Privacy Statement - Commission for Regulation of Utilities

This statement relates to our privacy practices and policies for our website. CRU are not responsible for the content or privacy practices and policies of other websites. Any external links to other websites are clearly identifiable as such.

CRU acts as data controller in relation to information held about you for the purposes of the Data Protection Acts. We fully respect your right to privacy and we will not collect any of your personal data on this website without your clear and explicit permission .

We will use the information you provide in the provision of a complaints resolution service to customers with an unresolved dispute with their energy supplier or network operator and the provision of information regarding the same as prescribed under S.I. 463 of 2011 or with Irish Water as prescribed under the Water Services Act 2014. In fulfilling this remit the CRU gathers the following: Name, address, phone number, email address, compliant reference number, account number or MPRN or GPRN . Your information may also be used for these purposes, for a short period after your query/compliant has been resolved. Thereafter we will only contact you if you expressly request us to do so.

In order to provide you with these services, this information will be held in the data systems of CRU or by our agents or subcontractors. We take our security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our security measures and procedures regularly.

When you contact us, you may receive a phone call and/or email in relation to that contact. If you would prefer not to receive such communications, please let us know.

In addition to the administration of your query / complaint we may also use your data:

Where we are entitled to do so under the Data Protection Acts

We may share your personal information with utility suppliers to aid the efficient processing of your query or compliant .

You may inform us of any changes in your Personal Data that we retain.

Rights relating to your personal data

In accordance with our obligations under the Data Protection Acts 1988 and 2003 you have a right to find out, free of charge, if CRU holds information about you. You also have a right to be given a description of the information and to be told the purpose(s) for holding your information. You must make the request in writing and CRU will send you the information within 21 days.

You also have the right to request a copy of the information we hold about. A Subject Access Request must be completed in writing and sent to our Data Protection Officer at the following address:

Data Protection Officer, CRU

The Grain House

The Exchange

Belgard Square North,

Tallaght, Dublin 24, D24 PXW0

You should also include any additional details that would help to locate your information – for example, a customer account number or reference number. You may be asked for evidence of your identity to make sure that personal information is not given to the wrong person.

We will charge you a fee (prescribed by law) of €6.35 to respond to your Subject Access Request. We will respond to your request within 40 calendar days of receiving it. If you supply us with your e-mail address, we will respond to you in that medium. Otherwise, you must provide us with your full name and home address (with your Eircode) for us to be able to respond to you.

In addition, when requested by you CRU will act to have your personal data updated, corrected, or deleted from our database. Please make your request in writing and CRU will respond to your request within 40 calendar days of receiving it.

Use of website

We may also record additional information on the web pages you have visited and the contents of those web pages, any information you input, your referring URL or IP address, your time of visit and related session information, your requested page, web browser type, USR agent, status of request (successful reply), cookies, number of bytes in the response, and query string and any information or technical detail your browser is sending to us. IP addresses are not linked to personally identifiable information. We use this information to better understand website usage in the aggregate so that we know what areas of our website users prefer. This information is stored in log files and is used for statistical reporting.

Cookies

A Cookie is a small, electronic file that can be downloaded on to your mobile phone/smartphone, laptop, PC, or other device when you use our websites. A Cookie allows our websites to “recognise” and remember your device and, for example, certain preferences that you choose when accessing our websites. We may collect basic information using cookies about the way you have used the site.

We may also occasionally use cookies to recognise you as a site user and to personalise your visit in order to improve your user experience of our websites. This information will be used to improve the content of our website and help us provide you with a better experience and will not be shared with any third party or identify you personally in this way.

Most browsers automatically accept cookies. You can set your browser so that you will not receive cookies and you can delete existing cookies from your browser. Your browser’s privacy settings screens will tell you how to do this. However, you may find that some parts of the site will not function properly if you refuse cookies. Google has created a browser add-on to allow users prevent their data from being used by Google Analytics for more information see the Google Analytics Opt-out Browser Add-on.

cru.ie uses functional cookies for web analytics, we do not use marketing cookies for user tracking or targeted advertising. The cookies gather general demographic data (such as age, gender, and interests) on visitors but do not collect any personally identifiable information

Security

We take our security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our security measures and procedures regularly. Any area of our site that is used to capture your personal information will always be in a secure session using Secure Socket Layer (SSL) encryption , which is the industry standard.

Fraudulent Emails Warning

CRU will never contact you by email to request an update of your personal or private information. If you receive any such emails please contact us immediately.

Change to Statement

We may occasionally update this privacy statement. Therefore we would suggest you periodically review this statement to stay informed about how we are meeting our obligations under the Data Protection Acts. Your continual use of the service constitutes your agreement to this privacy statement and any updates.