Privacy Policy

Last updated: 3 February 2025

1. What does Abird Limited do?
2. Personal data we collect and process
3. How we use your personal data (our purposes) and our legal basis for processing it
4. Who we share your personal data with
5. Cookies and similar tracking technology
6. How we keep your personal data secure
7. International data transfers
8. Data retention
9. Your data protection rights
10. Updates to this Privacy Notice
11. How to contact us

We recommend that you read this Privacy Notice in full to ensure you are completely informed about your personal data. However, if you only want to access a particular section of this Privacy Notice, then you can click on the relevant link above to jump to that section.

Abird Limited respects your right to privacy. This Privacy Notice explains who we are, how we collect, share and use personal data about you and how you can exercise your privacy rights. This Privacy Notice applies to personal data that we collect through our website at https://www.cespower.com (“Website”) as well as data we collect about you to provide our services. To understand the terms under which you use the services that we offer, please read our Terms & Conditions here: https://www.cespower.com/uk/terms-and-conditions.

If you have any questions or concerns about our use of your personal data, then please contact us using the contact details under the “How to contact us” heading below.

Return to top

1. What does Abird Limited do?

Abird Limited is a supplier of portable power for industrial, corporate and event use, headquartered in the United Kingdom. For more information about Abird Limited, please see the “About Us” section of our Website at https://www.cespower.com/uk/about.

Return to top

2. Personal data we collect and process

Abird Limited is a supplier of portable power for industrial, corporate and event use, headquartered in the United Kingdom. For more information about Abird Limited, please see the “About Us” section of our Website at https://www.cespower.com/uk/about.

• The personal data we collect from you, either directly or indirectly, will depend on how you interact with us and with our Website. We collect personal data about you from the following different sources:
  • Information that you provide directly
    We collect personal data directly from you when you choose to provide us with this information online and through your other interactions with us (such as data collected via surveys, customer service communications, competitions, at events and exhibitions or other promotional programmes in which you may participate). Certain parts of our Website ask you to provide personal data when you engage with the following services: customer service information, enquiries or purchase of goods / services.
  • Information that we collect indirectly
    We collect your personal data indirectly, including through automated means from your device when you use our Website or on site (via CCTV cameras). Some of the information we collect indirectly is captured using cookies and other tracking technologies, as explained further in the "Cookies and similar tracking technology" section below.
  • Information from third parties
    We also collect your personal data from third party sources, i.e. our service providers that provide operational assistance, email, marketing and analytics services, as well as financial and credit related services and payment services. Information received from third parties will be checked to ensure that the third party either has your consent or are otherwise legally permitted or required to disclose your personal data to us.
• The table below describes the categories of personal data we collect from and about you as well as the source of that information.

  Personal Data Description	Source
  Identity and Contact Data such as your name, email address and telephone number.	Directly from you Indirectly from you Third parties
  Transaction Data such as truncated credit or debit card details, payment method, transaction statements, your billing address, your delivery address or the delivery address of the intended recipient of your order, payments and orders to and from you, and other details of products that you have supplied to. We do not collect or store your full credit or debit card details (which are processed by payment service providers who are separate controllers of your data. Please refer to your payment service provider's privacy notice for further details on their data collection practices).	Directly from you Indirectly from you Third parties
  Communications Data such as your feedback on our products and services or the performance of our Website and other communications with us (including when you interact with our customer service agents offline), any queries you raise, competition and survey entries, email or call history on the Website or with third party service providers. This will include information as to how you contact customer services and the channel of communication that you use or any information that you send to us.	Directly from you Indirectly from you Third parties
  Advertising and Marketing Data such as your interests based on your use of our Website and other websites and online services, your purchases, survey responses, promotions you enter, preferences in relation to receiving marketing materials from us, communication preferences, your preferences for particular products or services and your subscription details.	Directly from you Indirectly from you Third parties
  CCTV Data collected on our sites to prevent theft and fraud and more generally to protect our property and assets, employees, customers, vendors and visitors.	Indirectly from you
  Device Data collected from (or as a result of your using) your device (including by means of cookies and similar tracking technology), including your IP address, your ISP, and the browser you use to visit our Website device type, unique device identification numbers or other identifiers.	Indirectly from you
  Website Usage Data such as activity and Website page, information that we capture using cookies and similar technologies (see the "Cookies and similar tracking technology" section below). This will include page views and searches, log-in information, clicks, operating system, information about content viewed, watched or downloaded for offline access, length of visits to certain pages, length of Website useand other functional information on Website performance (for example, application version information, diagnostics, and crash logs).	Indirectly from you

  We do not collect any sensitive personal data about you, such as health-related information or information about your race or ethnicity, or sexual orientation.

