Your Privacy and Data Protection

The General Data Protection Regulation (GDPR) is a new EU regulation which came into effect on 25th May 2018. GDPR provides you with greater control over your personal data and places greater accountability on organisations who process it.

Please read this Privacy Notice to understand:

  • How and why Deep Water Blue uses your personal data
  • Your data privacy rights

For further information contact our Privacy Officer (details are provided below).

Deep Water Blue Ltd is a UK based water treatment specialist company managing water and waste treatment for steam production, heating systems, cooling towers and process operations. To enable us to provide these products & services we process your personal data, such as contact and payment details. We need to process most of this personal data under the terms of a contract we have with you or to meet legal obligations.

Processing PurposeCategories of data processedLegal basis
Accounting, administrative & financial
  • Financial records

  • Payment details (including
    bank card details)

  • Statements, invoices and payment reminders

  • Contract

  • Statutory obligation
Chemical supply - for water treatment purposes
  • Contract

Consultations and risk assessments - for water treatment and hygiene
  • Contract

Health & safety
  • Accident reports

  • Statutory obligation

Marketing including sending newsletters & invitation to attend training events
  • Contact details

  • Marketing preferences
  • Consent (to contact you via electronic means)

  • Legitimate interest (to engage in marketing to promote our products & services)

Monitoring of systems
  • Contact details

  • Email notifications

  • Contract

Training events
  • Contact details

  • Training answers/grades

  • Contract

Water Management and Maintenance(vStream web portal)
  • Registration details

  • Contract

Website usage analytics
  • Usage analytics (information about your visits to and use of this website)

  • Legitimate interest (to engage in marketing to promote our products & services)

  • Directly from you e.g. phone conversations or meetings with our engineers/consultants, letters, emails or data entered via a form on our website.
  • From others e.g. companies who pass on your contact details for training events

If you choose not to provide us with your personal data, it may mean that we are not able to:

  • Provide requested products or services to you
  • Continue to provide existing products or services

We will tell you when we ask for information which is not a contractual requirement or is not needed to comply with our legal obligations.

We only keep your information for as long as there is a business reason, or where regulations say we must. For vSteam data this is for 5 years after lapsed trading. But it will vary depending on the type of data we hold, and the type of products/services provided to you.

We share your information with the following types of recipients:

  • Accountants & auditors
  • IT service providers
  • Legal advisors
  • Online training (web hosting company)
  • Statutory and regulatory bodies e.g. tax authorities
  • Training event organisers e.g. CEA

These data transfers are mainly within the UK and European Economic Area (EEA). Sometimes these recipients might transfer data outside of the EEA. If they do, we will take steps to ensure appropriate safeguards are in place e.g. contracts to protect your privacy.

We use ClassMarker to host our training & testing materials. This company is based in Australia. Your email address (used to logon & identify you) and any tests that you carry out will be transferred to them. The legal basis for this transfer is the contract that we have we you. Click on the following link to view ClassMarker’s privacy notice and the safeguards they have in place.

Where you have consented, or you are an existing customer, we would like to contact you from time to time for marketing purposes. You may opt out of this marketing at any time by contacting our Privacy Officer (details are provided below).

  • At any time, you may:
    • Ask us for a copy of your personal data.
    • Correct and update mistakes/incomplete personal data.
    • Raise a complaint with the Information Commissioner.
  • In certain circumstances you may:
    • Delete your personal data.
    • Restrict use or object to us processing your data e.g. for marketing purposes.
    • Take your personal data to another provider.
    • Exercise a right not to be subject to solely automated decisions.
  • Where you have consented to the use of your data, you have the right to withdraw this consent at any time.

If you have any further questions or you wish to exercise your rights, contact our Privacy Officer using the details on our contacts page.

Where a request relates to one of your rights, to make it easier for us to identify you and your personal data, we will ask that you provide the following:

  • Name, address and any further contact details such as email or phone number that you would like us to use.
  • A description of your request e.g. what types of personal data you would like a copy of.
  • Service/contract number (where applicable).

Where relevant we may ask for further proof of identify.

We would like it if you contacted us first to see if we can resolve the issue. But, if you have an issue with how we are processing your personal data, you have the right to raise this with the Information Commissioner at any time (Tel: 0303 123 1113 or

This page was last updated in Feb. 2019.