Skip to main content

© 2023 Stark Software International (Holdings) Limited. Company number 09978378. All rights reserved.

Policies

Stark is committed to respecting your privacy and to complying with applicable data protection and privacy laws.

We have provided our policies and notices to help you understand how we collect, use and protect your information when you visit our websites, attend our events, download our whitepapers, watch our webinars and when you generally use our products and services.

It is important to point out that we may amend this information from time to time. Please revisit these pages if you wish to stay up to date. We will post any changes there.

If you have any queries about this information please contact us.

Acceptable Use Policy

Definitions

Site – includes the following websites: www.stark.co.ukwww.degreedaysforfree.co.uk, savenergyonline.stark.co.uk, poweredby.stark.co.uk and all associated web pages;

Submission or submissions – means any text, images, video, audio or other multimedia content, software or other information or material submitted by you or other users to the Site;

We, us or our – means Stark Software International Limited company registration number 02911704, with VAT registration number 644 3728 29  and whose registered office is at Sentinel House, 10-12 Massetts Road, Horley, RH6 7DE.

You or your – means the person accessing or using the Site or its Content.

1. Introduction

1.1 Together with our General website terms and conditions of use, this acceptable use policy governs how you may access and use the Site.

2. Acceptable use

2.1  We permit you to use the Site only for personal and commercial purposes and primarily for e.g. accessing information about us and accessing your energy data using the various tools and products for which you have been issued a username and password that are accessible without a username and password. Use of the Site in any other way, including in contravention of any restriction on use set out in this policy, is not permitted. If you do not agree with the terms of this policy, you may not use the Site.

3. Restrictions on use

3.1  As a condition of your use of the Site, you agree:

3.1.1  Not to use the Site for any purpose that is unlawful under any applicable law or prohibited by this policy or our General website terms and conditions of use;

3.1.2  Not to use the Site to commit any act of fraud;

3.1.3  Not to use the Site to distribute viruses or malware or other similar harmful software code;

3.1.4  Not to use the Site for purposes of promoting unsolicited advertising or sending spam;

3.1.5  Not to use the Site to simulate communications from us or another service or entity in order to collect identity information, authentication credentials, or other information (‘phishing’);

3.1.6 Not to use the Site in any manner that disrupts the operation of our Site or business or the website or business of any other entity;

3.1.7 Not to use the Site in any manner that harms minors;

3.1.8  Not to promote any unlawful activity;

3.1.9  Not to represent or suggest that we endorse any other business, product or service unless we have separately agreed to do so in writing;

3.1.110  Not to use the Site to gain unauthorised access to or use of computers, data, systems, accounts or networks

3.1.11  Not to attempt to circumvent password or user authentication methods; and to comply with the provisions relating to our Intellectual Property Rights and Software contained in our General websiteterms and conditions of use.

4. Bulletin boards, chat rooms and other interactive services

4.1  We may make bulletin boards, chat rooms or other communication services (‘Interactive Services’) available on the Site.

4.2  We are not obliged to monitor or moderate Submissions to Interactive Services. Where we do monitor or moderate Submissions we shall indicate how this is performed and who should be contacted in relation to any Submission of concern to you.

4.3  We may remove or edit any Submissions to any of our Interactive Services whether they are moderated or not.

4.4  Any Submission you make must comply with our Submission standards set out below.

5. Submission standards

5.1 Any Submission or communication to users of our Site must conform to standards of accuracy, decency and lawfulness, which shall be applied in our absolute discretion. In particular, you warrant that any Submission or communication is:

5.1.1  Your own original work and lawfully submitted;

5.1.2  Factually accurate or your own genuinely held belief;

5.1.3  Provided with the necessary consent of any third party;

5.1.4  Not defamatory or likely to give rise to an allegation of defamation;

5.1.5  Not offensive, obscene, sexually explicit, discriminatory or deceptive; and

5.1.6  Unlikely to cause offence, embarrassment or annoyance to others.

6. Linking and framing

6.1  You may create a link to our Site from another website with our prior written consent provided no such link:

6.1.1  Creates a frame or any other browser or border environment around the content of our Site;

6.1.2  Implies that we endorse your products or services or any of the products or services of, or available through, the website on which you place a link to our Site;

6.1.3 Displays any of the trademarks or logos used on our Site without our permission or that of the owner of such trademarks or logos; or

6.1.4  Is placed on a website that itself does not meet the acceptable use requirements of this policy.

6.2  We reserve the right to require you to immediately remove any link to the Site at any time, and you shall immediately comply with any request by us to remove any such link.

7. Using the Stark Software International Limited name and logo

7.1 You may not use our trademarks, logos or trade names except in accordance with this policy and our General website terms and conditions of use.

8. Breach

8.1 We shall apply the terms of this policy in our absolute discretion. In the event of your breach of these terms, we may terminate or suspend your use of the Site, remove or edit Submissions, disclose Submissions to law enforcement authorities or take any action we consider necessary to remedy the breach.

9. Disputes

9.1 We will try to resolve any disputes quickly and efficiently. If you are unhappy with the way we deal with any dispute and you want to take court proceedings, the relevant courts of the United Kingdom will have exclusive jurisdiction in relation to the Terms. Relevant United Kingdom law will apply to these Terms.

Last updated

June 09, 2020

Privacy Policy

Welcome to Stark’s privacy policy.
Stark respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

1. IMPORTANT INFORMATION AND WHO WE ARE
2. THE DATA WE COLLECT ABOUT YOU
3. HOW IS YOUR PERSONAL DATA COLLECTED?
4. HOW WE USE YOUR PERSONAL DATA
5. DISCLOSURES OF YOUR PERSONAL DATA
6. INTERNATIONAL TRANSFERS
7. DATA SECURITY
8. DATA RETENTION
9. YOUR LEGAL RIGHTS
10. GLOSSARY

1. IMPORTANT INFORMATION AND WHO WE ARE

PURPOSE OF THIS PRIVACY POLICY

This privacy policy aims to give you information on how Stark collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, purchase a product or service, take part in a competition or consent to
our marketing.

This website is not intended for children and we do not knowingly collect data relating to children. It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

CONTROLLER

Stark is a group of companies comprising of: Stark Software International Limited (Data Services), Stark Technical Services (Field Services), Stark Utility Funding (Asset Finance), Squire Energy Limited (Gas Connections, Siteworks and MAM Services), Squire Energy Metering Limited and Squire Energy Networks Limited. Stark Software International Limited, Stark Technical Services Limited and Stark Utility Funding Limited (“Stark” group) is the controller and responsible for your personal data (collectively referred to as “Stark”, “we”, “us” or “our” in this privacy policy).

This privacy policy is issued on behalf of the Stark Group so when we mention “Stark”, “we”, “us” or “our” in this privacy policy, we are referring to the relevant company in the Stark Group responsible for processing your data. We will let you know which entity will be the controller for your data when you purchase a product or service with us.

