Effective Date: January 1, 2020
Scope of Policy
Information We Collect – Voluntarily Provided by You
The primary reason TEP collects and maintains customer information is to provide services to our customers, offer additional services that may be of interest to customers like you, and to help you get the most out of our services. We obtain the following categories of information directly from you when you voluntarily provide it to us.
- Personal Information or Identifiers.
This category refers to information we gather about our customers that can be used to identify or contact an individual person, such as your name, e-mail address, postal address, telephone number, Social Security Number, driver’s license number, and TEP account number. You provide this information to establish your TEP account, participate in our programs, and log in to “My Account” on our Website or Mobile App. We also receive this information when you fill out and submit forms to us, such as when you request information from us, apply for incentives through our programs, or enter into a promotion sponsored by us. We use or disclose this information to fulfill the purpose for which you provided it to us, to provide our services, and to educate you about our programs, energy efficiency and electrical safety.
- Personal Information does not include information that is:
- publicly available from government records,
- collected by any non-TEP party that may link to or be accessible from the TEP Website or Mobile App or otherwise collected directly by such third party, and
- de-identified or aggregated customer information that cannot link to an individual or household.
- Transactional Information. This information refers to your signature on contracts you enter into with us, and any financial information that you provide directly to us, such as your bank account number or credit card information to process payment on your account. This information is voluntarily provided by you to make payment on your TEP account, participate in our programs, or apply for incentives.
Managing Your Personal Information
If you do not want to provide your information to us on the Website or Mobile App, you may take advantage of the publicly available content without setting up “My Account” or filling out any forms or information fields, however, the automatic data collection technologies may still collect the information described below.
If you believe any of the information that we collect or maintain about you is incorrect, please contact us or update the information in “My Account.”
Information We Collect – Indirectly from You
In addition to collecting information directly from a customer, TEP collects information indirectly, through a variety of sources. These sources and further information as to each is detailed below.
- Internet Activity Information.
We collect data on our Website and Mobile App through the use of automatic data collection technologies such as cookies (small data files stored on your computer by your web browser upon visiting a website or placed on your smartphone or device), web beacons (small files that provide Website and Mobile App statistics such as how many people have visited a particular web page) and similar technologies. When you access the Website or Mobile App, TEP’s web servers automatically record certain data, including, but not limited to, your Internet service provider, IP address (which may identify your general geographic location or company), domain name, browser type, device type, device ID, operating system and the times and dates of your visits to our Website or use of the Mobile App. Cookies are important for the proper functioning of websites and mobile applications and enable TEP’s systems to remember log-in details, provide secure log-in, collect statistics to optimize the functionality of the Website and Mobile App and provide services tailored to your interests. Although you may set your browser to block all cookies, including TEP’s, we recommend that you leave cookies turned on to take full advantage of all of the Website’s and Mobile App’s features.
- Energy Usage Information
TEP collects information about your energy usage obtained through our metering systems, including that produced by photovoltaic equipment on your property. When your energy usage information is combined with information that can identify you and/or your household residence or business, TEP uses that information to provide electric service, such as generating your bill, and providing additional services and programs as may be required or approved by the Arizona Corporation Commission.
- Voice Recordings
We use an automated “Interactive Voice Response” system to help us interact with customers who call us. This system helps us to respond promptly to customer calls by gathering the caller’s required information and routing calls to the next-available customer service representative.
