Home Energy Tailor

Privacy Policy

Last updated: 25 March 2026

1. Data Controller

Home Energy Tailor ("we", "us", "our") is the data controller for personal data collected through this service. Contact: [email to be confirmed].

2. What Data We Collect

  • Survey responses: Property details, energy systems, postcode, vehicle information (voluntary)
  • Contact information: Email address (only if you register, save progress, or join the waitlist)
  • Technical data: IP address, browser type, session identifiers (essential cookies only)
  • Payment data: Processed securely by Stripe — we never see or store your card details

3. Why We Collect It

  • To generate your personalised energy report (contract/legitimate interest)
  • To send your save-and-return link (consent)
  • To process voluntary donations (contract)
  • To connect you with installers when you request quotes (consent)
  • To improve the service through aggregated, anonymised analytics (legitimate interest)

4. Legal Basis

We process your data under UK GDPR on the basis of: (a) your consent where explicitly given, (b) performance of a contract when you use the service, and (c) our legitimate interests in improving the service and preventing fraud.

5. Data Retention

We retain personal data for a maximum of 24 months from your last interaction. Anonymous survey data may be retained indefinitely for statistical purposes. You can request deletion at any time.

6. Data Sharing

We share your data only with: (a) installer partners when you explicitly request a quote, (b) Stripe for payment processing, (c) our hosting provider (Vercel) as a data processor. We do not sell your data.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

Use the self-service deletion feature in your account, or contact us directly.

8. Complaints

If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk.

9. Security

We use TLS encryption in transit, encrypted database fields for sensitive personal data, and follow OWASP security best practices. See our security.txt for vulnerability disclosure.