CONTACT DETAILS

If you have any questions about this privacy policy or our privacy practices, please contact us in the following ways:

We welcome your feedback and questions. If you wish to contact us, please send an email to office@stark.co.uk or you can write to us at:

Stark Software International Limited, Sentinel House, 10-12 Massetts Road, Horley, Surrey, RH6 7DE
or call us on 01293 776747. Registered office is as above.

Stark Utility Funding Limited, Sentinel House, 10-12 Massetts Road, Horley, Surrey, RH6 7DE or call
us on 01293 776747. Registered office is as above.

Stark Technical Services Limited, Unit 2, Amy Johnson House, Amy Johnson Way, Blackpool Airport
Business Park, Blackpool, FY4 2FG or call us on 01253 626000. Registered address is Jack Ross Ltd,
Salford Approach, Salford, England, M3 7BX.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We keep our privacy policy under regular review. This version was last updated on 16 September 2022.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

2. THE DATA WE COLLECT ABOUT YOU

Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (Anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier,
    marital status, title, date of birth and gender.
  • Contact Data includes billing address, delivery address, email address and telephone
    numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction bincludes details about payments to and from you and other details of
    products and services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and
    version, time zone setting and location, browser plug-in types and versions, operating system
    and platform, and other technology on the devices you use to access this website.
  • Profile Data includes your username and password, purchases or orders made by you, your
    interests, preferences, feedback and survey responses.
  • Usage Data includes information about how you use our website, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing
    from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We may ask you to provide sensitive personal information, for example health information. If we request such information, we will explain why we are requesting it and how we intend to use it. We will only collect your sensitive personal information with your explicit consent. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership and genetic and biometric data).

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods and/or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • apply for our products or services;
    • create an account on our website;
    • subscribe to our service or publications;
    • request marketing to be sent to you;
    • enter a competition, promotion or survey; or
    • give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.
  • Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources.

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

Please read our Glossary of terms to find out more about the types of lawful basis that we will rely on to process your personal data.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose & Activity / Type of Data / Lawful basis for processing including basis of legitimate interest

  1. To register you as a new customer / a) Identity (b) Contact / Performance of a contract with you
  2. To process and deliver your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us / (a) Identity (b) Contact (c) Financial
    (d) Transaction (e) Marketing and Communications / a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us
  3. To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey / (a) Identity (b) Contact (c) Profile (d) Marketing and Communications / a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
  4. To enable you to partake in a prize draw, competition or complete a survey / (a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications / (a) Performance of a contract with you (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
  5. To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) / (a) Identity (b) Contact (c) Technical (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) / (b) Necessary to comply with a legal obligation
  6. To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you / (a) Identity / (b) Contact / (c) Profile / (d) Usage /(e) Marketing and Communications /(f) Technical / Necessary for our legitimate interests(to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
  7. To use data analytics to improve our website, products/services, marketing, customer relationships and experiences / (a) Technical (b) Usage / Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
  8. To make suggestions and recommendations to you about goods and/or services that may be of interest to you / (a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications / Necessary for our legitimate interests (to develop our products/services and grow our business)

MARKETING

We strive to provide you with choices regarding certain personal data uses, particularly around
marketing and advertising.

PROMOTIONAL OFFERS FROM US

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.

THIRD-PARTY MARKETING

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

OPTING OUT

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

  • email, call or write to us (see ‘Contact Us’ below). You can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months.
  • let us have proof of your identity and address, and
  • let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone)

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our cookie policy.

For further information on cookies generally visit www.aboutcookies.org or www.allaboutcookies.org.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. DISCLOSURES OF YOUR PERSONAL DATA

We may share your personal data with the parties set out below for the purposes set out in the section 4. Purposes for which we will use your personal data
Internal Third Parties as set out in the Glossary.
External Third Parties as set out in the Glossary.
Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. INTERNATIONAL TRANSFERS

We do not transfer your personal data outside the UK, other than to adequately secure locations.

7. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL DATA FOR?

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

In some circumstances you can ask us to delete your data: see your legal rights below for further information.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9.YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

  1. Request access to your personal data
  2. Request correction of your personal data
  3. Request erasure of your personal data
  4. Object to processing of your personal data
  5. Request restriction of processing your personal data
  6. Request transfer of your personal data
  7. Right to withdraw consent

If you wish to exercise any of the rights set out above, please contact us.

NO FEE USUALLY REQUIRED

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

WHAT WE MAY NEED FROM YOU

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

TIME LIMIT TO RESPOND

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10.GLOSSARY

LAWFUL BASIS

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

THIRD PARTIES

INTERNAL THIRD PARTIES

Other companies in the Stark Group acting as joint controllers or processors and who are based in UK and provide IT and system administration services and undertake leadership reporting.

EXTERNAL THIRD PARTIES

Service providers acting as processors based in UK who provide IT and system administration services. Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in UK who provide consultancy, banking, legal, insurance and accounting services. HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

YOUR LEGAL RIGHTS

You have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the
processing of your personal data in the following scenarios:

  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful, but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent

16th September 2022

SSIL – Recruitment Privacy Notice

This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during the application process. We are required to notify you of this information, under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information 

Stark Software International Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Technical Services Limited and Stark Utility Funding Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect and hold the following information up to and including the completion of the interview and selection process: 

  • Your name and contact details (i.e. address, home and mobile phone numbers, email address); 
  • Details of your qualifications, experience, employment history (including job titles, salary and working hours) and interests; and 
  • Your gender. 

We may collect the following information after an offer of employment has been made: 

  • Information about your previous academic and/or employment history, including details of any conduct, grievance or performance issues, appraisals, time and attendance, from references obtained about you from previous employers and/or education providers ; 
  • Information regarding your academic and professional qualifications ; 
  • Information regarding your criminal record, in criminal records certificates (CRCs) and enhanced criminal records certificates (ECRCs) ; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information ; and 
  • A copy of your driving licence . 

You are required (by law or in order to enter into your contract of employment) to provide the categories of information marked ‘☐’ above to us to enable us to verify your right to work and suitability for the position. 

How we collect the information 

We may collect this information from you, your referees (details of whom you will have provided), your education provider, the relevant professional body, the Disclosure and Barring Service (DBS) and the Home Office. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Privacy Policy and Data Protection Policy): 

  • to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligation to check that you are eligible to work in the United Kingdom); 
  • for the performance of a task carried out in the public interest; and 
  • for the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as HR consultants and professional advisers. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Sensitive personal information and criminal records information 

Further details on how we handle sensitive personal information and information relating to criminal convictions and offences are set out in our Data Protection Policy, available, which can be accessed via Document Manager or via request to the HR Team. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. 

How long we keep your information 

We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful and you become employed by us, the nature of the information concerned and the purposes for which it is processed. 

We will keep recruitment information (including interview notes) for no longer than is reasonable (our standard retention period is 3 months), taking into account any legal requirements, after which they will be destroyed. If there is a clear business reason for keeping recruitment records for longer than the recruitment period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept. 

If your application is successful, we will keep only the recruitment information that is necessary in relation to your employment. For further information, see our Data Protection Privacy Notice – Employment. 

Further details on our approach to information retention and destruction are available in our Data Protection Policy that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact our Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that our Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.  

