Rights (SARS)

Individuals have:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to delete
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • rights in relation to automated decision making and profiling

 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

 

CHANGES TO THIS PRIVACY POLICY

This Privacy Policy is effective as of the 22nd May 2018 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

 

CONTACT US

If you have any questions about this Privacy Policy, please contact us.

Correspondence Office: The Old Grammar School, Hallgate, Hexham, NE46 1XD

Registered Office: Harlequin House, Clayton Road, Jesmond, Newcastle upon Tyne, NE2 4AP