Privacy Policy notices

Privacy Notice for Energy Suppliers

This privacy notice explains to energy suppliers (“you/your”) how Smart Metering Systems plc and each of our group companies (“we, us, SMS”) uses personal information, which you share with us including about your employees or your end consumers (from both a domestic and I&C perspective).

See our privacy policies on our website specific to i) domestic; and ii) I&C customers, for details on how their personal data may be processed.

This privacy notice covers:-

  • Why we use personal information;
  • What personal information we use;
  • How we use personal information;
  • Individuals’ rights under data protection legislation; and
  • Changes to our privacy policy.

We carry out services relating to gas and electric meters on your behalf (these services include meter installations, maintenance, data services, and management and support services). These services are governed by a contract between us.

We may also require to process your employee’s personal information in the course of carrying out the services.

We require to process the personal information of your end consumers to enable us to carry out certain services for you, or in relation to the energy meters or data relating to them.

Where we are providing services on your behalf, we are acting as a data processor.

In some cases, we may own the gas and/or electricity meters installed at your end consumers properties/premises. Where that is the case we may require to retain personal information to allow us to maintain and manage the assets. In those cases, we may be the data controller. We may also wish to make our services available, to customise them, to understand individuals’ needs, and to provide improved services, newsletters and other communications. In those cases, we are the data controller.

In order to carry out the services for you, we may obtain and process the following information:

  • Name, address and telephone number;
  • Meter reference numbers;
  • Meter readings and usage information;
  • Details relating to the property, such as access information;
  • Energy consumption data; and
  • Details of any of employees or customer’s needs or needs of others in a household such as, age, health or vulnerability status to the extent it may be relevant for the carrying out of the services (for example a disability), to ensure that the service we provide and health and safety considerations are tailored to such vulnerability.
  • In relation to your employees we may require the following:-
  • Name, address and telephone number of your employees, which will normally be business contacts details, unless the employee chooses to provide us with personal contact details.

We take all necessary steps to ensure that personal information is kept safe and confidential during storage, processing and transit (where applicable).

Personal data may be held at our offices, our information processing centres and those of our third party service providers, representatives and agents.

Some of those third parties may be based outside of the UK and/or European Economic Area (“EEA”). For more information, including on how we safeguard personal data when this happens, see below “Transferring personal data outside of the UK and EEA”.

Due to our corporate structure, our group companies will have access to personal data processed in connection with services provided to you. This privacy policy applies to all our group companies, including SMS Connections Limited, SMS Meter Assets Limited, SMS Data Management Limited, UKMA (AF) Limited, SMS Energy Services Limited, CH4 Gas Utility and Maintenance Services Limited, Trojan Utilities Limited, SMS Mapco 1 Limited, Qton Solutions Limited, Solo Energy, Metering Limited, and SMS Data Services Limited,

Under certain circumstances, we may be required to share personal information with our third party suppliers, partners and subcontractors who are assisting with the carrying out of the services and in connection with our business operations. These include:

  • Subcontracted engineering workforce;
  • Outsourced service providers (e.g. call centre services);
  • Insurers;
  • Professional advisors;
  • Logistics providers;
  • Security providers; and
  • Cloud service providers.
  • We may be obliged to disclose personal information to any competent legal or regulatory authority conducting an investigation in relation to criminal activity.

We keep personal information only for so long as we need it. Once we no longer need it, we arrange for it to be deleted from our systems. Where we are required to retain personal information to allow us to maintain and manage the assets, we will do so only for so long as we have maintenance and/or management obligations. We may retain certain personal information for legal or regulatory purposes only.

In some circumstances, we might anonymise personal data (so that it can no longer be associated with an individual) and use this indefinitely.

We (or a third party who we share personal data with) might process that personal data outside of the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of personal data.

