PowerPay Solutions Privacy Policy

Data Collection and Processing

PowerPay Solutions collects various types of personal data to provide and improve our services, including but not limited to information provided during account creation, service usage, and direct communications. This may include identification data, contact details, payment information, and technical data related to energy consumption and device activity.

The legal basis for our data processing activities typically includes the necessity for contract performance, compliance with legal obligations, our legitimate interests, or your explicit consent. We ensure clear consent management procedures are in place for all data processing activities requiring it.

Our primary purposes for processing data include:

• Delivering prepayment electricity metering services and smart meter installations.
• Managing customer accounts and providing technical support.
• Processing billing and payments for utility providers.
• Integrating renewable energy sources and managing energy data.
• Improving our software solutions and user experience.
• Complying with regulatory requirements.

We only share your data with trusted third parties when necessary for service delivery (e.g., payment processors, utility partners for billing) or when legally required. All third-party processors are subject to strict data protection agreements ensuring compliance with GDPR standards.

Your Data Protection Rights

Under the UK General Data Protection Regulation (GDPR), you have fundamental rights concerning your personal data. PowerPay Solutions fully respects and facilitates the exercise of these rights:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete data.
• Right to Erasure (Right to be Forgotten): You can request the deletion of your personal data under certain circumstances.
• Right to Restriction of Processing: You can request us to limit how we use your data.
• Right to Data Portability: You can request your data in a structured, commonly used, machine-readable format.
• Right to Object: You can object to our processing of your personal data in certain situations.
• Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing.

To exercise any of these rights, please contact our Data Protection Officer using the details provided in the introduction. We will respond to all legitimate requests within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent authority for upholding information rights.

Data Security and Protection Measures

PowerPay Solutions employs robust technical and organizational measures to protect your personal data from unauthorized access, accidental loss, disclosure, or destruction. Our security framework includes:

• Encryption Standards: Data is encrypted both in transit and at rest using industry-leading protocols (e.g., TLS 1.2+, AES-256).
• Access Control: Strict access controls and authentication mechanisms ensure that only authorized personnel can access personal data on a need-to-know basis.
• Data Breach Notification: We have a comprehensive incident response plan to promptly detect, assess, and notify relevant authorities and affected individuals in the event of a data breach, as required by GDPR.
• Regular Audits: Our systems undergo regular security assessments, penetration testing, and compliance monitoring to identify and mitigate potential vulnerabilities.
• Employee Training: All PowerPay Solutions staff receive regular training on data protection best practices and their obligations under GDPR.

We are continuously improving our security posture to adapt to evolving threats and maintain the highest level of data protection for our clients and their customers.