As the operators of the ONZO website, ONZO Limited registered in England and Wales with Company Registration Number 06097997 and having its registered office address at 5th Floor, Capital House, 25 Chapel Street, London, NW1 5DH (“We”, “Us”, “ONZO”) is committed to protecting and respecting your privacy. This Privacy and Cookies Policy (“Policy”) relates to services provided through our website (“Website”) and sets out the basis on which the personal data collected from you, or that you provide to Us will be processed by Us.
Please read the following carefully to understand our views and practices regarding your personal data and how We will treat it.
For the purpose of, the General Data Protection Regulation (“GDPR”), from the GDPR implementation date or, until GDPR implementation date, the Data Protection Act 1998 (collectively the “Data Protection Laws”) :
“Client” means a customer of ONZO – typically a utility company.
“Personal Data” means information that specifically identifies an individual or that is linked to information that identifies a specific individual.
“Public Area” means the area of the Websites that can be accessed both by Users and Visitors, without needing to use a login ID and a password or secret key.
“Visitor” means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Websites.
The Information We Collect on the Website:
We collect different types of information from or through the Website.
User-provided Information. When you use the Website, as a User or as a Visitor, you may provide, and we may collect Personal Data. Examples of Personal Data include name, email address,
Information we collect about you. We may collect information about your use of the Website, e.g. how you use the Website, including pages visited, page response times, time of use and settings.
“Automatically Collected” Information. When a User or Visitor uses the Website, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology, including cookies, “clear gifs” or “web beacons.” This “automatically collected” information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Website, the pages or other content the User or Visitor views or interacts with on the Website, and the dates and times of the visit, access, or use of the Website.
How We Use the Information We Collect
We use the information that we collect in a variety of ways in providing the Website and operating our business, including the following:
To develop and improve the ONZO Website.
We may use aggregated and non-personal information (not related to you specifically) to develop and improve the Website, including troubleshooting, data analysis, testing, research, and statistical purposes. We use the information to understand and analyse the usage trends and preferences of our Visitors and Users, to improve the Website, and to develop new products, Websites, features, and functionality. The legal basis for this is to pursue legitimate interests.
We may use a Visitor’s or User’s email address or other information to contact that Visitor or User (i) for administrative purposes such as customer service, to address intellectual property infringement,. You have the ability to opt-out of receiving any promotional communications.
Cookies and Tracking Technologies
We use automatically collected information and other information collected on the Website through cookies and similar technologies to: (monitor and analyse the effectiveness of Website and third-party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed. You can obtain more information about cookies by visiting http://www.allaboutcookies.org.
We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the Site and identify visitor preferences; but in this case, the data will be in non-identifiable form. We do not use any of this information to identify Visitors or Users.
To Whom We Disclose Information
Except as described in this Policy, we will not intentionally disclose the Personal Data that we collect or store on the Website to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
Non Personally Identifiable Information
We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, Websites, and/or functionality available through the Website.
Law Enforcement, Legal Process and Compliance
We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Website and any facilities or equipment used to make the Website available, or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.
Where we store your personal data
We always strive to process your data within the EU/EEA. The data may however in certain situations be transferred to, and processed in, a destination outside of the EU/EEA by a supplier or subcontractor. In such cases, ONZO will take all reasonable legal, technical, and organisational measures to ensure that your data is treated securely and with an adequate level of protection compared to and in line with at least the level of protection offered within the EU/EEA.
Change of Ownership
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet, and we also employ application-layer security features to further anonymize Personal Data.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Website, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us as set forth in the “How to Contact Us” section.
If we learn of a security systems breach, we will inform you of the occurrence of the breach in accordance with applicable law.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data We hold about you and to check that We are lawfully processing it.
Request correction of the personal data that We hold about you. This enables you to have any incomplete or inaccurate data We hold about you corrected.
Request erasure of your personal data. This enables you to ask Us to delete or remove personal data where there is no good reason for Us continuing to process it.
Object to processing of your personal data where We are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, We may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask Us to suspend the processing of your personal data.
Request the transfer of your personal data to you or to a third party.
Withdraw consent at any time where We are relying on consent to process your personal data.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We only retain the Personal Data collected from a User for as long as the User’s account is active or otherwise for a limited period of time as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
How to contact us
You may always reach out to us on matters of privacy and data protection by sending an email to firstname.lastname@example.org. You may also report complaints regarding our processing to the Information Commissioners Office.