When we send data outside of the UK/EEA, we will make sure that the correct safeguards have been put in place to protect personal data, including:

ensuring that the country where any data will be transferred to is subject to an “adequacy decision” by the UK government and/or European Commission. This is to ensure that the particular country ensures an adequate level of protection of personal data under their domestic laws; or
ensuring that there are appropriate safeguards in place, together with enforceable rights and effective legal remedies; or

a specific exception applies under relevant data protection law; or

ensuring that standard, legally approved, data protection clauses recognised or issues further to Article 46(2) of the UK GDPR or EU GDPR (as applicable) are included in our contracts with those third parties.
In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.

  • Right to request a copy of personal information that we process;
  • Right to request that personal information is updated or removed;
  • Right to make a complaint to the Information Commissioner’s Office due to concerns about the way we are processing personal information; and
  • Right to withdraw consent to us processing personal information.

To get in touch with us about any of the above, please email or write to our data protection officer at: dpo@sms-plc.com / Data Protection Officer, SMS plc, 2nd Floor, 48 St Vincent Street, Glasgow, G2 5TS.

SMS reviews this policy regularly. If there are any changes to the way we use personal information, we will update this policy on our website. This privacy policy was last updated on 17 February2022.

If an individual is not happy with our reply to any complaint or thinks our processing of their personal data doesn’t comply with data protection law, a complaint can be made to the Information Commissioner’s Office (ICO). Just use these details: Address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone number: 0303 123 1113

Visit the ICO website

Privacy Notice for Industrial & Commercial Energy Consumers

This privacy notice explains to industrial and commercial energy consumers (“you/your/your company”) how Smart Metering Systems plc and each of our group companies (“we, us, SMS”) uses personal information about your company’s employees.

This privacy notice covers:-

  • Why we use personal information;
  • What personal information we use;
  • How we use personal information;
  • Individuals’ rights under data protection legislation; and
  • Changes to our privacy policy.

We carry out services relating to gas and electric meters on behalf of energy suppliers (these services include meter installations, maintenance, data services, and management and support services). These services are governed by a contract between us and the energy supplier.

We require to process your employee’s personal information when these services are to be carried out for an energy supplier at your premises/site, or in relation to your energy meters or data relating to them (because you have a contract with, or are entering into a contract with, the energy supplier).

Where we are providing services on behalf of a third party, we are acting as a data processor.

In some cases, we may own the gas and/or electricity meters installed at your premises/site. Where that is the case we may require to retain your employees’ personal information to allow us to maintain and manage the assets. In those cases, we may be the data controller.

We may also wish to make our services available, to customise them, to understand individuals’ needs, and to provide improved services, newsletters and other communications. With your agreement, we may request to contact you about our or our business partners’ promotions, products and services or other information which we think you may find interesting, or for customer satisfaction purposes (including contact by email), and for market research, analysis, testing, monitoring, risk management and administrative purposes (including diagnosing technology problems which may be reported to us). In those cases, we are the data controller.

In order to carry out these services, we may obtain (either from the energy supplier or from your employees directly) and process the following information: –

  • Name, address and telephone number of your employees, which will normally be business contacts details, unless the employee chooses to provide us with personal contact details;
  • Meter reference numbers;
  • Meter readings and usage information;
  • Details relating to the premises or site, such as access information; and
  • Details of any vulnerability status of any of your employees or persons on site, to the extent it may be relevant for the carrying out of the services (for example a disability), to ensure that the service we provide and health and safety considerations are tailored to such vulnerability.

We take all necessary steps to ensure that personal information is kept safe and confidential during storage, processing and transit (where applicable).

Personal data may be held at our offices, our information processing centres and those of our third party service providers, representatives and agents.

Some of those third parties may be based outside of the UK and/or European Economic Area (“EEA”). For more information, including on how we safeguard your personal data when this happens, see below “Transferring your personal data outside of the UK and EEA”.

