GDPR Privacy Notice
Electric Ireland is the retail division of the Electricity Supply Board (ESB). Electric Ireland supplies electricity, gas and energy services to over one million households and 70,000 businesses in the Republic of Ireland and Northern Ireland. For purposes of data protection law, the following are the “data controllers” all of whom trade as Electric Ireland:
- Republic of Ireland domestic customers:Electricity Supply Board
- Republic of Ireland business customers: ESB Independent Energy Limited
- All Northern Ireland customers: ESB Independent Energy (NI) Limited
We respect your privacy
This privacy notice applies to the use of personal data by Electric Ireland. It explains what information we collect, how we use it, who we share it with and how we protect it. It also details the rights available to you in relation to how we hold and use your personal data, how to exercise those rights, and what to do if you require more information or wish to make a complaint.
This privacy notice applies to all personal data we hold, irrespective of any relationship with us. For example, we may hold information about current customers, previous customers, prospective customers and competition entrants.
Why we collect your Personal Data
We collect your personal data so that we can manage our relationships with you. Activities that we require personal data for include:
- Performance and maintenance of a supply contract
- Provision of other services
- Improving our existing products and services
- Developing new services
- Responding to requests and providing information
- A range of other activities which we are obliged to undertake, or which we have gained consent to complete
We ensure that the information we collect is appropriate to the purposes for which it is obtained.
Security of your Personal Data
We keep our computer systems, files and buildings secure by following legal requirements and international security guidance. We make sure that our staff, and anyone with access to personal data that we are responsible for, is fully trained on how to protect personal data. We ensure that our processes clearly identify the requirements for managing personal data and that they are up to date. We regularly audit our systems and processes to ensure that we remain compliant with these policies and legal obligations.
Types of Personal Data we may hold and where it comes from
At Electric Ireland, we recognise the importance of personal data entrusted to us. We may collect and hold a range of information about you. Examples of the types of information we may hold includes:
- Information about you and your premises; this includes contact information and personal security information that you have provided to us, to help us correctly identify you when you contact us.
- Information about your current and past use of electricity and/or gas.
- Smart meter data which may include half hourly granular electricity consumption data, where you have consented to its collection or where you have entered into a contract for services which utilise/require that Smart Meter data.
- Information about how you use other products and services that we supply.
- Information about your interactions with us.
- Information provided by you when you take part in competitions we organise.
- Information about customer’s special requirements where continuity of energy supply is critically important. This information is captured if you apply to be registered on our Special or Priority Services Register.
- Recordings of telephone conversations between you and our customer support teams.
- Your contact details: information that allows us to contact you directly including your name, email address, telephone number and addresses associated with your account.
- Details of other people linked to your account: if you have nominees, executors, or people with a power of attorney, their details will be linked to your account.
- Payment information and account history: purchase history, credit/debit card details and bank account details you provide to make payment for the products and services you purchase from us; your payment method and history.
- Meter and energy consumption information: information about your meter (GPRN and/or MPRN) and how much energy is used at your premises.
- Credit information: information that allows us to understand your creditworthiness.
- How you use mobile applications and websites: when you use our applications or websites, we collect information about the pages you look at on our website and how you use them, your device type, operating system and browser type.
We collect most of this information directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, using our website or on social media and web chat). Some information is collected as a result of individuals using our services, or interacting with us. We may also obtain information about individuals from external parties, such as credit reference agencies.
Our websites use ‘cookies’ to help us provide users with a better experience each time they visit. A cookie is a small piece of text that is placed directly on a device when it is used to visit a website. This helps to give the user a better experience when using the website. The information gathered by the cookie stays on the user’s device.
We use information gathered from cookies to help improve users’ experience on our website, for security, and to personalise content and advertising. For example, cookies help us to identify that the device has visited our site before, allowing us to customise the experience based on previous browsing history. It also helps us to determine the most relevant, related products to show that user when they are browsing. Further information about the type of cookies that we use and their purpose is available in the Cookies Policy.
How long we keep data
Information collected by us will be held for as long as it is required to fulfil the purpose it was collected for and to protect our business and our rights. We are required to keep certain types of information for a specific period of time in order to comply with legal requirements. The length of time we keep any part of your personal information will depend on the type of information and the purpose for which it was obtained.
How we may use Personal Data
We use personal data so that we can, in accordance with our customer contracts, provide our services and perform general account management. In addition, we may also use personal data in some of the following ways:
We process some of your personal information in order meet with our regulatory obligation requirements and we also required by law to obtain this information as we are a licensed electricity and gas supplier.
