Display & App privacy policy

The full name of our company is Green Energy Options Limited (“geo”, “we”, “us” or “our”). geo operates the technology that you are currently using. geo is registered in England & Wales under registration number 5783558. Our registered address is 3 St Mary’s Court, Main Street, Hardwick, Cambridge, CB23 7QS. You can contact us by writing to our Data Protection Officer at our registered address or by email at dpo@geotogether.com.

This geo IHD and App Privacy Notice (“Privacy Notice”) sets out how geo uses, processes and protects any information that you provide or data that is collected when you use a geo In-Home Display product (the “IHD”) and App (together the “Services”). geo is committed to ensuring that your privacy is protected. Should you be asked to provide certain information by which you can be identified (or other “personal data” as defined in the UK Data Protection Act 2018 and/or the UK GDPR when using the Services, you can be assured that it will only be used as outlined in this Privacy Notice.

This Privacy Notice does not explain how geo uses information that you provide on the geo website (https://geotogether.com). For privacy information relating to the website please visit our website privacy policy (https://geotogether.com/terms/privacy/).

This Policy may change from time to time by updating this document and the last reviewed date. You should check this page from time to time or when notified to ensure that you understand and are happy with any changes. By using or continuing to use the Website, you agree to this Policy as in force at the time of that use.

(1) PURPOSE OF THIS PRIVACY NOTICE

This Privacy Notice explains our approach to any personal data that we might collect from you and the purposes for which we process your personal data. This Privacy Notice also sets out your rights in respect of our processing of your personal data.

When we talk about “personal data”, we mean any information which relates to an identified or identifiable living individual. An individual is ‘identified’ or ‘identifiable’ if they can be distinguished from other individuals.

So your Account Data (which we fully define below in What Personal Data We Collect) that you may enter using the App may include your name and contact details and would fall within the definition if personal data. Your Energy Use Data (which we also fully define below in What Personal Data We Collect) collected through the IHD will also fall within the definition of personal data – even though Energy Use Data, on its own, may not include any ‘real world’ identifiers (like your name and contact details).

This Privacy Notice is intended to assist you in making informed decisions when using our Services. Please take a moment to read and understand it.
This Privacy Notice only applies to the use of your personal data obtained by us directly. It does not apply to personal data collected by third parties during your communications with those third parties or your use of their products or services (for example, where your IHD has been provided by your energy supplier and they have collected additional information as part of that process).

(2) HOW TO CONTACT US

If you have any questions about this Privacy Notice or want to exercise your rights as a data subject set out in this Privacy Notice, you can contact us using the following methods:

On Site Contact us using our enquiry form on our website.
Email Send us an email at: dpo@geotogether.com
Post Write to us at: The Data Protection Officer, geo, 3 St. Mary’s Court, Main Street, Hardwick, Cambridge, CB23 7QS

(3) WHAT PERSONAL DATA WE COLLECT

In providing our Services, we may collect and process different types of personal data about you for different processing purposes. The types of personal data we collect depends on who you are and how you use the Services and includes the following:

Account Data Account username; password; purchase/order details; home address; contact preferences; information added by a user via their account (for example, the number of bedrooms in the applicable property).
Mobile Device Data The device type that our geo App is installed on (e.g. device identification numbers).
Behavioural Data How long you spend on the App; what pages you open; what pages you frequent.
geo Device Data Gas consumption (in m3 and/or kWh and cost); Electricity consumption and export (in kWh and cost); Tariffs for energy; Sensor data (temperature and humidity) (if the system is equipped with these sensors); Schedules for specific energy appliances (e.g. heating schedules when the heating system is paired with the geo thermostat).
Location Data Address; postcode.

(4) HOW WE COLLECT AND RECEIVE PERSONAL DATA

We collect and receive personal data using different methods:

Personal data you provide to us We will collect the information directly from you, e.g. when you enter information into the App and when the App or Services are functioning and gathering your energy data.
Personal data received from third parties We may receive personal data about you from third parties. Such third parties may include your energy supplier and third parties that provide technical services to us so that we can provide our Services.

(5) WHO WE COLLECT PERSONAL DATA ABOUT

We collect and process personal data from the following people:

Customers and Users If you buy or use our Services, we may collect and process your personal data in connection with the supply of goods or services to you.

