Privacy Policy


The Energy Company Obligation scheme (ECO) is part of a range of policies enacted by the government of the United Kingdom to provide affordable warmth for people in fuel poverty and to transition to a low carbon economy. The scheme mandates large energy suppliers to provide funding to enable energy efficiency improvements to be made to domestic homes subject to certain qualifying criteria.

BidConnecter is a boutique company specialising in serving the needs of the Energy Company Obligation (ECO3) market.

We are a Managing Agent for ECO3 funding and provide our installer network with a wide range of ECO3 funding for heating and insulation measures including boiler replacement and all the major types of insulation measures. We offer our installer network full delivery support and a complete compliance wrap. We also provide lead generation services through our website.

The Policy

This privacy policy notice is for this website - and and is served by BidConnecter Limited, a company registered in the United Kingdom with the registration number 09358176. The company’s registered address is: 4 River Terrace, The Slipe, Arundel, West Sussex and operates from A2 Yeoman Gate, Yeoman Way, Worthing, West Sussex, BN13 3QZ. This policy governs the privacy of users of this website, the information it collects and how the company handles and uses that information. Its goal is to ensure compliance with all legal and regulatory obligations and to operate in a fair and transparent way providing relevant information to all interested parties. If you do not agree with the following policy you may wish to cease viewing / using this website.

Policy key definitions

 ● "The Company","I", "our", "us", or "we" refer to the business, My Home Energy Grant and BidConnecter Limited.
 ● "you", "the user" refer to the person(s) using this website.
 ● GDPR means General Data Protection Act
 ● PECR means Privacy & Electronic Communications Regulation
 ● ICO means Information Commissioner's Office
 ● Cookies mean small files stored on a user’s computer or device

Personal data we collect

 ● Name
 ● Contact details – telephone and email
 ● For identified customers, we captured and retain information and documents related to the services and products we supply.

Processing and sharing your personal data

Under the GDPR (General Data Protection Regulation) we control and process personal information about you electronically using the following lawful basis.

We are registered with the ICO under the Data Protection Register. Our registration number is: ZA300552.

We use the personal data provided to contact users who have submitted their personal details in order to discuss with them the services our company provides and other salient information they may require. As part of the facility to submit personal details, users will be required to accept our Privacy Policy.

Should you enter into a commercial relationship with us you will be required to sign our client contract which contains different terms and conditions relating to data protection. This is because there are additional data protection requirements related to ECO Obligation not required by those users simply enquiring about BidConnecter and it services.

Additionally, we periodically send an electronic newsletter via email to users who have submitted their email addresses to us who have opted in to receiving communication from us. Within each newsletter we send is the ability to opt out and no longer receive communications from us. We do not share email addresses with anyone else - ever.

Retaining your personal data

We retain data for no longer than is necessary for us to comply with the applicable data protection laws. If a user shares personal details with us but does not become a client we will remove their details from our systems after one year. For those users who become clients, the terms of this Privacy Policy will be superseded by those of the Client Contract. This is because there are data retention requirements implicit within the ECO Obligation that we must comply with.


We do not share email addresses with anyone else. Users who register with our website can unsubscribe from our newsletters at any time and be removed from our system. Users who register an interest in BidConnecter and its services but do not subsequently go on to become clients will have their personal details removed from our system after one year. Clients who sign our Client Agreement will be agreeing to the additional data retention requirements it contains.

Your rights

Under the GDPR your rights are as follows:
 ● the right to be informed
 ● the right of access
 ● the right to rectification
 ● the right to erasure
 ● the right to restrict processing
 ● the right to data portability
 ● the right to object
 ● the right not to be subject to automated decision-making including profiling

You also have the right to complain to the ICO [] if you feel there is a problem with the way we are handling your data.

Contact details of data controller

In the event of the need to raise an issue or if you have any queries relating to this privacy policy please contact the data controller.

Contact Details

A2 Yeoman Gate
Yeoman Way
West Sussex
BN13 3QZ

Tel: 01903 863250

Internet cookies

Cookies are small text files placed on a computer or device to record interactions with websites. We use cookies on the website to enhance the user experience. Additional information about cookies can be found at Wikipedia Entry on Internet Cookies

Data security, storage and protection

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

Response to a data breach

We place the highest priority on the security of our systems and the information they hold. We have implemented strict procedures and provided comprehensive training to ensure the integrity of our systems.

A data breach is defined as the unauthorised accessing of information held by us on our systems by a third-party without the permission us. A data breach includes but is not necessarily confined to information being downloaded externally from our systems. Unauthorised amendment or deletion of information also constitutes a data breach. The act of unauthorised viewing of information held by us is also considered to be a data breach.

A Data Breach Response Process has been implemented as part of a suite of measures related to information security. Should a data breach occur we will implement our Data Breach Response Process.

It has the following steps:

 1) Investigate the nature of the breach
 2) Prevent additional breaches
 3) Communicate details of breach to stakeholders including customers and the Information Commissioner’s Office
 4) Document details of the breach and restorative action to ensure all relevant information is captured

Our Data Breach Response Process aims to resolve all issues within 72 hours. An emphasis is placed on informing our customers as soon as possible in the event of a data breach so that they may take any actions they deem necessary.

Download Privacy Policy (PDF Format)