Home / Privacy Policy

Privacy Policy

Introduction

At AMP Clean Energy we are committed to protecting your information and take your privacy very seriously. Please read our privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (“GDPR”) as implemented by the Data Protection Act 2018.

1. About this Privacy Policy
2. About AMP Clean Energy
3. Contacting us
4. Data Protection Principles
5. Data we collect
6. How we use your information
7. Email Marketing
8. Sharing your personal information with other organisations
9. Where is your personal data held?
10. Is your personal information transferred outside the UK?
11. Do you have to provide your personal information to us?
12. Monitoring processes that may involve your personal information
13. Automated decision making
14. How long do we keep personal information?
15. Your rights under data protection laws
16. Keeping your data secure
17. Changes to our Privacy Policy

1. About this Privacy Policy

This Privacy Policy applies when you visit our website https://www.ampcleanenergy.com and any mobile site or applications that link to this Privacy Policy (collectively, the “Sites”). It also applies where we are in contact with you in other ways whether in your capacity as an individual or as director, shareholder, partner, employee or other representative of a company or other organisation.

2. About AMP Clean Energy

We are Aggregated Micro Power Holdings Limited (“AMP”, “we”, “our” and “us”), registered in England and Wales at Companies House under company number 08372177. Our registered office is at 1 Dover Street, London, W1S 4LD.

This privacy policy also applies to our subsidiary companies, including:

AMP Biomass Fuel Ltd, registered in England and Wales under number: 05735950 with its registered office at Third Floor, 1 Dover Street, London, W1S 4LD;
AMP Energy Services Limited, registered in England and Wales under number: 07342849 with its registered office at Third Floor, 1 Dover Street, London, W1S 4LD; and
AMP Clean Energy Services Limited, registered in Scotland under number: SC260419 with its registered office at Lochaber Rural Complex, Torlundy, Fort William, Scotland PH33 6SQ

3. Contacting us

If you have any questions about our privacy policy or your information, or to exercise any of your rights as described in this privacy policy on under data protection laws, you can contact us:

By post:
Data Enquiries
AMP Clean Energy
Third Floor, 1 Dover Street
London
W1S 4LD

By telephone:
0808 806 2891

By email:
legal@ampcleanenergy.com

4. Data Protection Principles

In accordance with GDPR, AMP adheres to the following seven statutory principles when processing personal data:

1. Lawfulness, fairness and transparency: personal data is processed in a lawful, fair and in a transparent manner in relation to individuals.
2. Purpose limitation: personal data is only collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
3. Data minimisation: personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
4. Accuracy: personal data must be accurate and, where necessary, kept up to date.
5. Storage limitation: personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
6. Integrity and confidentiality: personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised our unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
7. Accountability: AMP is responsible for, and must demonstrate compliance with, the above six principles.

5. Data we collect

5.1 Information you provide us

You may provide us with personal data when you are introduced to us, when we meet you in person, or when we are in contact by phone, email, via the Sites and when you register on the Sites or otherwise.

The categories of personal data you provide includes (but may not be limited to):

first and last name;
job title and company name;
email address;
phone number;
postal address;
your professional memberships and interests;
billing information, transaction and payment card information;
information to check and verify your identity (e.g. your date of birth);
information to enable us to undertake credit or other financial checks on you;
location data, if you choose to give this to us
demographic information, if you choose to give this to us
dash cam recording from our vehicles; and
CCTV images when you are on our premises.

5.2 Information we collect

We collect most of this information from you directly. We also collect any Personal Data you directly provide to us using the “Contact Us” section of this website. We also record images from the dash cams installed in our vehicles when they are in use as well as recording CCTV images on some of our premises, which may include automatic number plate recognition. In addition, we also work in conjunction with third parties (including, for example, business partners, subsidiaries) and may receive information about you from them.

We may also collect information about you:

from publicly accessible sources e.g. Companies House and HMRC;
from third party sources of information e.g. customer due diligence providers and credit reference agencies;
which you have made public on websites associated with you or your company or on social media platforms such as LinkedIn; and
from a third party e.g. a person who has introduced you to us or other professionals (such as solicitors) you may engage.

5.3 Information we collect online – cookies

If you interact with us online, we use cookies and other technological tools to collect information about your device and your use of our Sites, such as your device’s IP address, your user ID and session identifiers, what pages your device visited, and the time that your device visited our Site.

For more information on cookies, please see our Cookie Policy.

5.4 Special Category Data

We do not generally seek to collect Special Category Data on the Sites.