(6) HOW WE USE YOUR PERSONAL DATA

We use your personal data for the purposes set out in this section. If we wish to make any changes to these purposes, or if we wish to use your personal data for any purpose that is not listed in this section, we will notify you using the contact details we hold for you:

Register and access your account
- Personal data used: Account Data, Mobile Device Data, Location Data;
- Explanation: You have to register with the App in order to gain access to certain features and functionality on the App and the IHD. We will use the information you provide to identify you when you log in to your account; so that we can administer and contact you about your account;
To provide you with and/or show your energy consumption data and other energy related data on or via your device
- Personal data used: Geo Device Data
- Explanation: We may display this information on your IHD or via your app. We may provide this information so that you can see when you are in your home how much energy you are using and what it may be costing you. This data may correlate to any input data that you have given, such as your energy tariff information or home temperature.
Develop our products
- Personal data used: Account Data, Mobile Device Data, Behavioral Data, Geo Device Data, Location Data
- Explanation: We use this information to help us to monitor and improve our Services, to assist with the selection of future service lines and to train our personnel
Develop our Services and make the App services better for our customers
- Personal data used: Account Data, Mobile Device Data, Behavioral Data
- Explanation: We will also use the information to understand how you use our App so that we can improve it
Answer your enquiries
- Personal data used: Account Data, Mobile Device Data, Location Data
- Explanation: When you make an enquiry, we will collect this information, as well as any other personal data you volunteer, to enable us to respond to your enquiry.
To manage our relationship with you including notifying you of changes to the App or any Services
- Personal data used: Account Data
- Explanation: We may use your personal data to inform you of any changes to our Services
Comply with our legal obligations and assist with the administration of our business
- Personal data used: Account Data, Mobile Device Data, Behavioral Data, Geo Device Data, Location Data
- Explanation: We may use your personal data: (i) to comply with our legal obligations; (ii) to enforce our legal rights; (iii) to protect the rights of third parties; and (iv) in connection with a business transition such as a merger, reorganisation, acquisition by another company, or sale of any of our assets.
So that we can communicate with your smart meter in order to provide you with the Services
- Personal data used: Account Data
- Explanation: We need to be able to communicate with your smart meter so that we can provide you with your energy information such as consumption information – in order to do this the geo devices will use your address to establish the smart meter link.

(7) OUR LEGAL BASIS FOR PROCESSING YOUR DATA

We will use your personal data where it is necessary for us to do so to perform our obligations in accordance with a relevant contract to which you are a party. This may be a contract that we have entered into with you or a contract that your energy supplier has entered into with you.

We will use your personal data where it is in our legitimate interest to do so. For example, to ensure that we provide access to the App and our Services in a secure and effective way and so that we can make improvements to our Services to best meet your needs. Or, for example, in connection with business transitions, to enforce our legal rights or to protect the rights of third parties.

We will use your personal data where it is necessary for us to do so to comply with any legal obligations imposed upon us, such as a court order or specific regulatory rules.

(8) SHARING PERSONAL DATA

We only share personal data with others when we are legally permitted to do so. When we share personal data with others, we put contractual arrangements and security mechanisms in place to protect the personal data shared and to comply with our data protection, confidentiality and security standards and obligations.

When processing your personal data, we may need to share it with third parties as set out in the table below. This list is non-exhaustive and there may be circumstances where we need to share personal data with other third parties.

Third-party suppliers who provide applications/ functionality, data processing or IT services We share personal data with third parties who support us in providing our Services and help provide, run and manage our internal IT systems. Such third parties may also include, for example, providers of information technology, cloud-based software-as-a-service providers, identity management, hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them. We also share your personal data with third-party service providers to assist us with insight analytics.
Energy companies We may share personal data with your energy supplier where you have a contract with them for the supply of your home energy. We may also share your data with the National Grid so that we can inform you of the best times to use your energy in a cost-efficient way – this forms part of the Services we will provide to you.
Auditors, lawyers, accountants and other professional advisers We share personal data with professional services firms who advise and assist us in relation to the lawful and effective management of our organisation and in relation to any disputes we may become involved in.
Law enforcement or other government and regulatory agencies and bodies We share personal data with law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation.
Another corporate entity in connection with a business transition If we are involved in a business transition such as a merger, reorganisation, acquisition by another company, or sale of any of our assets, we may share or transfer personal data to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Notice.
Other third parties Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, or to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.