- Providing products and services to you and maintaining your account
- Setting up new accounts and billing arrangements
- Performance and maintenance of a supply contract
- Generating and sending invoices
- Monitoring payment activity and managing debt
- Delivering service communications
- Discussing and responding to requests for information or general account queries
- Providing requested information about our products and services
We process the following personal information we have a legal obligation to do so:
- For the purpose of safeguarding someone’s vital interests, national security, responding to statutory obligations or requests from the courts and enforcement authorities
- In the detection and prevention of fraud and other crime
- To enable us to comply with obligations imposed by Commission for Regulatory of Utilities Water and Energy
- To provide limited account information to other energy suppliers in the event of a customer switching supplier
- To protect or enforce our rights or the rights of any third party
We process the following personal information as we have a legitimate interest to do so:
- Maintaining and improving our products and services. For example enhancing pricing structures, business operations, and or analysing performance of advertising / marketing campaigns.
- Market Surveys, research and analytics
- Direct marketing – Products and services (in accordance to your marketing preferences, you will also be given an opportunity to unsubscribe from direct marketing)
- Making credit decisions / Debt flagging
- Developing new products and services that maybe of interest to you. – Demographical, behaviours, interests and habits maybe taken in to consideration.
- Analysing account and payment activities to help identify alternative, or more appropriately tailored price plans and payment schedules that could be offered
- Monitor product (Electricity/Gas or other offerings) usage
- Running loyalty and reward programs you have signed up to
- Smart Services in order to develop choice and information that may be of benefit to you.
Activities that require your consent
In order for us to carry out certain activities using your personal data, we may need to ask for your consent.
When consent is being requested, we will provide options, such as the choice of whether we may contact you by phone, post, email, text or through other digital media.
Where we require consent, we will explain why, and provide sufficient information to allow you to make an informed decision.
When we receive consent to perform such activities, that consent may be withdrawn at any time by contacting us.
Should there be any reason for us to collect special category information (e.g. medical data), we ask for consent to collect it. Before consent is given, we explain what information will be collected and what we will use it for. Again, this consent can be withdrawn at any time by contacting us.
Electric Ireland may contact you for direct marketing purposes via Email, Phone, Post and/or SMS where we have received your consent to do so.. You will only receive communication on the channel that you have opted in to. We will always give you an option of unsubscribing from direct marketing via the channel you received the communication.
Who we share information with
We may share your personal data with, or disclose your personal data to, the following categories of third party:
- Network Operators: In order to meet our Licence and Regulatory requirements we are required to share certain personal data, including contact details, with the Network Companies – Electricity Supply Board Networks (ESBN) and Gas Networks Ireland (GNI). We may also receive details of suspected fraud or energy theft for the purposes of identifying and preventing fraud or crime.
- Energy market participants: as a participant in the Irish energy market, we are required by the Commission for Regulation of Utilities (CRU) in Ireland to provide some limited account information to other energy market participants when a customer is switching energy supplier.
- Agents or suppliers: These are contract bound persons or companies to provide products or services that we use in conducting our business, including managing our relationship with our customers. In many cases, they will be within the European Economic Area (EEA) but in some cases they may be outside of the EEA. We will only share or disclose to these parties the information that they need in order to provide the products or services, and will require those parties to ensure that the information is always adequately protected.
- Professional advisers: we may share or disclose personal data to professional advisers we may engage for any reasonable purpose in connection with our business, including assistance in protecting our rights.
- Advertising / Marketing partners: We may share or disclose personal data in order to run advertising campaigns and conduct market research and analysis. These are contracted third parties.
- Other external bodies: in certain circumstances, we may be required by law to disclose personal data to external bodies, such as local authorities, government departments or An Garda Síochána. In these cases, we will only disclose the minimum amount of information required to satisfy our legal obligation. However, once the information is disclosed, we will not be able to control how it is used by those bodies.
How to contact us
The collection and use of your data by Electric Ireland is overseen by the ESB Group Data Protection Officer. If you wish to contact our Data Protection Officer, you can email firstname.lastname@example.org or via post at Data Protection Officer, ESB Head Office, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92. If you wish to speak with an Electric Ireland customer service representative, you can contact our Customer Support Centre on 1800 372 372.
How we address your rights
As Electric Ireland captures, stores and processes your personal information in order to carry out a range of services and activities, you have a range of rights available to you to give you confidence that your information is appropriately managed.