Return to top

3. How we use your personal data (our purposes) and our legal basis for processing it

We use the personal data that we collect from and about you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your information. Depending on our purpose for collecting your information, we rely on one of the following legal bases:

• Contract - we require certain personal data in order to provide the goods and support the services you purchase or request from us.
• Consent – in certain circumstances, we may ask for your consent (separately from any contract between us) before we collect, use, or disclose your personal data, in which case you can voluntarily choose to give or deny your consent without any negative consequences to you.
• Legitimate interests – we will use or disclose your personal data for the legitimate interests of either Abird Limited or a third party, but only when we are confident that your privacy rights will remain appropriately protected. If we rely on our (or a third party's) legitimate interests, these interests will normally be to: operate, provide and improve our services and our business, including our Website; communicate with you and respond to your questions; improve our Website or use the insights to improve or develop marketing activities and promote our products and services; detect or prevent illegal activities (for example, fraud); and/or to manage the security of our IT infrastructure, and the safety and security of our employees, customers, vendors and visitors. Where we require your data to pursue our legitimate interests or the legitimate interests of a third party, it will be in a way which is reasonable for you to expect as part of the running of our business and which does not materially affect your rights and freedoms. We have identified below what our legitimate interests are.
• Legal obligation – there are be instances where we must process and retain your personal data to comply with laws or to fulfil certain legal obligations.

The following table provides more details on our purposes for processing your personal data and the related legal bases. The legal basis under which your personal data is processed will depend on the data concerned and the specific context in which we use it.