Last updated
October 2022

STS – Recruitment Privacy Notice

This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during the application process. We are required to notify you of this information, under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information 

Stark Technical Services Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Software International Limited and Stark Utility Funding Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect and hold the following information up to and including the completion of the interview and selection process: 

  • Your name and contact details (i.e. address, home and mobile phone numbers, email address); 
  • Details of your qualifications, experience, employment history (including job titles, salary and working hours) and interests; 
  • Your gender. 

We may collect the following information after an offer of employment has been made: 

  • Information about your previous academic and/or employment history, including details of any conduct, grievance or performance issues, appraisals, time and attendance, from references obtained about you from previous employers and/or education providers ; 
  • Information regarding your academic and professional qualifications ; 
  • Information regarding your criminal record, in criminal records certificates (CRCs) and enhanced criminal records certificates (ECRCs) ; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information ; 
  • A copy of your driving licence . 

You are required (by law or in order to enter into your contract of employment) to provide the categories of information marked ‘☐’ above to us to enable us to verify your right to work and suitability for the position. 

How we collect the information 

We may collect this information from you, your referees (details of whom you will have provided), your education provider, the relevant professional body, the Disclosure and Barring Service (DBS) and the Home Office. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Privacy Policy and Data Protection Policy): 

  • to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligation to check that you are eligible to work in the United Kingdom); 
  • for the performance of a task carried out in the public interest; and 
  • for the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as HR consultants and professional advisers. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Sensitive personal information and criminal records information 

Further details on how we handle sensitive personal information and information relating to criminal convictions and offences are set out in our Data Protection Policy, available, which can be accessed via Document Manager or via request to the HR Team. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. 

How long we keep your information 

We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful and you become employed by us, the nature of the information concerned and the purposes for which it is processed. 

We will keep recruitment information (including interview notes) for no longer than is reasonable (our standard retention period is 3 months), taking into account any legal requirements, after which they will be destroyed. If there is a clear business reason for keeping recruitment records for longer than the recruitment period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept. 

If your application is successful, we will keep only the recruitment information that is necessary in relation to your employment. For further information, see our Data Protection Privacy Notice – Employment. 

Further details on our approach to information retention and destruction are available in our Data Protection Policy that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact our Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that our Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.  

Last updated
October, 2022

SUFL – Recruitment Privacy Notice

This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during the application process. We are required to notify you of this information, under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information 

Stark Utility Funding Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Technical Services Limited and Stark Software International Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect and hold the following information up to and including the completion of the interview and selection process: 

  • Your name and contact details (i.e. address, home and mobile phone numbers, email address); 
  • Details of your qualifications, experience, employment history (including job titles, salary and working hours) and interests; and 
  • Your gender. 

We may collect the following information after an offer of employment has been made: 

  • Information about your previous academic and/or employment history, including details of any conduct, grievance or performance issues, appraisals, time and attendance, from references obtained about you from previous employers and/or education providers ; 
  • Information regarding your academic and professional qualifications ; 
  • Information regarding your criminal record, in criminal records certificates (CRCs) and enhanced criminal records certificates (ECRCs) ; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information ; and 
  • A copy of your driving licence . 

You are required (by law or in order to enter into your contract of employment) to provide the categories of information marked ‘☐’ above to us to enable us to verify your right to work and suitability for the position. 

How we collect the information 

We may collect this information from you, your referees (details of whom you will have provided), your education provider, the relevant professional body, the Disclosure and Barring Service (DBS) and the Home Office. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Privacy Policy and Data Protection Policy): 

  • to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligation to check that you are eligible to work in the United Kingdom); 
  • for the performance of a task carried out in the public interest; and 
  • for the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as HR consultants and professional advisers. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Sensitive personal information and criminal records information 

Further details on how we handle sensitive personal information and information relating to criminal convictions and offences are set out in our Data Protection Policy, available, which can be accessed via request to the HR Team. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. 

How long we keep your information 

We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful and you become employed by us, the nature of the information concerned and the purposes for which it is processed. 

We will keep recruitment information (including interview notes) for no longer than is reasonable (our standard retention period is 3 months), taking into account any legal requirements, after which they will be destroyed. If there is a clear business reason for keeping recruitment records for longer than the recruitment period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept. 

If your application is successful, we will keep only the recruitment information that is necessary in relation to your employment. For further information, see our Data Protection Privacy Notice – Employment. 

Further details on our approach to information retention and destruction are available in our Data Protection Policy that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact our Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that our Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.  

Last updated

October 2022

SSIL – Customer Privacy Notice

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

Stark Software International Limited collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the UK GDPR, which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018 (Data Protection Act 2018 (legislation.gov.uk). We are responsible as ‘controller’ of that personal information for the purposes of those laws.

The personal information we collect and use

We collect the following personal information when you provide it to us:

Name

Contact information (e.g. your email address or telephone number)

Address information (both for invoicing purposes and site detail information)

Consumption information

CCTV footage (when captured on CCTV cameras at our premises)

Other personal data (including sensitive personal data) you provide to us voluntarily.

Most of this information is collected directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, though our website or through social media). Information may be collected as a result of our services being used or interaction with us by an individual. We may also obtain such information from third parties, for example credit reference agencies.

How we use your personal information

We use your personal information to:

identify you and manage any accounts you hold with us;

process your order;

conduct research, statistical analysis and behavioural analysis;

carry out customer profiling and analyse your purchasing preferences;

if you agree, let you know about other products or services that may be of interest to you;

detect and prevent fraud;

do a credit check;

customise our website and its content to your particular preferences;

notify you of any changes to our website or to our services that may affect you;

carry out security vetting;

improve our services; and

ensure that customers can access the pages they are subscribed to.

Who we share your personal information with

We may share your relevant personal data (e.g. your name and site address details) with:

other companies within our group;

our agents, service providers and regulatory authorities (for a list of our sub-contractors – please send your request to office@stark.co.uk); and

credit reference agents.

This data sharing enables us to carry out services and verify financial status.

We will also share your information with your Utility Supplier(s) and any other third party authorised by you in writing from time to time.

We will share personal information with law enforcement or other authorities if required by applicable law.

We will not share your personal information with any other unauthorised third party.

How long your personal data will be kept

We will retain your personal data to ensure retention periods of any applicable regulatory body or as required by law are adhered to.

Currently, we work to retaining your personal data for no longer than 72 months from termination/conclusion of all services with us.

Reasons we can collect and use your personal information

In the majority of cases where we carry out services, our lawful basis for processing is contractual.

We may process your personal information due to a legal obligation (e.g. tax reasons).

In relation to marketing, we rely on legitimate interests as the legal basis on which we collect and use your personal data. Our legitimate interests are to offer the same or similar products/services to existing customers. If a customer wishes to opt out of receiving marketing materials from us, we will ensure this request is complied with.

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

email, call or write to us (see contact information provided below). You can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months.

let us have proof of your identity and address, and

let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone)

We may also process your personal information if you consent to us doing so. However, if you wish to withdraw consent the above opt-out rules will apply.

