Privacy Policy | Enlighten Services – Data Protection & GDPR Compliance

1. Introduction
Enlighting Limited (“we”, “us”, “our”) is an electrical contracting and facilities services company operating across the UK. We provide electrical installation, testing, inspection, maintenance, emergency response and related technical services.
We are committed to protecting the privacy and security of all individuals whose personal data we process, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This Privacy Policy explains:
– what personal data we collect;
– how we use it; – who we share it with;
– how we store and protect it;
– your rights under UK data protection law.

2. Data Controller
Enlighting Limited 11 Phoenix Road, Crowther Industrial Estate, Washington, Tyne & Wear, NE38 0AD
Company No: 07189259
Email: info@enlightinglimited.com

3. What Personal Data We Collect
3.1 Client and business contact information
– Name and job title
– Email address and phone number
– Business address
– Site locations and access information
– Project correspondence
– Job photographs and evidence for reports, EICRs, surveys and maintenance records
3.2 Supplier and subcontractor data
– Contact details
– Insurance information
– Competency documentation
– Bank details where required for payment
3.3 Employee and applicant data
(covered fully in our separate Staff Privacy Notice)
– Employment information
– Training and competency records
– Emergency contacts
3.4 Operational data
– JobLogic, CRM and scheduling information
– RAMS documentation
– Vehicle location (if telematics are used)
– CCTV footage where installed
– Emergency response logs
We do not routinely collect special category data unless legally required—for example, accident or incident reports.

4. Lawful Bases for Processing
We process personal data under the following lawful bases:
– Contract
– Legitimate Interests
– Legal Obligation
– Consent

5. How We Use Personal Data
– Managing client relationships and delivering agreed services
– Job scheduling, site access and service reporting
– Producing testing documentation (EICRs, PAT, thermal imaging, job sheets, maintenance reports)
– Health & safety compliance
– Financial administration and invoicing
– Contract management with suppliers and subcontractors
– Security and fraud prevention
– Responding to emergencies and incident management

6. Data Sharing and Third Parties
We may share data with trusted third parties such as:
– JobLogic
– Microsoft 365
– Accountants and payroll providers
– Insurers and health & safety consultants
– Subcontractors working on your site
– Payment processors
– IT support and secure data-hosting providers

7. International Transfers
Data stored or processed outside the UK is handled under adequacy regulations or SCCs.

8. Data Retention
– Financial records – 6 years
– Testing, inspection and safety documentation – 7 years
– Project files – up to 7 years
– CCTV – usually 30–90 days
– Personnel records – per statutory requirements

9. Data Security
We apply technical and organisational measures including encryption, MFA, staff training, secure disposal, and restricted access controls.

10. Your Rights Under UK GDPR
You have the right to:
– Access your data
– Rectification
– Erasure
– Restrict or object to processing
– Data portability
– Withdraw consent
– Complain to the ICO

11. Cookies and Website Data
Our website may use minimal cookies. A separate Cookie Policy applies.

12. Changes to This Policy
We may update this policy as required. The latest version will always be published.