Purpose/Activity	Type of personal data	Lawful basis for processing including basis of legitimate interest
To establish and manage our relationship with our customers, service providers, distributors and other partners including scheduling meetings and calls and managing the services we provide to you or you provide to us.	Identity and Contact Data Communication Data Transaction Data	Performance of a contract with you.
Provide and deliver products and services, including delivery of products, electronic receipts and returns information.	Identity and Contact Data Communication Data Transaction Data	Performance of a contract with you.
Respond to your communications regarding our products and services, send you service updates, confirmations, invoices, technical notices, updates, security alerts, support and administrator messages, respond to your enquiries, requests or complaints.	Identity and Contact Data Transaction Data Communication Data Uploaded Content Device Data Website Usage Data	Performance of a contract with you. Otherwise, as necessary for our legitimate interests (to operate, provide and improve our business; to communicate with you) – where our communications are not necessary to perform or enter into a contract with you.
Reviewing communications with you for customer support and quality assurance and training purposes, and related recordkeeping.	Identity and Contact Data Transaction Data Communications Data Uploaded Content Device Data Website Usage Data	Necessary for our legitimate interests (to operate, provide and improve our business; to communicate with you) – where our communications are not necessary to perform or enter into a contract with you.
Keep our business, including our Website, our sites and our employees, customers, vendors, and visitors secure and address threats to their safety or the safety of others; to detect and prevent fraud (online and on our sites). For example, online we use malware and spyware monitoring tools to detect suspicious activity and algorithms to detect unauthorised access. On our sites, we use CCTV monitoring.	Identity and Contact Data Transaction Data Device Data Website Usage Data CCTV Data Communications Data	Necessary for our and our third parties' legitimate interests (to operate and provide our business, including our Website; to detect or prevent illegal activities (e.g. fraud) and/or to manage the security of our IT infrastructure, and the safety and security of our employees, customers, vendors, and visitors).
Manage compliance with our terms of service and related internal reporting.	Identity and Contact Data Communications Data Transaction Data CCTV Data Uploaded Content Social media	Performance of a contract with you. Otherwise, as necessary for our legitimate interests (to operate, provide and improve our business, including our Website; to detect or prevent illegal activities (e.g. fraud) and/or to manage the security of our IT infrastructure, and the safety and security of our employees, customers, vendors, and visitors. Legal obligations.
To administer and maintain our Website and our IT systems (including monitoring, troubleshooting, data analysis, testing, system maintenance, repair and support, reporting and hosting of data).	Identity and Contact Data Device Data Website Usage Data	Our and our third parties' legitimate interests (to operate, provide and improve our business, including our Website; to detect or prevent Illegal activities (e.g. fraud) and/or to manage the security of our IT infrastructure).
Manage our use of tracking technologies such as cookies (including enabling you to manage your cookie preferences) and analyse collected data to learn about our Website, to improve our Website, and to develop new products and services. This includes website analytics, identifying browsing / purchasing trends and patterns and evaluating this information on an aggregated, group(s) basis (Social media, Marketing Data) and individual basis (Account Data, Device Data and Website Usage Data).	Device Data Website Usage Data Social media Advertising and Marketing Data Communications Data	Consent (where required under applicable law – see cookie consent tool on our website). Otherwise (for strictly necessary cookies) our legitimate interests to operate, provide and improve our business, including our Website, to improve our Website or use the insights to improve or develop marketing activities and promote our products and services.
Analyse data including metrics related to consumer transactions and behaviour (online and offline), to assess trends and the effectiveness of our advertising and marketing campaigns, to help us understand your needs and provide you with better service and offers, to drive customer engagement, promote our brand, and inform other business decisions by understanding consumer behaviour.	Transaction Data Device Data Website Usage Data Communications Data Marketing Data	Consent (where required under applicable law). Otherwise our legitimate interests (to operate, provide and improve our business, including our Website, to improve our Website or use the insights to improve or develop marketing activities and promote our products and services).
Contact current and prospective customers (including Website visitors) about our products and services, promotions, competitions and events we think may be of interest, including our newsletter and other promotional mailers and electronic communications.	Website Usage Data Marketing Data Communication Data Social media Uploaded Content Data	Consent (where required under applicable law). Otherwise our legitimate interests (to operate, provide and improve our business; to communicate with you and to develop marketing activities and promote our products and services).
Personalise and customise your experience, including to provide local or otherwise targeted content and information for customers, and to tailor the content and advertising served on our Website.	Marketing Data Website Usage Data Device Data Social media	Consent (where required under applicable law). Otherwise our legitimate interests (to operate, provide and improve our business, including our Website, to use the insights to improve or develop marketing activities and promote our products and services).
Personalise, target, and deliver advertising for our products and services on third party websites, apps, and other online services (including to identify audiences and individuals like you to better tailor our marketing campaigns and communications), and measure the effectiveness of our campaigns and adjust our methods.	Marketing Data Website Usage Data Social media Contact Device Data	Consent (where required under applicable law). Otherwise our legitimate interests (to improve our business, to promote our products and services and to use the insights to improve or develop our marketing activities).
Analyse social media performance metrics to evaluate and execute social media campaigns, including to interact with our current and prospective customers on various social media channels to promote our products, run contests and promotions, answer questions and otherwise drive and monitor customer engagement and satisfaction.	Marketing Data Social media Communication Data Uploaded Content Data Website Usage Data Device Data	Consent (where required under applicable law). Otherwise our legitimate interests (to improve our business, to promote our products and services and to use the insights to improve or develop marketing activities).
Administer sweepstakes, competitions or surveys	Identity and Contact Data Communication Data Uploaded Content Data Social media	Our legitimate interests (to drive customer engagement and to collect user perceptions and measure satisfaction).
Comply with legal and regulatory obligations to which we are subject, including our obligations to respond to your requests under data protection law.	Identity and Contact Data Transaction Data Website Usage Data Communication Data Uploaded Content Data	Legal obligation (including the UK and EU General Data Protection Regulation and the Data Protection Act 2018.
Protect our legal rights (including where necessary, to share information with law enforcement and others), for example to defend claims against us and to conduct litigation to defend our interests.	Identity and Contact Data Transaction Data CCTV Data Website Usage Data Communication Data	Our legitimate interests to protect our business interests.

Return to top

4. Who we share your personal data with

We share your personal data with the following categories of recipients:

• our group companies who operate in the UK and Ireland and provide data processing services necessary to provide you with our goods and services (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website), or who otherwise process personal data for purposes described in this Privacy Notice.
• third party service providers and partners who provide data processing services to us as necessary to provide you with our goods and/or services (including to support the delivery of, provide functionality on, or help to enhance the security of our Website), or who otherwise process personal data for purposes described in this Privacy Notice. The following table lists the main third party service providers we engage to process your personal data, the categories of services they provide, and the types of personal data they receive in order to provide us these services;

  Service Provider	Services	Personal Data
  Identity Incentives WSI Pro Marketing	Behavioural Advertising and Paid Marketing	Name, address, account information, website usage activity

• third party services when you use third party services linked through our Website, for example, third party payment services, your personal data will be collected by the provider of such services. Please note that when you use third party services, their own terms and privacy notices will govern your use of their services;
• any competent law enforcement body, regulatory, government agency, court or other third party (such as our professional advisers) where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights or so a third party can defend theirs, or (iii) to protect your vital interests or those of any other person;
• a buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this Privacy Notice; or
• any other person with your consent to the disclosure (obtained separately from any contract between us).

