Privacy Policy

Primavera Energy is committed to protecting your privacy and handling your personal data responsibly. This notice explains how we collect, use, and store information in connection with our services, including Domestic Energy Assessments (DEAs), Non-Domestic Energy Assessments (NDEAs), and Fire Risk Assessments (FRAs).

Who We Are

Primavera Energy is a limited company providing professional property assessment services, including DEAs, NDEAs, and FRAs. We act as a Data Controller for the information we collect in delivering these services.

If you have any questions about this notice or your data, you can contact us at:
Email: info@primavera-energy.com
Address:  71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

What Information We Collect

To carry out assessments and issue reports/certificates, we collect the following types of information:

Contact details – name, address, phone number, email.

Property details – address, layout, construction details, heating/insulation systems, energy performance data, and other features relevant to the assessment.

Photographic evidence – images of the property to verify observations (these are limited to technical purposes).

Access arrangements – where applicable, information required to arrange inspections.

For Fire Risk Assessments (FRAs), we may also collect:

Information relating to occupancy and use of the building.

Details of fire safety provisions and management practices.

Why We Collect Data

We collect and process your data to:

Conduct and complete legally required energy assessments (DEAs and NDEAs).

Produce and lodge Energy Performance Certificates (EPCs) on the national register.

Prepare and deliver Fire Risk Assessments.

Maintain compliance with regulatory, insurance, and professional body requirements.

Respond to queries, provide advice, and manage business records.

Lawful Basis for Processing

Our processing is based on:

Legal obligation – lodging EPCs on the national register (a statutory requirement).

Contract – providing the service you have requested.

Legitimate interests – maintaining records for professional standards, audit, and insurance purposes.

How Long We Keep Data

DEAs and NDEAs – Assessment records, including site notes and photographs, are retained for a minimum of 15 years in line with industry requirements for audit and quality assurance.

FRAs – Assessment records are retained for at least 6 years (or longer if required under regulatory/insurance obligations).

General enquiries – Contact details provided without commissioning a service are retained for no longer than 12 months.

Who We Share Data With

We only share data when necessary:

With the EPC Register (for DEAs and NDEAs).

With regulators, insurers, or professional accreditation schemes for compliance purposes.

With trusted IT and administrative service providers (bound by confidentiality).

We do not sell or pass on your personal information to third parties for marketing.

Your Rights

You have the following rights under UK GDPR:

To access your personal data.

To request correction of inaccurate information.

To request deletion (where lawful basis allows).

To restrict or object to processing.

To request data portability.

To lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

Security

We take appropriate technical and organisational measures to keep your information secure, including encrypted storage of digital files and restricted access to personal data.

Updates to This Notice

This notice may be updated from time to time to reflect changes in law or our practices. The latest version will always be available on our website.

 

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.