(9) TRANSFERS OUTSIDE THE UK AND THE EUROPEAN ECONOMIC AREA (“EEA”)

We may transfer, store and process your personal data outside the UK. Where we do so, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

(10) HOW LONG WE KEEP YOUR PERSONAL DATA

In respect of personal data that we process in connection with the supply of our Services, we may retain your personal data for as long as you are a customer with us and in compliance with our data protection obligations. We may then destroy such files without further notice or liability.

Where we process personal data in connection with the registration and use of an account on our App, we may retain your personal data for up to 7 years from the date that the relevant account is terminated (and in compliance with our data protection obligations). We may then destroy such files without further notice or liability.

(11) CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA

We are committed to keeping the personal data you provide to us secure and we have implemented information security policies, rules and technical measures to protect the personal data under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. In addition, all our employees and data processors (i.e. those who process your personal data on our behalf) are obliged to respect the confidentiality of the personal data of all users of our Services.

(12) PERSONAL DATA OF MINORS

Our Services are not intended for use by, or targeted at, minors (individuals under the age of 18) and we do not knowingly collect personal data of minors. However, this does not prevent minors from providing personal data to us. If we do collect personal data of minors, we will comply with all applicable laws and regulations relating to the processing of personal data of minors.

If you are under the age of 18, you must not use our App or purchase Services from us and you must not provide us with any personal information. If we discover that we are holding the personal data of a minor, we will delete that information as soon as possible. Please contact us if you have reason to believe that a minor may have submitted personal data to us (see the “How to contact us” section above).

(13) YOUR RIGHTS AS A DATA SUBJECT

You have certain rights in relation to the personal data we hold about you. These rights include the right: (i) to obtain copies of your personal data; (ii) to have your personal data corrected or deleted; (iii) to limit the way in which your personal data is used; (iv) to object to our use of your personal data; (v) to transfer your personal data; (vi) not to be subject to decisions based on automated processing (including profiling); and (vii) to complain to a supervisory authority. If you would like to exercise any of these rights, please contact us using the details set out in the “How to Contact Us” section above. For more information, click here.

Your right of access If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data (along with certain other details). If you require additional copies, we may charge a reasonable fee for producing those additional copies.
Your right to rectification If the personal data we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have shared your personal data with others, we’ll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you who we’ve shared your personal data with so that you can contact them.
Your right to erasure You can ask us to delete or remove your personal data in some circumstances, such as where we no longer need it or where you withdraw your consent (where applicable). If we have shared your personal data with others, we will let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.
Your right to restrict processing You can ask us to “block” or suppress the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data or you object to us processing it for a particular purpose. This may not mean that we will stop storing your personal data but, where we do keep it, we will tell you if we remove any restriction that we have placed on your personal data to stop us processing it further. If we’ve shared your personal data with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal data with so that you can contact them directly.
Your right to data portability You have the right, in certain circumstances, to obtain personal data you have provided to us (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer it to your chosen third party.
Your right to object You can ask us to stop processing your personal data, and we will do so, if we are: (i) relying on our own or someone else’s legitimate interest to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or (ii) processing your personal data for direct marketing purposes.
Your rights in relation to automated decision-making and profiling You have the right not to be subject to a decision when it is based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for the entering into, or the performance of, a contract between you and us.
Your right to withdraw consent If we rely on your consent (or explicit consent) as our legal basis for processing your personal data, you have the right to withdraw that consent at any time. You can exercise your right of withdrawal by contacting us using our contact details in the “How to Contact Us” section above or by using any other opt-out mechanism we may provide, such as an unsubscribe link in an email.
Your right to lodge a complaint with the supervisory authority If you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, please contact us using the contact details provided in the “How to Contact Us” section above. You can also report any issues or complaints to the Information Commissioner’s Office (“ICO”). Contact details for the ICO can be found on its website at https://ico.org.uk.

Last reviewed: 10th April 2024

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	Google Analytics sets this cookie, to determine new sessions/visits. __utmb cookie is created when the JavaScript library executes and there are no existing __utma cookies. It is updated every time data is sent to Google Analytics.
__utmc	session	The cookie is set by Google Analytics and is deleted when the user closes the browser. It is used to enable interoperability with urchin.js, which is an older version of Google Analytics and is used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmt	10 minutes	Google Analytics sets this cookie to inhibit request rate.
__utmz	6 months	Google Analytics sets this cookie to store the traffic source or campaign by which the visitor reached the site.
_gat	1 minute	This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

geo (Green Energy Options)