Special Category Data is defined by GDPR to include personal data revealing sensitive information such as (but not limited to) racial or ethnic origin, religious or philosophical beliefs, sexual orientation or data concerning health.

If we do collect Special Category Data, we will ask for your explicit consent to our proposed use of that information at the time of collection. We will also ensure that the processing is in accordance with the principles set out in section 4 above (‘Data Protection Principles’) and one of the relevant statutory conditions set out in GDPR are met.

6. How we use your information

Under data protection law, we can only use your personal data if we have a proper reason, for example:

where you have given consent;
to comply with our legal and regulatory obligations;
for the performance of a contract with you or to take steps at your request before entering into a contract; or
for our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.

AMP will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you in a timely manner and we will explain the legal basis which allows us to do so.

Where we rely on legitimate interests as a lawful basis, we will carry out a balancing test to balance our interests against your own.

The purposes for which we use and process your information (excluding sensitive personal data) and the legal basis on which we carry out each type of processing are explained below

6.1 To enter into and perform contracts with you

It is necessary for us to process your data in this way in order to take steps before entering into a contract with you and to fulfil our contractual obligations to you.

6.2 To provide you with information and services that you request from us

It is in our legitimate interest to respond to your queries and provide any information requested in order to generate and develop business. To ensure we offer a good and responsive service, we consider this use to be proportionate and will not be prejudicial or detrimental to you.

6.3 To enable you to register on our Sites and access restricted areas, and sign up to e-newsletters.

It is in our legitimate interest to provide our services to you and to register you at your request.

6.4 To send you e-newsletters and marketing communications concerning AMP, market developments or notifications we believe may be of interest to you.

It is in our legitimate interest to promote and market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
You can always opt out of receiving direct marketing-related email communications by sending us an email or by following the unsubscribe link.

6.5 To invite you to events or other functions we believe may be of interest to you.

It is in our legitimate interest to market our services. We consider this use to be proportionate and we will not be prejudicial or detrimental to you.
You can always opt out of receiving direct marketing-related email communications by sending us an email or by following the unsubscribe link.

6.6 To populate our database which we use for marketing purposes.

It is in our legitimate interest to market our services. We endeavour to ensure that the contacts in our database are relevant and up-to-date.
We consider this use to be proportionate and will not be prejudicial or detrimental to you.

6.7 To enforce the terms and conditions and any contracts entered into with you

It is in our legitimate interest to enforce our terms and conditions of service. We consider this to be necessary for our legitimate interests and proportionate.

6.8 To send you information regarding the changes to our policies, other terms and conditions and other administrative information.

It is in our legitimate interest to ensure that any changes to our policies and other terms are communicated to you. We consider this use to be proportionate and will not be prejudicial or detrimental to you.

6.9 Preventing or detecting fraud against you or us

It isIt is in our legitimate interest (and/or those of a third party) to ensure that fraud that could be carried out against you and/or us is minimised.

6.10 Activities necessary to comply with professional, legal and regulatory obligations that apply to our business (e.g. under health and safety law, statutory returns or rules issued by professional regulators)

It is in our legitimate interest to comply with our legal and regulatory obligations

6.11 Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies

It is in our legitimate interest (and/or those of a third party) to comply with our legal and regulatory obligations

6.12 Updating and enhancing customer records

It is in our legitimate interest (and/or those of a third party) to comply with our legal and regulatory obligations and to ensure that we can perform our contract(s) with you or take steps at your request before entering into a contract.

6.13 Preventing unauthorised access and modifications to systems

It is in our legitimate interest (and/or those of a third party) to comply with our legal and regulatory obligations and to prevent and detect criminal activity that could be damaging for you and/or us.

6.14 Operational reasons, such as improving efficiency, training and quality control

It is in our legitimate interest (and/or those of a third party) to be as efficient as we can to deliver the best service to you.

6.15 Ensuring business policies are adhered to (e.g. policies covering security and internet use)

It is in our legitimate interest (and/or those of a third party) to be following our own internal procedures so we can deliver the best service to you.

6.16 Ensuring the confidentiality of commercially sensitive information

It is in our legitimate interest (and/or those of a third party) to protect trade secrets and other commercially sensitive and/or valuable information and also to comply with our legal and regulatory obligations.

7. Email Marketing

We may use your personal data to send you updates (e.g. by email, text message, telephone or post) about our services and to contact you according to your marketing preferences.

For email marketing to an individual subscriber with whom we have not previously engaged as a customer, we need your consent to send you marketing emails.

