Baxi Heating UK Limited (referred to in this document as “Baxi Heating”, “we”, “our”, “us”), take your privacy and the security of your personal data very seriously and want to be as clear and transparent as possible about what we do with it.
This is in line with our core company values which state that we will be reliable and responsive in the way in which we deal with people and also that we will treat everyone with trust and respect.
This privacy notice explains how we process your personal data. (“Processing” means everything we do with your data including when we collect, record, organise, structure, store, use, disclose, disseminate, restrict, erase or destroy data about you).
It also explains when we might disclose your data to others, how we keep it secure and also your rights regarding your data.
To fulfil our responsibilities and demonstrate compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR), we are committed to the six principles of the regulation by:
The data controller is Baxi Heating UK Limited, Brooks House, Coventry Road, Warwick, CV34 4LL. We are registered in England & Wales as Baxi Heating UK Limited, registered number 03879156. In the Republic of Ireland we are registered as Potterton Myson (Ireland) Limited, registered number 26092.
Baxi Heating makes some of the best known heating and hot water brands in the UK and Ireland. Our principal brands, their websites and the addresses from which we operate are shown below. This privacy notice is applicable for all of our brands.
|Baxi Heating||www.baxiheating.co.uk||Brooks House, Coventry Road, Warwick CV34 4LL|
|Baxi||www.baxi.co.uk||Brooks House, Coventry Road, Warwick CV34 4LL|
|Main Heating||www.mainheating.co.uk||Brooks House, Coventry Road, Warwick CV34 4LL|
|Potterton||www.potterton.co.uk||Brooks House, Coventry Road, Warwick CV34 4LL|
|Heatrae Sadia||www.heatraesadia.com||Hurricane Way, Norwich, Norfolk NR6 6EA|
|Megaflo||www.heatraesadia.com||Hurricane Way, Norwich, Norfolk NR6 6EA|
|Santon||www.santon.co.uk||Hurricane Way, Norwich, Norfolk NR6 6EA|
|Elson Hot Water||www.elsonhotwater.co.uk||Hurricane Way, Norwich, Norfolk NR6 6EA|
|Andrews Water Heaters||www.andrewswaterheaters.co.uk||Innovation House, Oaklands Business Centre, Oaklands Park, Wokingham RG41 2FD|
|Potterton Commercial||www.pottertoncommercial.co.uk||Innovation House, Oaklands Business Centre, Oaklands Park, Wokingham RG41 2FD|
|Remeha||www.remeha.co.uk||Oaklands Business Centre, Oaklands Park, Wokingham RG41 2FD|
|Packaged Plant Solutions||www.packageplant.com||Unit 8, Thornton Chase. Foxhunter drive, Linford Wood, Milton Keynes. MK14 6FD|
|Baxi Potterton Myson||www.baxipottertonmyson.ie||Calmount Park, Unit F 5&6, Calmount Road, Dublin 12, Ireland|
As part of our business we will process the data of people who fall into the following categories, whether we have had
a relationship in the past, have a relationship now or we are about to commence a relationship with you:
We will collect and process the following data about you:
Information you give us. By filling in forms on our websites or by corresponding with us by phone, SMS (text message), email or otherwise. The information you give us may include your name, address, email address and phone number, and financial information such as payment card details and bank account details.
Information we collect from your use of our websites or social media sites. Every time you visit one of our websites or social media sites we will automatically collect technical information, such as the Internet protocol (IP) address used to connect your device to the Internet, where you connected to our service, your internet service provider (ISP), and what type of device you are using to access our service.
Information we collect throughout our relationship. This is information collected during meetings with our sales managers or engineers, from any purchase or sales transactions you may make with us and any warranty or service contracts we may have with you either directly or through a landlord. The information we hold may include your name, address, email address and phone number, and financial information such as payment card details and bank
Information we collect when you call us. If you telephone us we will automatically collect the phone number used to call us and we may also keep a recording of inbound and outbound calls for training and quality purposes.
Information we receive from other sources. We work closely with other organisations, including the following categories :
Providers of extended warranty services, for example, Domestic & General Services, Corgi and British Gas.
Housebuilders, housing associations, councils and private landlords.
Installers of our products.
Businesses that sell our products, builders merchants and electrical wholesalers.
The above organisations will provide personal data including, name, address, contact telephone numbers and email address.
For example, if you employ a third party installer to fit one of our products they may pass us your name and address when they register the product for warranty on your behalf. If you are a tenant, your landlord (or their appointed contractors) may also do this. If you are the purchaser of a new-build property the developer (or their appointed contractors) may also pass us your data for the same purpose.
In each case the installer/ landlord / developer is required under GDPR to notify you that they have shared your data with us and we will also inform you by issuing a privacy notice when we receive your data.
If you apply for a trade account with us we may pass your details to a credit reference agency, for example, Experian PLC, who may then share your financial data with us.
Providing us with your details online. This is information you may choose to provide us with when using our websites:
It includes your name, address, telephone number, email address and preferences for receiving communications from us. Please let us know if any of this changes so we can keep our records up to date.
We process your personal information for the following reasons:
Pursuant to a contract in order to:
On the basis of your consent:
In our legitimate interests of providing the best service and improving and growing our business we will process information in order to:
You have the right to object to processing carried out for our legitimate interests. See the What are your rights? section below for more information.
To comply with legal requirements relating to:
Please refer to the Cookie Policies for the websites you are visiting for full details about the types of cookies we use.
As a general principle we will hold your personal data only for as long as necessary in order to fulfil the purposes for which it was collected. Once these purposes have been achieved we will erase the data or anonymize it in such a way as to make it impossible to identify you, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
For more details on record retention please contact us.
For the purposes set out in the ‘Why do we collect this information?’ section above, we will share your personal
Third parties with whom we may share your information are listed below:
Adroit Data & Insight
BT Buynet / Safepay
Domestic & General Group Limited
Gas Safe Register
Vignette Web Services
When disclosing your data to third parties we have an obligation to ensure that we have appropriate measures in place to ensure your data is protected. We will therefore do the following:
We are committed to protecting your personal and financial information. All information kept by us is stored on our secure servers.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We are committed to regularly testing, assessing and evaluating the effectiveness of our technical and organisational measures to manage the security of your personal data. Our Governance Framework is the system by which our organisation is directed and controlled and provides the rules and the structures to manage this. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
More information is available by contacting us.
We secure access to all transactional areas of our websites and apps using ‘https’ technology.
Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption.
We may transfer your data outside the European Economic Area ("EEA"). We will only do so if adequate protection measures are in place in compliance with data protection legislation.
We use the following protection measures:
Where processing of your personal data is based on consent, you can withdraw that consent at any time.
You can exercise your rights at any time by contacting us. Our contact details are given below.
You have the right:
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details below.
In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time.
The ICO’s contact details are available here: https://ico.org.uk/concerns/ . You can also call them on 0303 123 1113.
Our Privacy Compliance Manager is here to help. If you have any questions or concerns relating to the handling of your personal data, queries related to subject access requests, third parties whom we share your data with, your rights or want to make a complaint about how we are processing your data, you can get in touch.
Privacy Compliance Manager
Tel: +44 (0)1926 405405
This notice was last updated on 14th May 2018.