DataGuard Compliance
DataGuard was developed by the U.S. Department of Energy and industry stakeholders to provide you assurance that your energy data is being protected and treated responsibly. The DataGuard Energy Data Privacy Program Voluntary Code of Conduct (VCC) is a voluntary privacy code that provides utilities and other companies that access consumer energy usage data with a framework for protecting their customersโ privacy.
Website: https://www.smartgrid.gov/data_guard
Download: DataGuard Energy Data Privacy Program Voluntary Code of Conduct.pdf
DataGuard Principles
The DataGuard program sets five principles. Below we list each principle and explain how we comply with each principle.
1. Customer Notice and Awareness
UtilityData.io provides a vital service for the evolving energy economy, and weโre very proud of what we do. One of our principles is to be fully transparent about what our service does regarding your data and privacy. We work extremely hard to make sure our authorization forms, agreement terms, and privacy policies are clear and understandable for everyone. You can check out our current authorization terms and policies below. We believe these are best-in-class examples of compliance with DataGuardโs Customer Notice and Awareness principle.
2. Customer Choice and Consent
Our goal is to have no surprises when using our service, and you have top-tier control of your data on our system. For more information on your choices about your information and how we share that information, please see ourย Termsย andย Privacy Policy. Below are some of the consumer-centric choices you can do fully online. Easy and immediate, no questions asked, no phone calls or emails needed.
You can always contact support@utilitydata.io if you have any questions.
You can control the duration of your authorization and access to your utility data.
You can revoke your authorization to share data at any time.
You can delete the access details and utility data we collected for you at any time.
3. Customer Data Access and Participation
In your authorization receipt, you always have immediate access to the data we have collected as part of your authorization and disclosure about who has access to your data (no need to contact us, itโs all available online). Below are the different classifications of data we collect and who we share that data with (see ourย Termsย andย Privacy Policy).
Authorization Data โ Information thatโs part of authorizations (e.g. whatโs on your authorization receipt and records of when/how we collected your utility data). We may publish anonymous statistics about authorizations (e.g. how many authorizations were submitted last month). We may disclose your authorization records to your utility and the parties with which you authorized data sharing.
Utility Data โ Your utility account, billing, and usage data that we collect as part of our service. We only share this information with the parties you explicitly authorize.
Access Data โ Information you submit to give us access to your utility account (e.g. access credentials or tokens). We donโt share this information with anyone.
4. Data Integrity and Security
We handle your personal utility data with the highest respect. Below are some of the security measures and policies weโve adopted to protect your data.
We donโt send your access or utility data outside of your country of origin. If live in the United States, your data stays in the U.S. (we donโt ship your data overseas).
Utility Data (e.g. utility bills) is always encrypted at rest (i.e. while stored on disk) and in transit (i.e. using HTTPS on our website).
Access Data (e.g. login credentials) are encrypted using hardware security modules and decryption logs are regularly audited.
5. Self-Enforcement Management and Redress
By adopting this Voluntary Code of Conduct, we have committed to:
Conduct regular training and awareness for all of our relevant employees on our privacy policies and practices.
Regularly review our data collection practices for accuracy, compliance, and process improvement opportunities.
To take action to comply with legal and regulatory data protection requirements and the DataGuard principles.
Provide a simple, efficient, and effective means for addressing customer concerns. You can let us know of any such concerns by emailing support@utilitydata.io.