Transparency about how we protect your data, our security practices, and our commitment to compliance.
A summary of the data categories we process and our approach to handling each type.
Name, email, phone, login credentials (hashed), support requests
Business name/address/type, meter identifiers (MPAN/MPRN), consumption data, tariff information
Uploaded energy bills, contracts, signed Letters of Authority (LoA), signed energy contracts
IP address, device info, timestamps, request IDs, audit trails, event logs
Cookie IDs, consent records, page views, interactions (with consent)
Collected only for Direct Debit setup, deleted after supplier submission
Health, racial origin, political opinions, religious beliefs, etc. - not intentionally collected
We are B2B only - domestic consumers cannot use the service
We collect bank details (account number, sort code, bank name) only to submit to energy suppliers for Direct Debit setup. We delete bank details once submitted to the supplier, subject only to short-lived technical processing needs (e.g. retry windows).
We do not intentionally store bank details in logs.
Under UK GDPR, we process data under the following legal bases:
Processing necessary to provide the switching service you've requested
Service security, fraud prevention, operational improvements (with LIAs documented)
Marketing emails and non-essential cookies (withdrawable at any time)
Where required for tax, regulatory, or legal compliance
For full details, see our Privacy Policy.
Questions about our security or privacy practices? Contact us at privacy@meetgeorge.co.uk