Due to our corporate structure, our group companies will have access to your personal information. This privacy policy applies to all our group companies, including SMS Connections Limited, SMS Meter Assets Limited, SMS Data Management Limited, UKMA (AF) Limited, SMS Energy Services Limited, CH4 Gas Utility and Maintenance Services Limited, Trojan Utilities Limited, SMS Mapco 1 Limited, Qton Solutions Limited, Solo Energy, Metering Limited, and SMS Data Services Limited,

Under certain circumstances, we may be required to share your personal information with our third party suppliers, partners and subcontractors who are assisting with the carrying out of the services and in connection with our business operations. These include:

  • Subcontracted engineering workforce;
  • Outsourced service providers (e.g. call centre services);
  • Insurers;
  • Professional advisors;
  • Logistics providers;
  • Security providers; and
  • Cloud service providers.
  • We may be obliged to disclose personal information to any competent legal or regulatory authority conducting an investigation in relation to criminal activity.

We keep personal information only for so long as we need it. Once we no longer need it, we arrange for it to be deleted from our systems. Where we are required to retain personal information to allow us to maintain and manage the assets, we will do so only for so long as we have maintenance and/or management obligations. We may retain certain personal information for legal or regulatory purposes only.

In some circumstances, we might anonymise personal data (so that it can no longer be associated with an individual) and use this indefinitely.

We (or a third party who we share personal data with) might process that personal data outside of the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of personal data.

When we send data outside of the UK/EEA, we will make sure that the correct safeguards have been put in place to protect personal data, including:

ensuring that the country where any data will be transferred to is subject to an “adequacy decision” by the UK government and/or European Commission. This is to ensure that the particular country ensures an adequate level of protection of personal data under their domestic laws; or
ensuring that there are appropriate safeguards in place, together with enforceable rights and effective legal remedies; or
a specific exception applies under relevant data protection law; or

ensuring that standard, legally approved, data protection clauses recognised or issues further to Article 46(2) of the UK GDPR or EU GDPR (as applicable) are included in our contracts with those third parties.
In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.

  • Right to request a copy of personal information that we process;
  • Right to request that personal information is updated or removed;
  • Right to make a complaint to the Information Commissioner’s Office due to concerns about the way we are processing personal information; and
  • Right to withdraw consent to us processing personal information.

To get in touch with us about any of the above, please email or write to our data protection officer at: dpo@sms-plc.com / Data Protection Officer, SMS plc, 2nd Floor, 48 St Vincent Street, Glasgow, G2 5TS.

SMS reviews this policy regularly. If there are any changes to the way we use personal information, we will update this policy on our website. This privacy policy was last updated on 17 February2022.

If an individual is not happy with our reply to any complaint or thinks our processing of their personal data doesn’t comply with data protection law, a complaint can be made to the Information Commissioner’s Office (ICO). Just use these details: Address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone number: 0303 123 1113

Visit the ICO website

Privacy Notice for Domestic Consumers

This privacy notice explains to individuals (including domestic energy customers) (“you/your”) how Smart Metering Systems plc and each of our group companies (“we, us, SMS”) uses your personal information.

This privacy notice covers:-

  • Why we use your personal information;
  • What personal information we use;
  • How we use your personal information;
  • Your rights under data protection legislation; and
  • Changes to our privacy policy.

We may process your personal data in connection with services which we provide on your behalf or in connection with services we provide to a third party (such as energy suppliers or registered social landlords). These services are governed by a contract between us and the third party.

We require to process your personal information when these services are to be carried out at your property or in relation to your energy meters or other assets installed at your property or data relating to them (because you have a contract with, or are entering into a contract with, the energy supplier or other third party).

Where we are providing services on behalf of a third party, we are acting as a data processor.

In some cases, we may own the gas and/or electric meters or other assets (such as solar PV panels or battery storage systems) installed at your property. Where that is the case, we may require to retain personal information to allow us to maintain and manage the assets. In those cases, we may be the data controller. We may also wish to make our services available, to customise them, to understand individuals’ needs, and to provide improved services, newsletters and other communications. With your agreement, we may request to contact you about our or our business partners’ promotions, products and services or other information which we think you may find interesting, or for customer satisfaction purposes (including contact by email), and for market research, analysis, testing, monitoring, risk management and administrative purposes (including diagnosing technology problems which may be reported to us). In those cases, we are the data controller.

