EIG Website | Contact us

Privacy policy

Fidra Energy Limited Stakeholder Privacy Notice

From time to time, we collect personal data to manage relationships with external stakeholders, for example members of the communities around our premises. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations. This Privacy Notice is to provide information for anyone who engages with Fidra Energy in a private or professional capacity such that we process their personal data. It should be read in conjunction with any other privacy information we provide in relation to specific processing or projects, which explains how and why we collect, use and store your data. We have separate privacy notices for job applicants and employees.

When we use personal data we do so in line with UK Data Protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

What information does the organisation collect?

The organisation may collect and process a range of information about you. This could include:

  • Your name, address and contact details, including email address and telephone number;
  • Information relating to your employment or relationship to other organisation(s) you are representing; and
  • Information relating to any health or accessibility requirements.

The organisation may collect this information in a variety of ways. Much of this data is likely to be collected directly from you – for example, from correspondence with you, or through interviews or other meetings.

In some cases, the organisation may collect personal data about you from third parties, for example from your employer or organisation of which you are a member.

Why does the organisation process personal data?

The organisation needs to process data to engage with members of the public, such as local communities and residents, and civil society such as environmental and social advocacy groups. We may use your information in order to:

  • Share newsletters and updates on project developments or initiatives that may be relevant to you;
  • Host you at public meetings and forums;
  • Gather information through surveys and feedback forms;
  • Ensure health and safety compliance;
  • Address queries or issues you raise with us, including through our grievance mechanism; and
  • Process and/or defend against legal claims.

The organisation only processes special categories of personal data in limited circumstances, for example to uphold our diversity and equality and health and safety obligations.

Basis for processing

We will only process your data where we have a lawful basis for doing so. This will generally be for one or more of the following:

  • Where we have a legitimate interest – for example where we are seeking to engage with local stakeholders in relation to one of our developments;
  • To comply with our own legal and regulatory obligations; or
  • Where we have otherwise received your express consent to processing for a particular purpose. Note that where this forms the basis for processing, you have the right to withdraw your consent at any time, which you can do by getting in touch with us using the contact details provided in this notice.

Where we rely on legitimate interests as a reason for processing data, we have considered whether those interests are overridden by your rights and freedoms and concluded that they are not.

Who has access to data?

We will only provide access to your data where we consider there is a lawful basis for doing so. Your information will be accessed on a need-to-know basis to support our engagement with you – for example it might be shared with colleagues organising or leading stakeholder engagement sessions.

From time to time we may also share data with third parties, including professional advisers, project partners and maintenance teams.

It may also be necessary to provide information to government agencies, regulators and other authorities in line with legal and regulatory requires. The organisation will not transfer your data to countries outside the UK.

How does the organisation protect your data?

The organisation takes the security of your data seriously. The organisation has internal policies in place to protect data from being lost, accidentally destroyed, misused or disclosed, and to limit access by staff to performance of their duties in line with the requirements of applicable personal data protection legislation. We also maintain appropriate cybersecurity protections.

Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

For how long does the organisation keep data?

The organisation will hold your personal data in accordance with our internal retention procedures. The periods for which your data is held after the end of your engagement with us will be aligned to our internal Records Retention Policy as required under the UK GDPR.

Your rights

As a data subject, you have a number of rights. You can:

•           access and obtain a copy of your data on request;

•           require the organisation to change incorrect or incomplete data;

•           require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;

            Require the organisation to restrict processing of your personal data in certain circumstances

•           object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and

•           ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether your interests override the organisation’s legitimate grounds for processing data.

If you would like to exercise any of these rights, please contact Sam Beckett, HR Director via email: sam.beckett@fidraenergy.com.

Alternatively you can write to us care of:

Sam Beckett, Fidra Energy, 61 Dublin Street, Edinburgh, EH3 6NL If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.

What if you did not provide personal data?

If you do not provide personal data, we may not be able to engage with you in an efficient manner.

Automated decision making

We will not make decisions in relation to you solely on the basis of automated decision making.

This Privacy Notice was last updated on 30 April 2026