Return to top

5. Cookies and similar tracking technology

We use cookies and similar tracking technology (collectively, “Cookies”) to collect and use personal data about you. For further information about the types of Cookies we use, why, and how you can control Cookies, please see our Cookie Notice here: https://www.cespower.com/uk/cookie-policy.

Return to top

6. How we keep your personal data secure

At Abird Limited, the security of your data is of paramount importance. We use appropriate technical and organisational measures to protect the personal data that we collect and process about you. The measures are designed to provide a level of security appropriate to the risk of processing. Specific measures we use include:

• Role-Based Access Control (RBAC): Access to personal data is strictly limited to authorised personnel based on their roles and responsibilities. This ensures that only individuals with legitimate business needs can access sensitive information.
• Encryption: All personal data is encrypted in transit and at rest using industry-standard protocols. This protects your data from unauthorised access or interception during transmission or storage.
• Segregated Access: Personal data is stored within segregated environments to prevent unauthorised access and to ensure that data handling is isolated from unrelated systems and users.
• Regular Audits and Monitoring: We perform regular audits and continuous monitoring of our systems to promptly detect and address potential vulnerabilities or unauthorised access.
• Multi-Factor Authentication (MFA): Access to systems containing personal data requires multi-factor authentication, adding an extra layer of security to our systems.
• Compliance with Standards: We adhere to relevant data protection regulations and industry best practices, ensuring compliance with legal requirements and standards such as GDPR.

Return to top

7. International data transfers

In some cases, where your personal data is transferred to another Abird Limited company or third parties, it is processed in countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our Website servers are located in the United States and our group companies in Ireland and United States. In addition, some of our third-party service providers and partners operate in the United States. This means that when we collect your personal data we will process it in any of these countries.

Where we transfer your personal data to countries and territories outside of the European Economic Area and the UK, which have been formally recognised as providing an adequate level of protection for personal data, we rely on the relevant “adequacy decisions” from the European Commission and “adequacy regulations" (data bridges) from the Secretary of State in the UK. We transfer from UK to Ireland and from Ireland to the UK in reliance on the European Commission’s adequacy decision and the Secretary of State's adequacy regulations.

Where the transfer is not subject to an adequacy decision or regulations, we have taken appropriate safeguards to ensure that your personal data will remain protected in accordance with this Privacy Notice and applicable laws. The safeguards we use to transfer personal data are, in case of both our group companies and third party service providers and partners, the European Commission’s Standard Contractual Clauses as issued on 4 June 2021 under Article 46(2) using Module 1 for controller to controller and Module 2 for controller to processor transfers, including the UK Addendum permitted under Article 46(2) of the UK GDPR for the transfer of data originating in the UK.

Our Standard Contractual Clauses entered into with our third-party service providers and partners can be provided on request. Please note that some sensitive commercial information may be redacted from the Standard Contractual Clauses.

Return to top

8. Data retention

We retain the personal data we collect from you where we have an ongoing legitimate need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements). In certain circumstances, we will need to keep your information for legal reasons after our relationship has ended. The specific retention periods depend on the nature of the information and why it is collected and processed and the nature of the legal requirement. For example, we may keep your information when we have a legal obligation to do so (for example to deal with and resolve requests and complaints, or for litigation or regulatory matters (for example we may retain your information if there was an ongoing legal claim, and the information was relevant to the claim. This information would be retained until the complaint or legal claim had been concluded.

When we have no ongoing legitimate need or legal reason to process your personal data, we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

Return to top

9. Your data protection rights

Individuals located in the UK and EEA have the following data protection rights. To exercise any of them see specific instructions below or contact us using the contact details provided under the “How to contact us” heading below.

• You may access, correct, update or request deletion of your personal data.
• You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data, (i.e. your data to be transferred in a readable and standardised format.
• You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided under the “How to contact us” heading below. If you choose to opt out of marketing communications, we will still send you non-promotional emails, such as emails about our ongoing business relations.
• If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time by using the contact details provided under the “How to contact us” heading below. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a supervisory authority about our collection and use of your personal data. For more information, please contact your local supervisory authority. Contact details for supervisory authorities in Europe are available here and for the UK here. Certain supervisory authorities will require that you exhaust our own internal complaints process before looking into your complaint.

Return to top

10. Updates to this Privacy Notice

We may update this Privacy Notice from time to time in response to changing legal, regulatory, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.

Return to top

11. How to contact us

If you have any questions or concerns about our use of your personal data, please contact our data protection officer using the following details: CESGlobalDPO@Fieldfisher.com.

The data controller of your personal data is Abird Limited which is registered with the Information Commissioner's Office with registration number Z3430372.

Return to top