We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

We have a legitimate interest in using your personal data for marketing purposes (see above ‘6. How we use your information’). This means we do not usually need your consent to send you marketing information. However, where consent is needed, we will ask for this separately and clearly.

Where you provide consent, you may withdraw your consent at any time.

You have the right to opt out of receiving email marketing communications from us at any time by:

Contacting us using the contact details provided above; or
Using the ‘unsubscribe’ link in emails; or
Sending us an email to: legal@ampcleanenergy.com

We respect your privacy and will not share your personal data with third parties except as provided in this Privacy Policy.

We may share information for the purposes above with the following third parties in order to fulfil our contracting obligations:

Companies within the AMP group, including directors, staff and consultants based in the UK
Professional advisors;
Third parties and business partners (for example, contract hauliers) who are a part of delivering your products and providing services, or operating our business (for example, insurers and brokers);
Our bank(s);
Governmental and regulatory bodies such as HMRC, and the Information Commissioner’s Office;
Other organisations and businesses who provide services to us including (but not limited to) debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions;
Credit Reference and Fraud Prevention Agencies (see below); and
Market research organisations and marketing companies who help us to develop and improve our products and services.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

We may also need to:

share personal data with external auditors, e.g. in relation to ISOand/or the audit of our accounts;
disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations; and
share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.

If you would like more information about who we share our data with and why, please contact us (see ‘3. Contacting us’ above).

9. Where is your personal data held?

Personal data may be held at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above (see above: (see 8. Sharing your personal information with other organisations’ as above).

Some of these third parties may be based outside the UK/EEA. For more information, including on how we safeguard your personal data when this happens, see below: ‘9. Is your personal information transferred outside the UK’.

10. Is your personal information transferred outside the UK?

We are based in the UK and have no interests outside the UK or the European Economic Area. Data may be transferred outside of the UK or EU by the customer relationship management platforms that we use.

Should this change in the future, we will make sure that suitable safeguards are in place.

11. Do you have to provide your personal information to us?

We may be unable to provide services or deliver products to you if certain information is not provided to us. We will let you know if the information we request from you is optional.

12. Monitoring processes that may involve your personal information

We may monitor where permitted by law and we will do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described in the sections above.

In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings, website responses, and other communications.

13. Automated decision making

We currently do not use technology that makes automated decisions. However, with technological advancements there may come processes that determine whether to offer you a product or service, price, credit terms and conditions, or payment methods available using automated decision making. If we do this we will advise you where it is involved, with relevant contracts, legal authorisation, or seek your explicit consent if that is required.

14. How long do we keep your personal information?

In principle we will keep your personal information:

For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations; or
For as long as we provide goods or services to you and then for as long as the relevant statutory limitation period applies; or
For as long as retention periods (to comply with legal and regulatory requirements or guidance) specify.

In all instances, we will not keep your personal data for longer than necessary. Different retention periods apply for different types of personal data.

15. Your rights under data protection laws

All individuals have the following rights under GDPR, which can be exercised free of charge:

Access	The right to be provided with a copy of your personal data
Rectification	The right to require us to correct any mistakes in your personal data
Erasure (also known as the right to be forgotten)	The right to require us to delete your personal data – in certain situations
Restriction of processing	The right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the data
Data portability	The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party – in certain situations
To object	The right to object: —at any time to your personal data being processed for direct marketing (including profiling); —in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision making	The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

If you would like to exercise any of those rights, please email, call or write to us—see above: ‘3. How to contact us’ and provide enough information to identify yourself and any additional identity information we may reasonably request from you and let us know what right you want to exercise and the information to which your request relates.

We endeavour at all times to respect and to comply with these rights except where there are legal bases or compliance requirements to retain information contrary to those rights. In such cases we will advise you of the circumstances which prevent us meeting your request and the specific reasons.

For further information on each of those rights, including the circumstances in which they apply, please contact us (see ‘3 – Contact Us’ above) or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights.

You are entitled to lodge a complaint with our data protection regulator, the Information Commissioner’s Office (ICO), if you consider that there has been a breach of your data protection rights. The ICO can be contacted on 0303 123 1113.

16. Keeping your data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

17. Changes to our privacy policy

From time to time, we may change this Privacy Policy. The current version of this Policy will always be available from us in hard copy or on the Sites.

Updated and effective as of 24 November 2022.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wordpress_test_cookie	session	This cookie is used to check if the cookies are enabled on the users' browser.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_130648884_1	1 minute	Set by Google to distinguish users.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	16 years 2 months 19 days 15 hours	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.