We store personal data within our UK and EEA-hosted servers and other third-party databases. These include:
• Microsoft Office 365/Sharepoint (with data stored in Microsoft Azure data centres in the UK)
• Database providers for HR and Customer Relationship Management (CRM) details (such as Huddle, where data is stored on Rackspace data centres in the UK; and JIRA, where data is stored on UK or EU data centres)
• Finance system providers (including Agresso, with information stored on data centres in UK)
We ensure that security controls are in place around these systems, including that access controls are limited to the appropriate staff and contractors needed (for operational purposes) to access those systems. Where we exchange personal data in attachments via email, we also use password-protection and encryption solutions where possible.
Alt HAN Inventory
The Alt HAN Inventory is a database we have developed with building and premise data, which we use to assess residences for their suitability for the deployment of Alt HAN equipment. This may also include information about residents, including Energy Data. We have several security safeguards in place around the Alt HAN Inventory, which involve i) VPN connections for remove logins, or permitting connections from certain buildings or addresses (such as our office) , or; ii) log-on credentials and 2 factor-authentication in a web-based version of the Inventory interface.
We may also transfer your personal data to our clients and third-parties, as detailed below.. Some of these third-party providers may have staff outside the UK or European Economic Area (EEA), and may access personal data, subject to suitable and secure safeguards. Where these are used, we typically ensure that such systems employ appropriate access controls to limit usage only to the necessary staff. These are discussed further in the section below.