Use and Disclosure of Customer Information
It is TEP’s general practice to treat your personal information as confidential and use it in a limited number of ways. When you provide information on the Website, through the Mobile App, over the phone, or in person, TEP uses that information consistent with the manner intended when you provided it. We may also use or disclose your personal information for one or more of the following purposes:
- to establish and maintain your account and provide requested services,
- to inform you about new rates, products and services offered by or in connection with TEP,
- to communicate with you about your account and our programs,
- to improve our customer service,
- to educate you about electrical safety and energy efficiency,
- to monitor and enhance our relationship with you,
- to respond to your inquires, including to investigate and address your concerns,
- for billing, collection, and credit risk reduction purposes,
- for identity verification purposes,
- to assist in fraud protection and compliance with cyber security laws,
- to mitigate the risk of identity theft,
- in the event of an emergency or imminent threat to life or property,
- to meet regulatory requirements and applicable laws,
- to notify you about changes to our Website and Mobile App,
- to provide you with access to certain features on the Website and Mobile App,
- to notify you when Mobile App updates are available or significant changes have been made to our Website,
- to maintain the safety, security, integrity and functionality of our Website and Mobile App,
- to allow you to participate in TEP contests and promotions,
- to further TEP’s business objectives consistent with the provision of safe and reliable electric service and operation of TEP’s electrical system or grid,
- as requested by the Arizona Corporation Commission and staff when legally entitled to such information,
- in the manner described to you when collecting your information,
- to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations,
- to comply with a legal process, such as a warrant or subpoena, and
- to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, in which personal information held by us about our customers is among the assets transferred.
We may use your information for any other purpose after obtaining your consent for such use.
TEP will not collect additional categories of information or use the information we collect about you for materially different, unrelated, or incompatible purposes from those set forth above without providing you notice.
Sale of Customer Information
TEP does not provide customer information to third parties for their advertising purposes or for other purposes unrelated to TEP’s objectives listed above. TEP discloses customer information to TEP service providers as described below.
Sharing Customer Information
TEP discloses your information to specific non-affiliated third parties who are providing services for your benefit on behalf of or jointly with TEP. These services include, but are not limited to, payment processing services, assisting us in providing energy efficiency programs or as otherwise described in the “Use and Disclosure of Customer Information” section above. In such situations, TEP limits the amount and type of information provided to that reasonably necessary to accomplish the purpose for which it was disclosed. We include language in our contracts with third parties designed to protect the privacy of your information and limit its use to the purpose solely for which it was provided. TEP does not sell your information to third parties or data brokers.
Retention and Destruction of Customer Information
Subject to limits imposed by applicable law, TEP retains information as long as your account is active and for such additional time as we believe such information is required or will be useful to fulfill a business purpose or law enforcement need. TEP reserves the right to remove any such information from its records.
The security of your information is important to us. We have implemented and maintain reasonable administrative, electronic, and procedural safeguards designed to protect your information from accidental loss, and from unauthorized access, use, alteration and disclosure. Although TEP believes these procedures are adequate, no method of storing or transmitting information over the Internet or via the Mobile App, including email communications, is completely secure. Accordingly, TEP cannot guarantee the security of your personal information transmitted to or through our Website and Mobile App and transmission of information is at your own risk. If you do not want TEP to know any particular information, do not include it in anything submitted to the Website or Mobile App.
The safety and security of your information also depends on you. In using certain services offered on our Website and Mobile App, you may be assigned or choose a user ID and may choose a password. You are solely responsible for maintaining the confidentiality of your user ID and password, and are responsible for all activities that occur under your user ID and password. We suggest that you do not share your password with anyone. You agree to notify TEP immediately of any unauthorized use of your user ID, password or information, or any other breach of security regarding the Website and Mobile App of which you are aware. TEP will not be liable for any loss arising from your failure to comply with these security requirements and you agree to hold TEP harmless from any and all losses that arise from any such failure to comply.
TEP enables you to opt out of marketing communications by using the "unsubscribe" link included in such emails. However, non-marketing communications are not subject to a general opt-out and may contain important information regarding your TEP account.
Compliance with Laws
TEP will comply with applicable federal and state laws regarding its collection and use of your information and will limit disclosures accordingly.
We believe in the importance of protecting children’s online privacy. Our Website and Mobile App are not intended for use by children under 13 years of age. TEP does not knowingly collect, nor do we desire to collect, personal information from children under the age of 13. If you believe we may have received personal information from or about a child under 13 without verification of parental consent, please notify us so that we may immediately delete that information. For more information about the Children’s Online Privacy Protection Act, visit the FTC’s web site at www.ftc.gov.