Transfer of your information out of the EEA

We may need to transfer your personal data outside the European Economic Area, for the purpose of providing services. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data.

If you would like further information, please contact us (see contact information provided below). We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Your rights Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

fair processing of information and transparency over how we use your use personal information

access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address

require us to correct any mistakes in your information which we hold

require the erasure of personal information concerning you in certain situations

receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations

object at any time to processing of personal information concerning you for direct marketing

object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you

object in certain other situations to our continued processing of your personal information

otherwise restrict our processing of your personal information in certain circumstances

claim compensation for damages caused by our breach of any data protection laws

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

email, call or write to us (see contact information provided below)

let us have enough information to identify you (e.g. account number, user name, meter reference),

let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and

let us know the information to which your request relates, including any account or reference numbers, if you have them.

If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected or actual data security breach. We will notify you and any applicable regulator of a suspected or actual data security breach where we are legally required to do so.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.

The current data protection legislation also give you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

Changes to this privacy notice

This privacy notice was published on 20/10/2022 and will be reviewed annually.

We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version.

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please send an email to office@stark.co.uk or you can write to us at: Stark Software International Limited, Sentinel House, 10-12 Massetts Road, Horley, Surrey, RH6 7DE or call us on 01293 776747.

Last updated
October, 2022

STS – Customer Privacy Notice

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint. 

Who we are 

Stark Technical Services Limited collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the GDPR which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018 Data Protection Act 2018 (legislation.gov.uk). We are responsible as ‘controller’ of that personal information for the purposes of those laws. 

 

The personal information we collect and use 

We collect the following personal information when you provide it to us: 

  • Name 
  • Contact information (e.g. your email address or telephone number) 
  • Address information (both for invoicing purposes and site detail information) 
  • Consumption information 
  • Other personal data (including sensitive personal data) you provide to us voluntarily. 

Most of this information is collected directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, though our website or through social media). Information may be collected as a result of our services being used or interaction with us by an individual. We may also obtain such information from third parties, for example credit reference agencies.  

How we use your personal information 

We use your personal information to: 

  • identify you and manage any accounts you hold with us; 
  • process your order; 
  • conduct research, statistical analysis and behavioural analysis; 
  • carry out customer profiling and analyse your purchasing preferences; 
  • if you agree, let you know about other products or services that may be of interest to you; 
  • detect and prevent fraud; 
  • do a credit check; 
  • customise our website and its content to your particular preferences; 
  • notify you of any changes to our website or to our services that may affect you; 
  • carry out security vetting; 
  • improve our services; and 
  • ensure that customers can access the pages they are subscribed to. 

Who we share your personal information with 

We may share your relevant personal data (e.g. your name and site address details) with: 

  • other companies within our group; 
  • our agents, service providers and regulatory authorities (for a list of our sub-contractors – please send your request to office@stark.co.uk); and 
  • credit reference agents. 

This data sharing enables us to carry out services and verify financial status.  

We will also share your information with your Utility Supplier(s) and any other third party authorised by you in writing from time to time. 

We will share personal information with law enforcement or other authorities if required by applicable law. 

We will not share your personal information with any other unauthorised third party. 

How long your personal data will be kept 

  • We will retain your personal data to ensure retention periods of any applicable regulatory body or as required by law are adhered to.   
  • Currently, we work to retaining your personal data for no longer than 72 months from termination/conclusion of all services with us. 

Reasons we can collect and use your personal information 

In the majority of cases where we carry out services, our lawful basis for processing is contractual.  

We may process your personal information due to a legal obligation (e.g. tax reasons). 

In relation to marketing, we rely on legitimate interests as the legal basis on which we collect and use your personal data. Our legitimate interests are to offer the same or similar products/services to existing customers. If a customer wishes to opt out of receiving marketing materials from us, we will ensure this request is complied with. 

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please: 

  • email, call or write to us (see contact information provided below). You can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months. 
  • let us have proof of your identity and address, and 
  • let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone) 

We may also process your personal information if you consent to us doing so. However, if you wish to withdraw consent the above opt-out rules will apply. 

Transfer of your information out of the EEA 

We may need to transfer your personal data outside the European Economic Area, for the purpose of providing services. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data. 

If you would like further information, please contact us (see contact information provided below). We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries. 

Your rights 

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to: 

  • fair processing of information and transparency over how we use your use personal information 
  • access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address 
  • require us to correct any mistakes in your information which we hold 
  • require the erasure of personal information concerning you in certain situations 
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations 
  • object at any time to processing of personal information concerning you for direct marketing 
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you 
  • object in certain other situations to our continued processing of your personal information 
  • otherwise restrict our processing of your personal information in certain circumstances 
  • claim compensation for damages caused by our breach of any data protection laws 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation. 

If you would like to exercise any of those rights, please: 

  • email, call or write to us (see contact information provided below) 
  • let us have enough information to identify you (e.g. account number, user name, meter reference),  
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and 
  • let us know the information to which your request relates, including any account or reference numbers, if you have them. 

If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected or actual data security breach. We will notify you and any applicable regulator of a suspected or actual data security breach where we are legally required to do so. 

How to complain 

We hope that we can resolve any query or concern you raise about our use of your information.  

Data protection legislation also give you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113. 

Changes to this privacy notice 

This privacy notice was published on 20/10/2022 and will be reviewed annually. 

We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version. 

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please send an email to office@stark.co.uk or you can write to us at: Stark Technical Services Limited, Unit 2, Amy Johnson House, Amy Johnson Way, Blackpool Airport Business Park, Blackpool, FY4 2FG or call us on 01253 626000.

Last updated
October, 2020

SUFL – Customer Privacy Notice

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint. 

Who we are 

Stark Utility Funding Limited collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the GDPR which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018 Data Protection Act 2018 (legislation.gov.uk). We are responsible as ‘controller’ of that personal information for the purposes of those laws. 

 

The personal information we collect and use 

We collect the following personal information when you provide it to us: 

  • Name 
  • Contact information (e.g. your email address or telephone number) 
  • Address information (both for invoicing purposes and site detail information) 
  • Consumption information 
  • CCTV footage (when captured on CCTV cameras at our premises) 
  • Other personal data (including sensitive personal data) you provide to us voluntarily. 

Most of this information is collected directly from the individuals that we interact with, when they contact us in writing, by telephone or electronically (by email, though our website or through social media). Information may be collected as a result of our services being used or interaction with us by an individual. We may also obtain such information from third parties, for example credit reference agencies.  

How we use your personal information 

We use your personal information to: 

  • identify you and manage any accounts you hold with us; 
  • process your order; 
  • conduct research, statistical analysis and behavioural analysis; 
  • carry out customer profiling and analyse your purchasing preferences; 
  • if you agree, let you know about other products or services that may be of interest to you; 
  • detect and prevent fraud; 
  • do a credit check; 
  • customise our website and its content to your particular preferences; 
  • notify you of any changes to our website or to our services that may affect you; 
  • carry out security vetting; 
  • improve our services; and 
  • ensure that customers can access the pages they are subscribed to. 