The rights that you have available to you include:
Gaining access to and copies of your personal data: you are entitled to receive, on request and free of charge, a copy of all your personal data that we hold. There are some limitations to this right. For example, if the data also relates to another person and we do not have that person’s consent, or if the data is subject to legal privilege. Where there is data that we cannot disclose, we will explain this to you. To request a copy of your data, please complete the form at esb.ie/dataprotection.
Ensuring that your data is accurate: our aim is to ensure that the data we hold about you is correct and up to date. From time to time we may contact you to verify the information that we hold. You may also contact us to correct any errors that you notice.
Granting or Removing consent: where we require your consent for any processing, for example, to provide you with direct marketing communications, we will clearly explain what the consent is for, and any consequences of giving or refusing consent, and will provide that consent can only be given by way of a positive action by you. We will also ensure that you are able to withdraw any such consent at any time.
Restricting processing of your data: you have the right to request us to restrict the processing of your personal data in certain circumstances, for example, if there is a dispute over our rights to carry out specific processing activities, or where you do not want us to delete data. We will respond promptly to your request and will provide an explanation if we cannot fully comply.
Deletion of your data: in certain circumstances, you may have the right to have some or all of your personal data deleted from our records. This is sometimes referred to as the “right to be forgotten”. This may occur if, for example, we retain data which is no longer required by us, or if you withdraw a consent. If you continue to have a relationship with us, we must retain the data we need to manage this relationship. We will respond promptly to your request, and provide reasons if we object to the deletion of any of your personal data.
Moving your data: where it is possible for us to provide it, you have the right to receive a digital copy of the personal data that you have provided to us.
International Transfers of Data: in certain circumstances, we may transfer your personal information internationally, including outside of the European Economic Area (EEA). Should we do this, we ensure that all transfers are made in accordance with data protection law and that your data it will be given an equivalent level of protection that it has when it is being managed in Ireland.
How to make a complaint
If for any reason you have a complaint about our use of your personal information, or you are unhappy in any way with the information we provide to you, we would like you to contact us directly so that we can address your complaint. You can contact us via our customer support centre on 1800 372 372, by email at email@example.com or by postal mail at Data Protection Officer, ESB Head Office, 27 Fitzwilliam Street Lower, Dublin 2, D02 KT92. You may also contact the Data Protection Commission in Ireland on 1800 437 737, by email at firstname.lastname@example.org or by postal mail at Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28.
Changes to our privacy notice
We will occasionally update this privacy notice. We will post a notice of any material changes on our website prior to implementing the changes, and, where appropriate, notify you using any of the contact details we hold for you for this purpose. We encourage you to periodically review this notice to be informed of how we use your information.
What is a cookie
A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device.
Cookies make it easy for websites to collect precise user-specific information about their visitors. This generally makes it simpler for you to navigate the web and enjoy a personalised experience.
Many cookies do essential jobs. For example, authentication cookies identify who you are when you try to log into an account. Other types of cookies enable you to shop online, storing items as you add them to your virtual shopping basket.
Types of cookie
Cookies can be either temporary (session cookie) or permanent (persistent cookie).
Session cookies are stored in your device’s temporary memory – not on your hard drive – while you’re browsing a website. Usually these cookies are deleted when you close the browser. If you were to reopen the browser and revisit the website, the site would not ‘remember’ that you had visited previously. Session cookies remain active only until you leave a site.
Persistent cookies remain stored on your hard drive, persisting from session to session until you delete them or they reach a set expiration date. Persistent cookies can store information such as log-in details, bookmarks, credit card details and preferred settings and themes - resulting in a faster and smoother web journey.
How to control cookies
You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
The cookies we use on our website can be grouped into four different categories.
Strictly necessary cookies: are essential in order to enable you to navigate around our website and use its features. Without these cookies, we would be unable to provide you with the services you have asked for.
Functionality cookies: allows our website to remember choices you make and help to provide an enhanced, more personal experience on our website.
Performance cookies: helps us improve our website and our online services. These cookies gather information about how our site is used, including which pages are visited most often. This helps us to provide a better user experience. These cookies are anonymous – which means that they won’t collect information to identify you.
Targeting & Advertising cookies: are used to help us better understand our advertising campaigns and how we can make these more relevant to you. These cookies are also anonymous, they won’t collect information to identify you.
Our website can send cookies to your web browser if your browser's preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows. Electric Ireland’s website, including the customer account portal, requires cookies to be enabled in order for the service to function properly. If you disable cookies, you may not be able to avail of some of our online services. If you use the website without changing your settings, we’ll assume that you are happy to receive all cookies on the Electric Ireland website.
Page Updated: July 2022