Technik Energy Portal

Privacy Policy

Last updated: 28 May 2026

1. Introduction

This Privacy Policy explains how Technik processes personal information when users access and use the Technik Energy Portal. The portal is used to manage building energy, utility, tenant reporting, alarms, exports, user access and related operational data.

This policy applies to users of the Technik Energy Portal, including super administrators, client or landlord administrators, building users, tenant users and authorised operational users.

2. Information We Collect, Receive and Create

2.1 Information we collect directly

We may collect personal information provided directly by users, client administrators, super administrators or authorised customer representatives. This may include name, email address, username, company or client name, landlord or managing agent name, tenancy or tenant account name, role, access permissions, account status, building assignments, tenant assignments, billing references, logo uploads, alarm recipient details, meter allocation settings and report configuration.

2.2 Account and authentication information

We may process account and security information such as login details, authentication events, password reset or invitation status, temporary password email records, multi-factor authentication status, account lifecycle status, session records and audit logs.

2.3 Technical and usage information

When the portal is used, certain information may be collected automatically for security, diagnostics and service operation. This may include login attempts, session activity, pages or actions accessed, audit events, IP address, browser type, device type, operating system, user agent, timestamps, access logs, security logs and error or diagnostic information.

An IP address can reveal approximate geolocation information, such as country, region, city or network provider, and may therefore be personal data or potentially identifiable information.

2.4 Information received from customer systems or imports

The portal may receive information from customer-provided files, utility data sources, CSV imports, meter exports or connected operational systems. This may include building names, tenant names, tenancy references, meter identifiers, utility readings, consumption metrics, alarm events, import records and reporting data.

2.5 Building, tenancy and utility information

The portal may process information about clients, landlords, buildings, tenants, tenancy references, meter allocations, utility meters, consumption readings, alarms, reports, imports and exports. Some of this information may relate to a company, tenant, occupier or named user and may be connected to an identifiable account.

3. Sensitive Personal Information

The portal is not designed to collect sensitive personal information such as health information, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric information, criminal offence data or information about sex life or sexual orientation.

Users must not enter sensitive personal information into free-text fields, support messages, notes, uploads or configuration areas unless specifically authorised and necessary. If sensitive personal information is provided unexpectedly, it will only be used where necessary to operate the service, comply with legal obligations, protect the platform, respond to the request or follow the instructions of the relevant customer or controller.

4. How We Use Information

4.1 Service operation

Information is used to provide and secure the portal, authenticate users, apply role-based permissions, display energy and utility reporting, manage client and tenant access, allocate meters, monitor alarms, generate reports and exports, troubleshoot issues, maintain audit logs and support service administration.

4.2 Security, reliability and support

Information may also be used to maintain the reliability of the service, investigate suspected misuse, detect unauthorised access, support customer administration, improve operational workflows and confirm that emails, invitations, exports or alarm notifications have been generated correctly.

5. Emails and Service Notifications

5.1 Emails generated by the portal

The portal may generate and send emails to users or authorised recipients. These emails may include account invitations, temporary passwords, password or security notices, multi-factor authentication or access messages, alarm notifications, report-related messages and other operational service communications.

5.2 Email records

Email-related information may include the recipient email address, recipient name, message type, delivery timestamp, sending status, related account, client, building, tenant, alarm or report reference and audit information. Email records may be logged for security, audit, troubleshooting and delivery confirmation purposes.

5.3 Essential service emails

Some service-related emails are necessary for the operation and security of the portal. Users cannot opt out of essential account, security, access or alarm communications while they continue to use the service. Marketing emails, if used, include an unsubscribe option.

6. Cookies and Similar Technologies

6.1 Necessary cookies and browser storage

The portal may use cookies or similar browser storage technologies where they are necessary to provide the service. For example, cookies may be used to keep users signed in, maintain secure sessions, remember interface preferences such as light or dark mode, support security controls and protect against unauthorised access.

6.2 Session and persistent cookies

Cookies may include session cookies that expire when the browser session ends and persistent cookies or local storage items that remain for longer to remember preferences or support secure access. These necessary cookies are used to operate the portal and are not intended for advertising or behavioural marketing.

6.3 Managing cookies

Users may be able to manage or block cookies through their browser settings. Blocking necessary cookies may prevent the portal from working correctly, including sign-in, session security, preference storage and access-controlled features.

6.4 Optional cookies

Optional analytics, advertising, tracking or other non-essential cookies are not currently used. If they are added in the future, they will only be used where appropriate information and any required consent choices are provided. Users can record their cookie preference from the notice shown on the login page.

7. Legal Basis and UK GDPR

7.1 Lawful bases

Where UK GDPR applies, personal information may be processed under one or more lawful bases, depending on the context. These may include performance of a contract, compliance with legal obligations, legitimate interests, consent where required, or another lawful basis notified by the relevant customer or controller.

7.2 Legitimate interests

Legitimate interests may include providing and improving the portal, maintaining security, preventing misuse, supporting customers, managing user access, keeping audit records, troubleshooting issues and operating energy, utility, alarm and reporting services.

8. Controller and Processor Roles

Depending on the customer agreement and the way the portal is used, Technik may act as a processor for personal information processed on behalf of a client, landlord, managing agent, building operator or other customer. In some circumstances, Technik may act as a controller for information it processes for its own business, security, administration, legal or service management purposes.

