GDPR
What are the DPA questions?
Full name
Account number
Date of birth,
Address
Email, phone number, MPAN and MPRN
‘Caller cannot pass security checks’
What are some of the things these customers can do?
Book an emergency appointment.
Make a card payment into the account.
Although they can make a payment, we can not tell the caller the balance of the account.
Perform a COT Move In on the account.
What is DNO?
Manage the grid
Set up new supplies
Register new supplies on the national database
Responsible for supply on the street
Responsible for any damage or repair prior to supply going to the home
What is MPRN?
A unique supply reference number for each property
All bills/invoices must show the MPRN by law
Each meter also has a meter serial number (MSN) which changes when the customer has a meter exchange
10 digits long
What types of meters we have?
Traditional Meters
Single rate
and
multi-rate
Dial electricity meters
GAS:
Metric meters
Imperial meters
S1 and S2
where customers’ data could be stored that could be seen as dangerous?
Hangouts
Google calendar
Google drive
Sticky notes/ yellow pad
‘Caller is second contact but not financially liable’
we can discuss anything on the account. However, they are unable to:
Set up or change the Direct Debit details on the account.
Request a refund.
Renew the plan on the account.
Book smart meter and other metering appointments.
What is Ecoes?
Industry database for electricity
Holds information about every single supply in the UK (including MPAN and the company supplying the address)
Holds no personal information
What are some of the key terms?
Unit Rate
KWH
Fixed Tariff
Standing Charge
Variable Tariff
What does the Smart kit consist of?
Electricity meter
Gas Meter
IHD
In what ways can we protect our customers:
Lock Screen
Strong password
Be vigilant when opening email attachments
Keep mobile phones away when dealing with customer information
Only writing what needs to be written in memos
‘Caller is financially liable’
What can these customers do?
If the person contacting us can pass security checks and is a financially liable contact on the account, they can do everything.
What is MPAN?
A unique supply reference number for each property
All bills/invoices must show the MPAN by law
Each meter has a meter serial number (MSN)
13 digits long
List gas appliances?
Boiler & Radiators
Gas Oven
Gas Hob
List 3 functions of IHD:
Receives information from the electricity meter
Displays dual fuel information in an easy to view way
Free with smart meters
Any information that is deemed as personal or sensitive should not be recorded without reason or permission:
List some examples.
Vulnerabilities that are physical or mental
Prison record
Children/partners names
Financial details
What's the process of adding a secondary contact to the account?
A secondary non-financially liable contact has however limited powers on the account. For example:
Gain permission from both parties to add a secondary contact.
They can:
Provide meter readings
Be given information about bills
Give information/ask for information etc
They cannot:
Make any financially related decisions
Updating payment details
Changing Direct Debit amount
Obtain refunds
Renew a contract
Update communication preference (post/email)
What is Gas Transporters?
Manage the grid
Set up new supplies (pipework)
Register new supplies on the national database
Giving the property a unique reference number
Maintenance & upkeep of the grid
List Electricity Appliances
Washing machines & Tumble Driers
Fuse Box
Kettles
Toasters
Microwave ovens
Electric Ovens
Electric Heater
Electric Shower
What type of customers would require an accessible IHD?
BLIND
OVO breaches GDPR: What can happen?
You breach GDPR: What can happen?
Fines - If OVO breaches data protection as a company, we can face large fines. It will either be up to 20 million euros or up to 4% of annual revenue (whatever is higher). For us it would be up to 4% of annual revenue.
Reputational risk – the impact on OVO’s reputation of customers coming first can be impacted and affect our Net Promoter scores, customer retention and future new customers.
Dismissal under gross misconduct - If the breach is deliberate (for example, you access a customer account purposefully to retrieve information about them). This is also the reason that we do not allow mobile phones out whilst at the customer service computers whilst the customer’s details are on show
Discussion with Manager - If the breach is accidental, at the initial stages you meet with your TL who will highlight the issue, explain where you went wrong and agree the steps you should take to prevent it happening again.
If this happens a second time, you will again meet with your TL, who will either go through further training with you or arrange for you to receive further training on this subject.
Finally, if this happens a third time, you are facing the possibility of a disciplinary which could then lead to dismissal from the company.
In what instance would you need to ask a customer an extra security question?
What are the extra security questions that can be asked to a customer that is calling to amend bank details or contact details?
If they calling to amend their contact details or bank details.
What can count as an extra security question:
Last Direct Debit amount
Last 2 digits of the bank account number
Bank name
What is Xoserve?
Industry database for gas
Holds information about every single supply in the UK including the MPRN and the company supplying the address
Holds no personal information
What does PPA stand for?
Power Purchase Agreement (PPA)
What are the 3 things you can do on the Smart OPS tool?
Check if meter is in Comms
Request an on-demand reading
Update the customers meter settlement