In order to carry out these services, we may obtain (either from the energy supplier or from you directly) and process the following information: –

  • Name, address and telephone number;
  • Meter reference numbers;
  • Meter readings and usage information;
  • Details relating to the property, such as access information;
  • Energy consumption data; and
  • Details of any of your needs or the needs of others in your household such as, age, health or vulnerability status to the extent it may be relevant for the carrying out of the services (for example a disability), to ensure that the service we provide and health and safety considerations are tailored to such vulnerability.
  • How we process your personal information

We take all necessary steps to ensure that personal information is kept safe and confidential during storage, processing and transit (where applicable).

Personal data may be held at our offices, our information processing centres and those of our third party service providers, representatives and agents.

Some of those third parties may be based outside of the UK and/or European Economic Area (“EEA”). For more information, including on how we safeguard your personal data when this happens, see below “Transferring your personal data outside of the UK and EEA”

Due to our corporate structure, our group companies will have access to your personal information. This privacy policy applies to all our group companies, including SMS Connections Limited, SMS Meter Assets Limited, SMS Data Management Limited, UKMA (AF) Limited, SMS Energy Services Limited, CH4 Gas Utility and Maintenance Services Limited, Trojan Utilities Limited, SMS Mapco 1 Limited, Qton Solutions Limited, Solo Energy, Metering Limited, and SMS Data Services Limited,

Under certain circumstances, we may be required to share your personal information with our third party suppliers, partners and subcontractors who are assisting with the carrying out of the services and in connection with our business operations. These include:

  • Subcontracted engineering workforce;
  • Outsourced service providers (e.g. call centre services);
  • Insurers;
  • Professional advisors;
  • Logistics providers;
  • Security providers; and
  • Cloud service providers.

We may be obliged to disclose personal information to any competent legal or regulatory authority conducting an investigation in relation to criminal activity.

We keep personal information only for so long as we need it. Once we no longer need it, we arrange for it to be deleted from our systems. Where we are required to retain personal information to allow us to maintain and manage the assets, we will do so only for so long as we have maintenance and/or management obligations. We may retain certain personal information for legal or regulatory purposes only.

In some circumstances, we might anonymise your data (so that it can no longer be associated with you) and use this indefinitely.

We (or a third party who we share personal data with) might process that personal data outside of the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.

When we send data outside of the UK/EEA, we will make sure that the correct safeguards have been put in place to protect your personal data, including:

  • ensuring that the country where any data will be transferred to is subject to an “adequacy decision” by the UK government and/or European Commission. This is to
  • ensure that the particular country ensures an adequate level of protection of personal data under their domestic laws; or
  • ensuring that there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
    a specific exception applies under relevant data protection law; or
  • ensuring that standard, legally approved, data protection clauses recognised or issues further to Article 46(2) of the UK GDPR or EU GDPR (as applicable) are included in our contracts with those third parties.

In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.

As an individual, you have the following rights :-

  • Right to request a copy of your personal information that we process;
  • Right to request that your personal information is updated or removed;
  • Right to make a complaint to the Information Commissioner’s Office due to concerns about the way we are processing your personal information; and
  • Right to withdraw consent to us processing your personal information.

To get in touch with us about any of the above, please email or write to our data protection officer at: dpo@sms-plc.com / Data Protection Officer, SMS plc, 2nd Floor, 48 St Vincent Street, Glasgow, G2 5TS.

SMS reviews this policy regularly. If there are any changes to the way we use personal information, we will update this policy on our website. This privacy policy was last updated on 17 February2022.

If an individual is not happy with our reply to any complaint or thinks our processing of their personal data doesn’t comply with data protection law, a complaint can be made to the Information Commissioner’s Office (ICO). Just use these details: Address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone number: 0303 123 1113

Visit the ICO website

Privacy Notice for Investors

This privacy notice explains to our investors (“you/your/investor”) how Smart Metering Systems plc and each of our group companies (“we, us, SMS”) uses personal information.

This privacy notice covers:-

  • Why we use personal information;
  • What personal information we use;
  • How we use personal information;
  • Individuals’ rights under data protection legislation; and
  • Changes to our privacy policy.