Attn: Legal Department
PO Box 711
Tucson, AZ 85702-0711
You can also call us at 1-833-455-0259.
Supplemental Privacy Notice for California Residents
Effective Date: January 1, 2020
Personal Information Definition
Under the CCPA, “personal information” is information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device. Personal information does not include publicly available information from government records and de-identified or aggregated consumer information.
Categories of Personal Information
|1. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||Yes|
|2. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
|3. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
*TEP collects customer birth date and information about medical devices in your home that require electricity for our Lifeline Program.
|Yes, in part.*|
|4. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Yes|
|5. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
**TEP keeps records of any threatening behavior exhibited by customers to ensure the safety of our employees.
|Yes, in part.**|
|6. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||Yes|
|7. Geolocation data.||Physical location or movements.||No|
|8. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.
TEP records customer calls as described in the section titled “Information We Collect – Indirectly from You.”
|9. Professional or employment-related information.||Current or past job history or performance evaluations.||Yes, with respect to employees only|
|10. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||Yes, with respect to employees only|
|11. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
See Category 5 about the type of behavioral information we collect.
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you as provided in the section titled “Information We Collect – Voluntarily Provided by You.”
- Indirectly from you as provided in the section titled, “Information We Collect – Indirectly from You.”
- From your friends or family members who sign up for our Safety Net Program.
- From collection agencies or other third parties when your account is delinquent and we need to collect payment.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the purposes listed in the Use and Disclosure of Customer Information section above and for an authorized business purpose under the CCPA.
Sharing of Personal Information
We may disclose your personal information to a third party for a business purpose as detailed above in the Sharing Customer Information section. We share your personal information with the following categories of third parties:
|Categories of Third Parties||Categories of Information|
|Service providers||1.) Identifiers, including TEP account number
2.) California Customer Records personal information categories
4.) Commercial information related to the services you wish to receive
|Data analytics providers or internet cookie data recipients
|6.) Internet or other similar network activity. We do not provide this information directly, but it is collected through your use of the Website and Mobile App.|
|Your Family and Friends||1.) Identifiers. As part of TEP’s Safety Net Program, a customer can designate another person to receive a copy of their bill in order to help the customer remember to pay it on time. In such case, the customer may provide us with your name, address or email address so that you can receive a duplicate copy of their bill.|
Your Rights and Choices
Access to Personal Information
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. In order to protect your privacy, we must use your personal information to verify your request and we will only process your request after completing such verification process.
Once we have verified your request, we will inform you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting the personal information.
- The categories of third parties with whom we share the personal information.
- The specific pieces of personal information we collected about you.
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: sales of your personal information; and disclosures for a business purpose, identifying the associated personal information categories.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions under the CCPA.
Once we have verified your request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception under the CCPA applies.
Specifically, in addition to any other applicable exception under the CCPA, we may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with customer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Submitting a Verifiable Request
If you would like to exercise the rights detailed above, please submit a verifiable request to us by either:
Only you, or someone legally authorized to act on your behalf, may make a verifiable request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable request twice within a 12-month period.
The verifiable request must:
- Provide sufficient information that allows us to verify you are the person about whom we collected personal information or an authorized representative of that person.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
- Include verification of your status as a California resident.
We will not be able to respond to your request if we cannot verify your identity or authority to make the request and confirm the personal information relates to you or someone who has provided you with the legal authority to make the request.
We will only use personal information provided in a verifiable request to verify the requestor’s identity or authority to make the request.
We will respond to a verifiable request within forty-five (45) days of its receipt, unless we require more time to complete your request. We will inform you of the reason for any extension period in writing.
Our response to your request will cover the 12-month period preceding your request and will explain the reasons we cannot comply with a request, if applicable.
We will not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine your request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We do will not discriminate against you for exercising any of your CCPA rights.
Do Not Track Signals
California law requires us to inform you how we respond to web browser Do Not Track (“DNT”) signals. With no industry or legal standards on how to recognize and honor DNT signals, TEP does not currently respond to them. When standards become available, TEP will address DNT signals.