Who we share your personal information with 

We may share your relevant personal data (e.g. your name and site address details) with: 

  • other companies within our group; 
  • our agents, service providers and regulatory authorities (for a list of our sub-contractors – please send your request to office@stark.co.uk); and 
  • credit reference agents. 

This data sharing enables us to carry out services and verify financial status.  

We will also share your information with your Utility Supplier(s) and any other third party authorised by you in writing from time to time. 

We will share personal information with law enforcement or other authorities if required by applicable law. 

We will not share your personal information with any other unauthorised third party. 

How long your personal data will be kept 

  • We will retain your personal data to ensure retention periods of any applicable regulatory body or as required by law are adhered to.   
  • Currently, we work to retaining your personal data for no longer than 72 months from termination/conclusion of all services with us. 

Reasons we can collect and use your personal information 

In the majority of cases where we carry out services, our lawful basis for processing is contractual.  

We may process your personal information due to a legal obligation (e.g. tax reasons). 

In relation to marketing, we rely on legitimate interests as the legal basis on which we collect and use your personal data. Our legitimate interests are to offer the same or similar products/services to existing customers. If a customer wishes to opt out of receiving marketing materials from us, we will ensure this request is complied with. 

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please: 

  • email, call or write to us (see contact information provided below). You can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months. 
  • let us have proof of your identity and address, and 
  • let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone) 

We may also process your personal information if you consent to us doing so. However, if you wish to withdraw consent the above opt-out rules will apply. 

Transfer of your information out of the EEA 

We may need to transfer your personal data outside the European Economic Area, for the purpose of providing services. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data. 

If you would like further information, please contact us (see contact information provided below). We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries. 

Your rights 

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to: 

  • fair processing of information and transparency over how we use your use personal information 
  • access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address 
  • require us to correct any mistakes in your information which we hold 
  • require the erasure of personal information concerning you in certain situations 
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations 
  • object at any time to processing of personal information concerning you for direct marketing 
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you 
  • object in certain other situations to our continued processing of your personal information 
  • otherwise restrict our processing of your personal information in certain circumstances 
  • claim compensation for damages caused by our breach of any data protection laws 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation. 

If you would like to exercise any of those rights, please: 

  • email, call or write to us (see contact information provided below) 
  • let us have enough information to identify you (e.g. account number, user name, meter reference),  
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and 
  • let us know the information to which your request relates, including any account or reference numbers, if you have them. 

If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 28 days for this to take place for electronic communications, and postal communications should stop within two months. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected or actual data security breach. We will notify you and any applicable regulator of a suspected or actual data security breach where we are legally required to do so. 

How to complain 

We hope that we can resolve any query or concern you raise about our use of your information.  

Data protection legislation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113. 

Changes to this privacy notice 

This privacy notice was published on 20/10/2022 and will be reviewed annually. 

We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version. 

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please send an email to office@stark.co.uk or you can write to us at: Stark Utility Funding Limited, Sentinel House, 10-12 Massetts Road, Horley, Surrey, RH6 7DE or call us on 01293 776747.

Last updated
October, 2022

Accreditations

Stark Group has been accredited by several bodies. Details of those accreditations follow below.

Stark Software International Limited (SSIL)

 

BSC Qualified Person (HHDA) – Elexon – MPID: SSIL
BSC Qualified Person (HHDC) – Elexon – MPID: SSIL

SSIL is accredited as a Half Hourly Data Aggregator and Data Collector under the Balancing and Settlement Code (BSC).

BSC Qualified Person (NHHDA) – Elexon – MPID: SSIL
BSC Qualified Person (NHHDC) – Elexon – MPID: SSIL

SSIL is accredited as a Non Half Hourly Data Aggregator and Data Collector under the Balancing and Settlement Code (BSC).

 

Code of Practice for Approved Meter Installers (ASCoP) – Energy Services and Technology Association Registration No. 1004, ASPID SIS

SSIL is certified under the Automated Meter Reading Service Providers Code of Practice (ASPCoP) by the Energy Services and Technology Association. ASPCoP provides a regularised system to give customers assurance about the data accuracy, integrity and completeness and the service levels they will receive from certified service providers.

 

ISO/EIC 27001 : 2013- Centre for Assessment (UKAS 0120) – Certificate No. 17/2308

SSIL operates an Information Security Management System (ISMS) certified under ISO/IEC 27001:2013 by a UKAS-accredited certification body. This ISO standard specifies the requirements for establishing, implementing, maintaining and continually improving an ISMS to preserve the confidentiality, integrity and availability of information, within the context of the organisation.

 

Cyber Essentials – QG Business Solutions – Certificate QGCE 5103

Stark is accredited under the Cyber Essentials Scheme. The Cyber Essentials scheme provides businesses with clarity on good basic cyber security practice. By focusing on basic cyber hygiene, Stark has better protection from cyber threats.

 

PCI DSS SAQ A – Sysnet – Merchant ID: 2101357375

Stark is certified under the Payment Card Industry Data Security Standard ‘SAQ A’ (Card-not-present merchants (e-commerce or mail/telephone-order) that have fully outsourced all cardholder data functions to PCI DSS validated third-party service providers, with no electronic storage, processing, or transmission of any cardholder data on the merchant’s systems or premises).

 

Register of data protection fee payers – ICO – Registration number Z2857067

SSIL is registered as a data Controller and Data Processor with the Information Commissioners Office.

 

EEE Producer Registration – Environment Agency – Registration No. WEE/AX4126VA

SSIL is registered as a small producer of Electrical and Electronic Equipment (EEE) via the National Waste Packaging Database.

 

Battery Producer Registration – Environment Agency – Registration No. BPRN07020, NPDW Code NPWD331547

SSIL is registered as a small producer of batteries waste via the National Waste Packaging Database.

 


Stark Technical Services (STS)

 

Approved Contractor Scheme – NICEIC – 602190000

STS is certified as an Approved Contractor for category 10, 15 and 37 works by the National Inspection Council for Electrical Installation Contracting (NICEIC).

 

Gas Safe Register – Gas Safe – 583248

STS is registered via Gas Safe. The Gas Safe Register is the official list of businesses that are legally permitted to carry out gas work in the UK.

 

Code of Practice for Approved Meter Installers (AMICoP) – SPAA – 583248

STS is registered as an Approved Meter Installer under the Approved Meter Installers Code of Practice (AMICoP) that is governed by the Supply Point Administration Agreement (SPAA). AMICoP sets out the requirements for persons who install and/or maintain gas meter installations within the requirements of the Gas Safety (Installation and Use) Regulations (GSIUR).

 

ISO 9001: 2015 – United Registrar of Systems (UKAS 0043) – 38100/B/0004/UK/En

STS operates a Quality Management System (QMS) certified to ISO 9001:2015 by a UKAS-accredited certification body. This ISO specifies requirements for a QMS system which helps STS:

  1. Demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements
  2. Enhance customer satisfaction
  3. Address risks and opportunities relating to its QMS
  4. Demonstrate that it conforms to its requirements of its QMS

The QMS is operated as an integrated system with STS’s Health and Safety and Environmental Management Systems.