We process your personal information because you are one of our investors. We are required to process this information to allow us to undertake and comply with our legal and regulatory obligations applicable to public limited companies, and to allow us to contact you.

We may wish to make certain communication channels available to you, to customise our communications to you, to understand your needs, and to provide improved investor opportunities to you. With your agreement, we may request to contact you about information which we think you may find interesting, or for investor satisfaction purposes (including contact by email), and for risk management and administrative purposes. In these cases, we are a data controller.

In order to carry out the above, we shall obtain, either from you directly, or from your employer or other business contacts with whom we have a relationship in common, and process the following information:-

  • Contact details such as name, address, telephone number and email address; and
  • Identification details such as signatures and job titles.

We take all necessary steps to ensure that personal information is kept safe and confidential during storage, processing and transit (where applicable).

Personal data may be held at our offices, our information processing centres and those of our third party service providers, representatives and agents.

Some of those third parties may be based outside of the UK and/or European Economic Area (“EEA”). For more information, including on how we safeguard your personal data when this happens, see below “Transferring your personal data outside of the UK and EEA”.

Due to our corporate structure, our group companies will have access to your personal information. This privacy policy applies to all our group companies, including SMS Connections Limited, SMS Meter Assets Limited, SMS Data Management Limited, UKMA (AF) Limited, SMS Energy Services Limited, CH4 Gas Utility and Maintenance Services Limited, Trojan Utilities Limited, SMS Mapco 1 Limited, Qton Solutions Limited, Solo Energy, Metering Limited, and SMS Data Services Limited,

Under certain circumstances, we may be required to share your personal information with our third party suppliers, partners and subcontractors that we engage in order for us to comply with our legal and regulatory obligations as a public limited company. This includes where a third party manages our share register, where we wish to contact you about your investor experiences and we engage a third party to do this on our behalf, and or where we use a third party IT service provider (including security providers and cloud service providers) to provide a customer relationship management system in which we store and manage our investor details.

Where you are a significant major shareholder, this information is reported in line with our legal obligations on our website. We may be obliged to disclose personal information to any competent legal or regulatory authority conducting an investigation in relation to criminal activity.

We keep personal information only for so long as we need it. Once we no longer need it, we arrange for it to be deleted from our systems. Where we are required to retain personal information to allow us to comply with legal or regulatory obligations as a public limited company, we will do so only for so long as we need to.

We (or a third party who we share personal data with) might process that personal data outside of the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of personal data.

When we send data outside of the UK/EEA, we will make sure that the correct safeguards have been put in place to protect personal data, including:

  • ensuring that the country where any data will be transferred to is subject to an “adequacy decision” by the UK government and/or European Commission. This is to ensure that the particular country ensures an adequate level of protection of personal data under their domestic laws; or
  • ensuring that there are appropriate safeguards in place, together with enforceable rights and effective legal remedies; or
  • a specific exception applies under relevant data protection law; or
  • ensuring that standard, legally approved, data protection clauses recognised or issues further to Article 46(2) of the UK GDPR or EU GDPR (as applicable) are included in our contracts with those third parties.

In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy

Individuals have the following rights relating to personal data processed about them :-

  • Right to request a copy of personal information that we process;
  • Right to request that personal information is updated or removed;
  • Right to make a complaint to the Information Commissioner’s Office due to concerns about the way we are processing personal information; and
  • Right to withdraw consent to us processing personal information.

To get in touch with us about any of the above, please email or write to our data protection officer at: dpo@sms-plc.com / Data Protection Officer, SMS plc, 2nd Floor, 48 St Vincent Street, Glasgow, G2 5TS.

SMS reviews this policy regularly. If there are any changes to the way we use personal information, we will update this policy on our website. This privacy policy was last updated on 17 February2022.

If an individual is not happy with our reply to any complaint or thinks our processing of their personal data doesn’t comply with data protection law, a complaint can be made to the Information Commissioner’s Office (ICO). Just use these details: Address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone number: 0303 123 1113

Visit the ICO website