Privacy Policy for One Utility Bill Ltd. applications and services

Introduction

One Utility Bill Ltd. ("we", "our", or "us") registered in England number 9534085, is dedicated to safeguarding the privacy and security of your personal information. This privacy policy outlines our practices for collecting, using, sharing, and protecting your personal information when you utilise our services ("Services"), visit our websites, or interact with us.

By engaging with our Services, you consent to the collection and use of information in accordance with this policy. We are committed to being transparent about the data we collect and how we use and protect it.

This privacy policy covers multiple websites and web applications, under multiple One Utility Bill Ltd. brands (One Utility Bill, and Fused, and Notify), that fall under the following domains: https://oneutilitybill.co, https://fusedbills.co.uk, and https://getnotify.co.uk.

 

Information We Collect

We collect personal information such as:

  • Name

  • Phone Number

  • Email Address

  • Date of Birth

  • Payment Information

  • Address

  • Any information included in the text or subject line of a message from a person.

  • Status of Marketing Subscription or Unsubscription, Preferences for Receiving Communications, Interactions with Emails

  • Internet Protocol (IP) Address, Sign-in Credentials, Type of Web Browser, Tracking Files, Operating System Details, Website Navigation Data, Items Browsed

  • Readings from Energy Meters

How We Use Your Information

Your personal information is used to:

  • Provide and manage our Services efficiently.

  • Process payments and manage transactions securely.

  • Communicate important information regarding your account or our Services.

  • Enhance and personalise your experience with our Services.

  • Fulfill legal and regulatory obligations.

Sharing Your Information

Subprocessors

We share your information with third-party subprocessors who assist us in providing our Services. We ensure all subprocessors adhere to stringent data protection standards. Below is a list of our subprocessors and details regarding their data processing locations:

Linode LLC. (Akamai) https://www.linode.com/ Cloud hosting services, handling all personal data. Data processed in the EEA
Google Inc. (Workspace, GCP) https://workspace.google.com/
https://cloud.google.com/
Various services including cloud hosting and analytics, handling email content and user behavior data. Data processed in the EEA
Amazon Web Services, Inc. https://aws.amazon.com/ Cloud services for functionality like document parsing, handling all personal data. Data processed in the EEA
HubSpot, Inc. https://www.hubspot.com/ CRM software, handling contact information and engagement data. Data processed in the EEA
Aircall https://aircall.io/ Call center software, processing contact details and call recordings. Data processed outside the EEA
Sentry (Functional Software, Inc.) https://sentry.io/ Application monitoring, handling application logs. Data processed outside the EEA
Datadog https://www.datadoghq.com/ Monitoring and analytics, processing operational data. Data processed in the EEA
Recco https://www.retailenergycode.co.uk/ Energy market data services, handling address and property information. Data processed in the EEA
Street Group https://data.street.co.uk/ Address and property data services, handling publicly associated data. Data processed in the EEA
Stripe Payments Europe, Limited https://stripe.com/gb Payment processing, handling transactional data. Data processed in the EEA
GoCardless Ltd. https://gocardless.com/ Direct debit services, processing bank details and transactions. Data processed in the EEA
Twilio Inc. https://www.twilio.com/ Communications platform, handling contact details and content. Data processed outside the EEA
 CastleIO https://castle.io/ Fraud detection and user behavior analytics, handling email address, phone number, IP address, HTTP headers, and user agent. Data processed outside the EEA


GDPR Compliance

We adhere to the General Data Protection Regulation (GDPR) 2016/679, ensuring the highest standards of data protection. Our practices are designed to provide transparency, data security, and respect for user rights as outlined by the GDPR.

 

Ensuring Security with Non-EU Data Processors

In cases that we're required to transfer your personal information out of the EEA, we ensure its safety by applying necessary safeguards. This may include relocating your personal information exclusively to countries that the European Commission or ICO has approved as having sufficient protection, or by employing special contractual safeguards. For detailed information on how we safeguard your data during these transfers, please contact us at data@oneutilitybill.co.

 

Your Rights

Under GDPR, you have the right to access, correct, delete your personal information, and more. To exercise these rights, please submit a subject access request using this form, or contact us at data@oneutilitybill.co.

 

Data Retention

Your personal information will be retained by us only for the time necessary to fulfil the obligations for which it was collected, including to comply with legal, regulatory, accounting, or administrative obligations.

Under certain conditions, we may anonymise your personal data (making it impossible to link back to you) for purposes like research or statistical analysis, such as examining email open rates, or for enhancing our website and creating new products. In these instances, we might use this anonymised information indefinitely without further notifying you.

When deciding how long to keep your personal information, we take into account its volume, type, and sensitivity, the potential risk of harm from its unauthorised use or exposure, our purposes for processing your information, all relevant legal requirements, and whether those objectives can be achieved by other means.