 

ISO 14001: 2015 – United Registrar of Systems (UKAS 0043) – 38100/D/0004/UK/En

STS operates an Environmental Management System (EMS) certified to ISO 14001:2015 by a UKAS-accredited certification body. This ISO provides STS with a framework to help protect the environment and respond to changing environmental conditions in balance with socio-economic needs. The EMS is operated as an integrated system with STS’s Quality and Health and Safety Management Systems.

 

ISO 45001:2018 (SSIP) – United Registrar of Systems (UKAS 0043) – 38100/E/0004/UK/En

STS operates an Occupational Health and Safety (OH&S) Management System certified to ISO 45001:2018 by a UKAS-accredited certification body. This standard provides STS with a framework for an OH&S Management System that achieves and demonstrates sound occupational health and safety performance by controlling its OH&S risks and fostering good OH&S practices.

The OH&S Management System is operated as an integrated system with STS’s Quality and Environmental Management System.

 

Waste Carrier Registration – Environment Agency – Registration CBDU212240

STS is registered as an Upper Tier Waste Carrier, Broker, Dealer via the Environment Agency Register.

 

Register of data protection fee payers – ICO – Registration number – ZA121500

STS is registered as a Data Controller and Data Processor with the Information Commissioner’s Office.

 


Stark Utility Funding Limited (SUFL)

 

Code of Practice for Gas Meter Asset Managers (MAMCoP) – SPAA – COV1724787

SUFL is a Gas Meter Asset Manager (MAM) certified under the Meter Asset Managers’ Code of Practice (MAMCoP) that is governed by the Supply Point Administration Agreement (SPAA). MAMCoP sets out the required duties of MAMs installing gas meters in the UK. Stark is certified to undertake works on category COV1724787 gas installations.

 

Register of data protection fee payers – ICO – Registration number – ZA302884

SUFL is registered as a Data Controller and Data Processor with the Information Commissioner’s Office.

Last updated
June 09, 2020

STS Data Protection Privacy Notice – Employment

This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you during your employment and after it ends. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information 

Stark Technical Services Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Software International Limited and Stark Utility Funding Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect the following information during your employment: 

  • Your name, contact details (i.e. address, home and mobile phone numbers, email address) and emergency contacts (i.e. name, relationship and home and mobile phone numbers); 
  • Information collected during the recruitment process that we retain during your employment; 
  • A photograph of you; 
  • Employment contract information; 
  • Details of salary and benefits, bank/building society, National Insurance and tax information, your age; 
  • Details of your spouse/partner and any dependants; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information; 
  • A copy of your driving licence if available; 
  • Details of your share incentive arrangements, and all information included in these and necessary to implement and administer them if applicable; 
  • Details of your pension arrangements, and all information included in these and necessary to implement and administer them; 
  • Information in your sickness and absence records and reports (including sensitive personal information regarding your physical and/or mental health); 
  • Criminal records information, including the results of Disclosure and Barring Service (DBS) checks; 
  • Information on grievances raised by or involving you; 
  • Information on conduct and/or other disciplinary issues involving you; 
  • Details of your appraisals and performance reviews; 
  • Details of your performance management/improvement plans (if any); 
  • Details of your time and attendance records; 
  • Information regarding your work output; 
  • Information in applications you make for other positions within our organisation; 
  • Information about your use of our IT, communication and other systems, and other monitoring information; 
  • Details of your use of business-related social media, such as LinkedIn; 
  • Your use of public social media (only in very limited circumstances, to check specific risks for specific functions within our organisation); and 
  • Details in references about you that we give to others. 

Some of the categories above may not apply to you if you are an agency worker or independent contractor. 

How we collect the information 

We may collect this information from you, your personnel records, the Home Office, share scheme administrators, pension administrators, your doctors, from medical and occupational health professionals we engage and from our insurance benefit administrators, the DBS, your trade union, other employees, consultants and other professionals we may engage, e.g. to advise us generally and/or in relation to any grievance, conduct appraisal or performance review procedure, automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, remote access systems, trading platforms, email and instant messaging systems, intranet and Internet facilities, telephones, voicemail and mobile phone records. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Data Protection Policy: 

  • for the performance of a contract of employment with you, or to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligations to you as your employer under employment protection and health safety legislation, and under statutory codes of practice, such as those issued by Acas); and 
  • for the purposes of our legitimate interests or those of a third party (such as a benefits provider), but only if these are not overridden by your interests, rights or freedoms. 

Further information on the monitoring we undertake in the workplace and how we do this is available in our Data Protection Guidance document, available from Document Manager or via request to commercial@stark.co.uk. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as external contractors and our professional advisers and with potential purchasers of some or all of our business or on a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. Information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold including those measures detailed in our Information Security and Data Protection Policy and guidance document which can be located via Document Manager or via request from the HR Team. 

How long we keep your information 

We keep your information during and after your employment for no longer than is necessary for the purposes for which the personal information is processed. Further details on this are available in our data protection guidance document that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact the Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask the Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that the Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint. 

Last Updated – October 2022

SSIL- Data Protection Privacy Notice – Employment

This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you during your employment and after it ends. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information? 

Stark Software International Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Technical Services Limited and Stark Utility Funding Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect the following information during your employment: 

  • Your name, contact details (i.e. address, home and mobile phone numbers, email address) and emergency contacts (i.e. name, relationship and home and mobile phone numbers); 
  • Information collected during the recruitment process that we retain during your employment; 
  • Employment contract information; 
  • A photograph of you; 
  • Details of salary and benefits, bank/building society, National Insurance and tax information, your age; 
  • Details of your spouse/partner and any dependants; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information; 
  • A copy of your driving licence if available; 
  • Details of your share incentive arrangements, and all information included in these and necessary to implement and administer them if applicable; 
  • Details of your pension arrangements, and all information included in these and necessary to implement and administer them; 
  • Information in your sickness and absence records and reports (including sensitive personal information regarding your physical and/or mental health); 
  • Criminal records information, including the results of Disclosure and Barring Service (DBS) checks; 
  • Information on grievances raised by or involving you; 
  • Information on conduct and/or other disciplinary issues involving you; 
  • Details of your appraisals and performance reviews; 
  • Details of your performance management/improvement plans (if any); 
  • Details of your time and attendance records; 
  • Information regarding your work output; 
  • Information in applications you make for other positions within our organisation; 
  • Information about your use of our IT, communication and other systems, and other monitoring information; 
  • Details of your use of business-related social media, such as LinkedIn; 
  • Your use of public social media (only in very limited circumstances, to check specific risks for specific functions within our organisation); and 
  • Details in references about you that we give to others. 

Some of the categories above may not apply to you if you are an agency worker or independent contractor. 