Where a customer controls the information entered into the portal, that customer is responsible for deciding the purposes and lawful basis for processing that information. Users can contact their employer, landlord, managing agent, building operator or customer administrator for certain privacy requests.

9. Access and Permissions

Portal access is controlled by role-based permissions. Users must only access information that they are authorised to view for their client, building, landlord or tenant account. Administrators are responsible for ensuring that user access remains appropriate.

10. Sharing Information

10.1 Authorised users and administrators

Personal information may be shared with authorised users within the portal and customer administrators where necessary to provide the service and manage access.

10.2 Service providers and subprocessors

Technik may use trusted service providers to host, operate, secure and support the portal. These may include hosting providers, database providers, infrastructure providers, email delivery services, monitoring services, backup providers, support tooling and other technical suppliers. These providers process personal information only as needed to provide their services and are subject to appropriate contractual and security obligations.

10.3 Legal and security disclosures

Information may also be shared where required by law, regulation, court order, contractual obligation, security investigation or where necessary to protect the rights, property or safety of Technik, customers, users or others.

10.4 No sale of personal information

We do not sell personal information.

11. International Transfers

Personal information may be stored or processed in the United Kingdom, the European Economic Area or other countries where Technik, customers or service providers operate. Where personal information is transferred internationally, appropriate safeguards are used where required, such as contractual protections, adequacy decisions, standard contractual clauses or other lawful transfer mechanisms.

12. Business Transfers

If Technik is involved in a merger, acquisition, restructuring, sale of assets, financing, insolvency or similar business transaction, information processed by the portal may be transferred or disclosed as part of that transaction, subject to appropriate confidentiality and data protection safeguards.

13. Security and Breach Handling

13.1 Security measures

Technik applies security controls such as authenticated access, role-based permissions, audit logging, session controls and infrastructure safeguards. Users are responsible for keeping their credentials secure and reporting suspected unauthorised access.

13.2 No absolute guarantee

No online service can be guaranteed to be completely secure. Users are responsible for using strong passwords, protecting access to their email accounts and notifying the relevant administrator or Technik representative if they believe their account or data may have been compromised.

13.3 Breach handling

If Technik becomes aware of a personal data breach affecting users, it will take appropriate steps to investigate, contain and respond to the incident. Where required, Technik or the relevant controller may notify affected users, customers, regulators or other parties in accordance with applicable law.

14. Data Processing and Retention

Account, operational, audit, import, export, alarm and reporting data may be retained for as long as required to provide the service, meet contractual obligations, resolve issues, maintain security records and comply with legal or regulatory requirements. Retention periods may vary depending on the type of data and the relevant customer agreement.

Some information is retained after an account is disabled or deleted, including audit logs, security records, import history, contractual records or information required to maintain reporting integrity.

15. Automated Calculations and Profiling

The portal may automatically calculate energy usage, trends, meter comparisons, alarm events, access status and reporting insights based on available data. These calculations are intended to support operational review and reporting. The portal does not make solely automated legal or similarly significant decisions about individuals without appropriate human review.

16. Analytics, Diagnostics and Do-Not-Track Signals

The portal may use operational diagnostics, security logging and service monitoring to maintain reliability and investigate issues. Analytics tools, if used, are configured for service improvement and operational insight rather than advertising.

Some browsers provide "Do Not Track" signals. There is no consistent industry standard for responding to these signals. The portal will continue to use cookies and similar technologies that are necessary for authentication, security and core service functionality.

17. Your Rights

17.1 Rights that may apply

Depending on applicable law and circumstances, individuals may have rights to request access to their personal information, correction of inaccurate information, deletion, restriction, objection to processing or portability. Individuals may also have the right to withdraw consent where processing is based on consent, object to certain automated processing, and not be treated unfairly for exercising their rights.

17.2 Privacy request verification

Requests must include enough information to identify the relevant account, client, building, tenant or user record. Technik or the relevant customer may verify the identity and authority of the requester before acting on a request. If a request is made on behalf of another person, evidence of authorisation may be required.

17.3 Limits on requests

Some requests are handled by the customer or organisation that controls the relevant account or building data. Some information is retained where required for security, audit, contractual, legal or operational reasons.

18. Changing Account Information and Preferences

Users or administrators may be able to update certain account details, preferences, user access settings, notification recipients and configuration information within the portal. Some changes are made by a super administrator, client administrator or Technik representative.

19. Complaints

Users may contact Technik or the relevant customer administrator with privacy concerns. Individuals may also have the right to complain to a data protection supervisory authority. In the United Kingdom, this is the Information Commissioner's Office.

20. Children

The portal is intended for business, landlord, building management and tenant administration use. It is not directed at children and is not for use by children. If Technik becomes aware that a child has been given access to the portal in error, appropriate steps may be taken to remove or restrict that access.

21. Changes to This Policy

This Privacy Policy may be updated from time to time to reflect changes to the portal, legal requirements, security practices or operational processes. The updated version will be made available through the portal and the "Last updated" date will be revised.

If changes materially affect how personal information is processed, additional notice may be provided where appropriate or required.

22. Contact

For privacy questions, requests for information, data protection requests or concerns, contact Technik at [email protected].