Privacy & Data Protection Statement

Business activities

HYRO Energy Limited (the “Company”) and its subsidiaries are in the business of developing Green Hydrogen Electrolyser (GHE) facilities.

Scope

This Privacy Statement applies to the Company and its subsidiaries. Data protection contact details of these entities can be found below:

Country

Business contact

Regulator contact

UK

HYRO Energy Limited (Company Number 14411495)

Beaufort Court, Egg Farm Lane, Kings Langley, Hertfordshire  WD4 8LR

Attention:  The Company Secretary

Data protection registration number: ZB537855

Information Commissioner’s Office

0303 123 1113

 

Why we may collect data about you

There are many reasons why we may legitimately collect and process your personal information and data, including:

  1. To provide and manage products and services you have requested
  2. To verify your identity, protect against fraud and manage risk
  3. To comply with legal or regulatory requirements
  4. To understand our customers and develop and tailor our products and services
  5. To re-organise or make changes to our business

Basis of collecting and using your data

When we collect your personal data we either have a lawful basis of doing so, or we obtain your consent to do so.

  1. Consent In specific situations, we can collect and process your data with your consent. You may withdraw your consent at any time but please note be aware that this could mean we may have to stop providing certain services to you.
  2. Contractual obligations We may process your information where it is necessary to either into a contract with you for the provision of our products or services or to perform our obligations under that contract or to provide you with advice or guidance in relation to our products or services that are offered by us.
  3. Legal compliance If the law or any regulator in any competent jurisdiction requires us to, we may need to collect and process your data and also provide this to any such regulator
  4. Legitimate interest We may process your information in the day to day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business. In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you.

How we may obtain your data and information

We may obtain information in several ways which may include:

  1. Information which you give to us;
  2. Information that we receive from third parties –who provide services to you or us (including via credit reference agencies, fraud prevention agencies or government agencies), and other banks (where permitted by law);
  3. Information that we learn about you through our relationship with you and the way you operate your accounts and/or services, such as the payments made to and from your accounts;
  4. Information that we gather from the technology which you use to access our services (for example an IP address or telephone number;
  5. Information that we gather from publicly available sources, such as the press, the electoral register, company registers and online search engines.

What information we may collect and process

We collect and process various categories of personal information and data at the start of, and for the duration of, your relationship with us. We will limit the collection and processing of data and information to that which is necessary to achieve one or more legitimate purposes as identified in this Privacy Statement.

  1. basic personal information, including name and address, date of birth and contact details;
  2. financial information, including account and transactional information and history;
  3. Anti-crime and fraud information: information you or third parties provide us that established your identity that enables us to verify that you are neither suspected nor a victim of fraud, other criminal offences, and that your details do not appear on politically exposed persons and sanctions list.

How we use your information

We will only use or disclose your Personal Data for the purposes it was collected for and as disclosed in this Privacy Statement.

Disclosure of your information (including outside of the European Economic Area "EEA")

We may share your personal information within the HYRO Group and with the Company’s shareholders and their affiliates and/or fund managers, including locations outside the UK and EEA, for marketing purposes, for legal and regulatory purposes, to manage risk, to ensure correct information about and to better manage your relationship with us.

We will only share your personal data in compliance with the applicable data protection laws and regulatory requirements.

We may disclose your information to third parties, such as regulatory or law enforcement authorities to:

Transfers may be made outside the EEA where we are satisfied that appropriate safeguards are in place over the transferring and processing of such information or data.

Storage of your personal data (including outside of the "UK")

The data and information that we collect, and process may be transferred to, and stored at, a destination outside of the UK. We will only do so on the basis that anyone to whom we transfer it to, protects it in the same way that we would and such entity or person or other third party is subject to the appropriate safeguards.

Security

We will take all steps reasonably necessary to ensure that your information and/or data is treated securely and in accordance with this Privacy Statement.

We have received your information and/or data, we will use strict procedures and security features to prevent unauthorised access. Unfortunately, the transmission of information via the internet is not completely secure and although we will do our best to protect your information and/or personal data, we cannot guarantee its security completely. Accordingly, in the case of a security breach we do not accept any liability for the direct or indirect loss, theft or misuse of the any information and/or data that you have provided to us.

Your rights

We want to make sure you are aware of your rights in relation to the information and/or data that we process about you. We have described those rights and the circumstances in which they apply:

Access – You have the right to get access to the information and/or data that we hold about you

Rectification – You have a right to rectification of any inaccurate information and/or data and to update incomplete information and/or data that we hold about you.

Erasure – You have a right to request that we delete your information and/or data.

Restriction – You have a right to request that we restrict the processing of your information and/or data.

Portability – You have right to receive the information and/or data you provided to us in a portable format.

Marketing – You have a right to object to direct marketing.

Lodge complaints – If you wish to raise a complaint on how we have handled your information, you can contact our Data Protection Officer who will investigate the matter via e-mail. You also have a right to lodge a complaint with the regulator the Information Commissioner’s Office (ICO). For more information, visit ico.org.uk

How long we keep your information

By providing you with products or services, we create records that contain your information, and/or data such as customer account records, activity records, tax records and lending and credit account records. Records can be held on a variety of media (physical or electronic) and formats.

We manage our records to help us to serve our customers well (for example for operational reasons, such as dealing with any queries relating to your account) and to comply with legal and/or regulatory requirements. Records help us demonstrate that we are meeting our responsibilities and to keep as evidence of our business activities.

Retention periods for records are determined based on the type of record, the nature of the activity, product or service, applicable local legal or regulatory requirements. Retention periods may be changed from time to time based on business or legal and regulatory

We may, on exception, retain your information for longer periods, particularly where we need to withhold destruction or disposal based on an order from the any courts of competent authority, or in relation to an investigation by law enforcement agencies or our regulators. This is intended to make sure that we are able to produce records as evidence, if needed to those respective authorities.

Google reCAPTCHA

We also use Google reCAPTCHA (“ReCAPTCHA”) on our website. This service is provided by Google LLC, of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). ReCAPTCHA analyses the data entered on our website (such as on a contact form) in order to determine whether the user is a real person or a "bot" for the purposes of preventing "automated software" from weighing down our website by automated crawling or spam. The information analysed, which may include the user’s IP address, the typing patterns of the user, the amount of mouse clicks a user has done on the site and the language the user’s browser is using, will be sent to Google. All the information gathered by ReCAPTCHA is being held by Google in accordance with Google Terms of Service and Google Privacy Policy.

Privacy Policy Updates

We may update our policies in relation to the Privacy Statement on this page from time to time, so please do check to make sure you have read the latest version.

April 2023