How we collect the information 

We may collect this information from you, your personnel records, the Home Office, share scheme administrators, pension administrators, your doctors, from medical and occupational health professionals we engage and from our insurance benefit administrators, the DBS, your trade union, other employees, consultants and other professionals we may engage, e.g. to advise us generally and/or in relation to any grievance, conduct appraisal or performance review procedure, automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, remote access systems, trading platforms, email and instant messaging systems, intranet and Internet facilities, telephones, voicemail and mobile phone records. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Data Protection Policy: 

  • for the performance of a contract of employment with you, or to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligations to you as your employer under employment protection and health safety legislation, and under statutory codes of practice, such as those issued by Acas); and 
  • for the purposes of our legitimate interests or those of a third party (such as a benefits provider), but only if these are not overridden by your interests, rights or freedoms. 

Further information on the monitoring we undertake in the workplace and how we do this is available in our Data Protection Guidance document, available from Document Manager. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as external contractors and our professional advisers and with potential purchasers of some or all of our business or on a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. Information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold including those measures detailed in our Information Security and Data Protection Policy and guidance document which can be located via Document Manager or via request from the HR Team. 

How long we keep your information 

We keep your information during and after your employment for no longer than is necessary for the purposes for which the personal information is processed. Further details on this are available in our data protection guidance document that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact the Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask the Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that the Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint. 

SUFL Data Protection Privacy Policy – Employment

This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you during your employment and after it ends. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

Who collects the information? 

Stark Utility Funding Limited (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. This information is also used by our affiliated entities and group companies, which includes Stark Technical Services Limited and Stark Software International Limited (our ‘group companies’) and so, in this notice, references to ‘we’ or ‘us’ mean the Company and our group companies. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information, as set out in our Data Protection Policy. 

About the information we collect and hold 

What information 

We may collect the following information during your employment: 

  • Your name, contact details (i.e. address, home and mobile phone numbers, email address) and emergency contacts (i.e. name, relationship and home and mobile phone numbers); 
  • Information collected during the recruitment process that we retain during your employment; 
  • A photograph of you; 
  • Employment contract information; 
  • Details of salary and benefits, bank/building society, National Insurance and tax information, your age; 
  • Details of your spouse/partner and any dependants; 
  • Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information; 
  • A copy of your driving licence if available; 
  • Details of your share incentive arrangements, and all information included in these and necessary to implement and administer them if applicable; 
  • Details of your pension arrangements, and all information included in these and necessary to implement and administer them; 
  • Information in your sickness and absence records and reports (including sensitive personal information regarding your physical and/or mental health); 
  • Criminal records information, including the results of Disclosure and Barring Service (DBS) checks; 
  • Information on grievances raised by or involving you; 
  • Information on conduct and/or other disciplinary issues involving you; 
  • Details of your appraisals and performance reviews; 
  • Details of your performance management/improvement plans (if any); 
  • Details of your time and attendance records; 
  • Information regarding your work output; 
  • Information in applications you make for other positions within our organisation; 
  • Information about your use of our IT, communication and other systems, and other monitoring information; 
  • Details of your use of business-related social media, such as LinkedIn; 
  • Your use of public social media (only in very limited circumstances, to check specific risks for specific functions within our organisation); and 
  • Details in references about you that we give to others. 

Some of the categories above may not apply to you if you are an agency worker or independent contractor. 

How we collect the information 

We may collect this information from you, your personnel records, the Home Office, share scheme administrators, pension administrators, your doctors, from medical and occupational health professionals we engage and from our insurance benefit administrators, the DBS, your trade union, other employees, consultants and other professionals we may engage, e.g. to advise us generally and/or in relation to any grievance, conduct appraisal or performance review procedure, automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, remote access systems, trading platforms, email and instant messaging systems, intranet and Internet facilities, telephones, voicemail and mobile phone records. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our Data Protection Policy: 

  • for the performance of a contract of employment with you, or to take steps to enter into a contract; 
  • for compliance with a legal obligation (e.g. our obligations to you as your employer under employment protection and health safety legislation, and under statutory codes of practice, such as those issued by Acas); and 
  • for the purposes of our legitimate interests or those of a third party (such as a benefits provider), but only if these are not overridden by your interests, rights or freedoms. 

Further information on the monitoring we undertake in the workplace and how we do this is available in our Data Protection Guidance document, available from Document Manager. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it. 

How we may share the information 

We may also need to share some of the above categories of personal information with other parties, such as external contractors and our professional advisers and with potential purchasers of some or all of our business or on a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information with our regulators or as required to comply with the law. 

Where information may be held 

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. Information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold including those measures detailed in our Information Security and Data Protection Policy and guidance document which can be located via Document Manager or via request from the HR Team. 

How long we keep your information 

We keep your information during and after your employment for no longer than is necessary for the purposes for which the personal information is processed. Further details on this are available in our data protection guidance document that gives these details. 

Your rights to correct and access your information and to ask for it to be erased 

Please contact the Security Team (security@stark.co.uk) if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask the Security Team for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our Security Team will provide you with further information about the right to be forgotten, if you ask for it. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

How to complain 

We hope that the Security Team can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint. 

Last Updated: October 2022

Regulatory policies

Transportation Charging Statement

Customer Code of Practice

Connection Charging Methodology and Statement

Stark Infra IDNO Regulatory Schedules of charges and other tables 2024-2025

Stark Infra IDNO Regulatory Schedules of charges and other tables 2025-2026

Stark Infra STRK Use of System Methodology Statement 2024

Stark Infra STRK Use of System Charging Statement 2024-5

Stark Infra STRK Statement of Methodology and Charges for Connection 2024

Stark Infra STRK MPAS Charges Statement 2024

Stark Infra STRK Customer Code of Practice 2024

Stark – Modern Slavery Policy

1. Purpose Scope & Users

What is slavery?

1.1 The Modern Slavery Act (MSA) 2015 covers four activities:

  • Slavery – Exercising powers of ownership over a person
  • Servitude – The obligation to provide services is imposed by the use of coercion
  • Forced or compulsory labour – Work or services are exacted from a person under the menace of any penalty and for which the person has not offered themselves voluntarily
  • Human trafficking – Arranging or facilitating the travel of another person with a view to their exploitation

1.2 This policy covers all four activities.

2. How is it relevant to us?

2.1 Modern slavery is a complex and multi-faceted crime and tackling it requires all of us to play a part. At first glance, you may think this whole subject is irrelevant to us, but it’s not.

2.2 At a very basic level, of course preventing exploitation and human trafficking, and protecting our workforce and reputation makes good business sense.

2.3 The MSA 2015 recognises the important part businesses can and should play in tackling slavery and encourages them to do more.

2.4 With this in mind, we need to pay particularly close attention to:
2.4.1 our supply chain
2.4.2 any outsourced activities, particularly to jurisdictions that may not have adequate safeguards
2.4.3 cleaning and catering suppliers

3. Responsibilities

3.1 Stark, our managers and colleagues have responsibilities to ensure our fellow workers are safeguarded, treated fairly and with dignity.