 

Call Recordings

Call Recording

We may record phone calls for quality assurance, training, and compliance purposes. These recordings may include personal information you provide during the call.

Purpose and Sharing:

Recorded calls help us improve our services and ensure compliance with regulations. We may share these recordings with trusted third-party service providers and partners to help deliver our services. All sharing is done under strict confidentiality agreements and in compliance with data protection laws.

Legal Basis:

We process call recordings based on our legitimate interests in service quality and compliance. When necessary, we obtain your consent before recording.


Cookies

Types of cookies we use

Essential Cookies

These cookies are crucial for the functioning of the website and can't be deactivated in our system. They are typically set up in response to your actions, like setting your privacy preferences, logging in, or completing forms. While you can configure your browser to block or notify you about these cookies, blocking them may result in some parts of the site not functioning. These essential cookies do not collect any personal data that can identify you.

Functionality Cookies

Functionality cookies are used to enhance the performance and personalisation of the website. They might be established by us or by third-party providers whose services we've incorporated into our pages. If you choose not to accept these cookies, some or all of these services might not operate effectively.

Advertising Cookies

Our advertising partners may place these cookies across the site. They use these cookies to create a profile of your interests and display relevant advertisements on other websites. These cookies identify your browser and internet device uniquely. If you opt not to accept these cookies, you will still encounter ads on other sites, but they will not be tailored to your interests.

Turning cookies off

You can block cookies by activating the setting on your browser that allows you to refuse the setting of some or all cookies. However, if you use your browser settings to block all cookies you may not be able to access all or parts of our website, some website features may not work as intended, and your personal data will be less secure.

If you don’t want us, or anyone else, to use cookies in your browser, you can:

  • Remove cookies from your hard drive;
  • Set your browser to block cookies; and
  • Set your browser to send you a warning notice before a cookie is stored on your computer.

 

Prohibition of Screen-Scraping

Definition

For the purposes of this policy, "screen-scraping" refers to the automated process of extracting data from the interface of our website or services, through the use of software agents, bots, or similar technologies, without the express written permission of One Utility Bill Ltd.

Prohibition

One Utility Bill Ltd. strictly prohibits the practice of screen-scraping on its website and any of its digital services or platforms. This prohibition extends to any action intended to access, aggregate, collect, or organise data through automated means that interacts directly with our digital interfaces, as this can compromise the integrity, performance, and security of our services, as well as the privacy and rights of users.

Violations

Violations of this policy may result in immediate termination of access to One Utility Bill Ltd. services, and/or legal action.

Contact Information

If you have any questions about this policy or need further clarification regarding what constitutes screen-scraping, please contact us at data@oneutilitybill.co.

 

Prohibition of Unauthorised Personal Information Submission

Introduction

One Utility Bill Ltd. strictly prohibits the submission of personal information belonging to someone other than the individual using the services this policy covers, or with explicit permission from the owner. 

User Responsibility

By using our application, you affirm that all personal information provided is accurate and belongs to you or you have explicit authorisation from the rightful owner to use it. This includes, but is not limited to, names, email addresses, telephone numbers, and any other personally identifiable information. You are responsible for ensuring that the information you submit does not infringe upon the privacy or rights of any third party.

Prohibition Details

Specifically, you may not:

  • Use a fake name, email address, or phone number that could belong to another real person.
  • Enter any personal information that you do not own or have explicit permission to use.
  • Misrepresent your identity or the identity of others in any way.

Violations

Violations of this policy will be taken seriously and may result in immediate suspension or termination of your access to the application. Additionally, legal action may be taken against individuals who knowingly or negligently misuse personal information.

Reporting Misuse

If you believe that your personal information has been submitted without your consent, please contact us immediately at data@oneutilitybill.co. We will investigate the matter promptly and take the necessary actions to rectify the issue.

 

Our policy towards children

The Services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16 years of age. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our Customer Support team.

 

Changes to This Policy

Our privacy policy is subject to ongoing review. Future modifications to this policy will be updated on this page and, if necessary, communicated to you via email.

We encourage you to regularly visit this page to stay informed about any changes or updates to our privacy policy.

This policy was last updated on the 8th May 2024.

 

Contact Us

For questions about this privacy policy or our privacy practices, contact us by:

Post: One Utility Bill Ltd. 5 Media Exchange, Coquet Street, Newcastle, NE1 2QB

Email: data@oneutilitybill.co

 

Information Commissioner

Our preference is for you to reach out to us initially with any queries regarding our management of your personal data, so we can swiftly address any concerns. Nevertheless, should you remain dissatisfied with our handling of your data, or if you seek further clarification about your data privacy rights, the Information Commissioner’s Office in the UK, an independent body for data privacy, is available for contact at ico.org.uk.