3.2 Everyone must observe this policy and be aware that turning a blind eye is unacceptable and simply not an option.

3.3 Stark’s responsibilities
3.3.1 We will:
(a) maintain clear policies and procedures preventing exploitation and human trafficking, and protecting our workforce and reputation;
(b) be clear about our recruitment policy (see Recruitment);
(c) check our supply chains (see Supply chains);
(d) lead by example by making appropriate checks on all employees, recruitment agencies, suppliers, etc to ensure we know who is working for us;
(e) ensure we have in place an open and transparent grievance process for all staff;
(f) seek to raise awareness so that our colleagues know what we are doing to promote their welfare; and
(g) make a clear statement to demonstrate that we take our responsibilities to our employees and our clients seriously (see Anti-slavery statement)

3.4 Manager responsibilities
3.4.1 Managers will:
(a) listen and be approachable to colleagues;
(b) respond appropriately if they are told something that might indicate a colleague or any other person is in an exploitative situation;
(c) remain alert to indicators of slavery (see Identifying slavery);
(d) raise the awareness of our colleagues, by discussing issues and providing training, so that everyone can spot the signs of trafficking and exploitation and know what to do; and
(e) use their experience and professional judgement to gauge situations.

3.5 Colleagues
3.5.1 We all have responsibilities under this policy. Whatever your role or level of seniority, you must:
(a) keep your eyes and ears open—if you suspect someone (a colleague or someone in our supply chain) is being controlled or forced by someone else to work or provide services, follow our reporting procedure (see Reporting slavery);
(b) follow our reporting procedure if a colleague tells you something you think might indicate they are or someone else is being exploited or ill-treated; and
(c) tell us if you think there is more we can do to prevent people from being exploited.

4. The risks

4.1 The principal areas of risk we face, related to slavery and human trafficking, include:
4.1.1 supply chains;
4.1.2 recruitment through agencies; an
4.1.3 general recruitment.

4.2 We manage these risk areas through our procedures set out in this policy and elsewhere.

5. Our procedures

5.1 Anti-slavery statement

5.1.1 We make a clear statement setting out the steps we have taken to ensure slavery and human trafficking is not taking place in our supply chains and to demonstrate that we take our responsibilities to our employees, people working within our supply chain and our clients seriously.

5.1.2 We make this statement through this policy and others. This policy sets out the key risk areas we face and our approach to avoiding and preventing modern slavery.

5.1.3 Our statement
Stark is a data champion. We serve over 30,000 non-domestic customers across all sectors of the UK economy. We deliver significant value to energy suppliers, industrial and commercial companies, public sector organisations, and energy and procurement consultants.
Stark is committed to helping to combat modern slavery, servitude, human trafficking, forced labour, and child labour. Stark has a zero-tolerance approach to any form of child labour, modern slavery, and people trafficking. We operate a number of policies to ensure that we are conducting business in an ethical and transparent manner, including:

1. Anti-slavery and child labour policy which sets out our stance on modern slavery, forced labour, and child labour and explains how employees should report any concerns.

2. Recruitment & Selection policy which includes conducting eligibility to work in the UK checks for all employees in an effort to ensure individuals are not being forced to work against their will, and use of only specified and reputable employment agencies/sources of labour to source employees.

3. Whistleblowing policy ensuring that employees know that they can raise concerns about how colleagues are being treated, or practices within our business or supply chain, without fear of reprisals.

4. Employee Code of Conduct which makes clear to employees the actions and behaviour expected of them when representing our organisation. We strive to maintain the highest standards of employee conduct and ethical behaviour when operating abroad and managing its supply chain.

5. Anti- Corruption Policy which sets out our commitment to applying the highest standards of ethical conduct and integrity in all our business activities.

5.2 Supply chains
5.2.1 We thoroughly check supply chains to ensure the potential for slavery and human trafficking is significantly reduced.

5.2.2 We tell the companies we do business with that we are not prepared to accept any form of exploitation.

5.2.3 All our supplier contracts contain an anti-slavery clause. This clause, which flows down through all layers of our supply chain, prohibits suppliers and their employees from engaging in slavery or human trafficking.

5.2.4 We ensure we can account for each step of our supply processes—we know who is providing goods and services to us and we have mechanisms and processes in place to check, including:
(a) supplier mapping;
(b) risk assessing suppliers; and
(c) auditing suppliers.

5.3 Recruitment

5.3.1 Using agencies
(a) Our HR department only uses agreed specified reputable recruitment agencies.
(b) To ensure the potential for slavery and human trafficking is reduced as far as possible, we thoroughly check recruitment agencies before adding them to our list of approved agencies. This includes:
(i) conducting background checks;
(ii) investigating reputation;
(iii) ensuring the staff an agency provides have the appropriate paperwork (eg work visas);
(iv) ensuring the agency provides assurances that the appropriate checks have been made on the person they are supplying; and
(c) We keep agents on the list under regular review, at least every 3 years.

5.3.2 General recruitment
(a) We always ensure all staff have a written contract of employment and that they have not had to pay any direct or indirect fees to obtain work;
(b) We always ensure staff are legally able to work in the UK;
(c) We check the names and addresses of our staff (a number of people listing the same address may indicate high shared occupancy, often a factor for those being exploited); and
(d) We provide information to all new recruits on their statutory rights including sick pay, holiday pay and any other benefits they may be entitled to.

5.4 If, through our recruitment process, we suspect someone is being exploited, the HR department will follow our reporting procedures.

6. Identifying slavery

6.1 There is no typical victim and some victims do not understand they have been exploited and are entitled to help and support.

6.2 However, the following key signs could indicate that someone may be a slavery or trafficking victim:
6.2.1 the person is not in possession of their own passport, identification or travel documents;
6.2.2 the person is acting as though they are being instructed or coached by someone else;
6.2.3 they allow others to speak for them when spoken to directly;
6.2.4 they are dropped off at and collected from work;
6.2.5 the person is withdrawn or they appear frightened;
6.2.6 the person does not seem to be able to contact friends or family freely; and
6.2.7 the person has limited social interaction or contact with people outside their immediate environment.

6.3 This list is not exhaustive.

6.4 Remember, a person may display a number of the trafficking indicators set out above but they may not necessarily be a victim of slavery or trafficking. Often you will build up a picture of the person’s circumstances which may indicate something is not quite right.

6.5 If you have a suspicion, report it.

7. Reporting slavery

7.1 Talking to someone about your concerns may stop someone else from being exploited or abused.

7.2 If you think that someone is in immediate danger, dial 999.

7.3 Any employee who suspects a Modern Slavery situation either home or at work is encouraged to report it to the Police or via the Modern Slavery Helpline.

7.4 Not all victims may want to be helped and there may be instances where reporting a suspected trafficking case puts the potential victim at risk, so it is important that in the absence of an immediate danger, you discuss your concerns first with a member of the HR Department before taking any further action.

8. Training

8.1 We provide specialist training to those staff members who are involved in managing recruitment and our supply chains.

8.2 Mandatory and refresher training for all Stark employees on employment includes Equality Diversity & Inclusion and Unconscious Bias awareness training.

8.3 Online Modern Slavery Training is issued to all employees involved with Supply Chain management.

8.4 Awareness of Modern Slavery will have a Stark internal SharePoint page from Autumn 2023.

9. Monitoring our procedures

9.1 We will review our Anti-slavery policy regularly, at least annually. We will provide information and/or training on any changes we make.

Last reviewed
October 10, 2023

Stark