Why we have this policy?
We are committed to protecting your privacy and complying with our obligations under the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) as well as any applicable State and Territory legislation. We have adopted careful measures to protect the privacy and confidentiality of personal information provided to us.
Personal information can include name, gender, date of birth, address, telephone and fax numbers, email address, credit card details, employment details and if and where applicable, information that constitutes “sensitive information”. It also includes information or an opinion about an identifiable individual.
What personal Information do we collect?
We may collect personal information about you, such as (but not confined to) your name, business address, business phone number and mobile/cell number and email address.
The circumstances and purposes of collection of personal information may include:
- when you apply to access or register for our Services;
- when you use our Services in a way that requires you to provide your personal information;
- when through our Services you enquire about or seek a quotation for a service or product offered by an energy supplier;
- when you telephone us, email us or visit our website and make an enquiry to which a later response is requested and to do so requires your contact details;
- when you ask to be included on a marketing or other email or distribution list.
How we collect personal information?
We collect information in the following ways:
Information you give us. When you register or otherwise sign up for Services, you will be asked for basic registration information, such as an email address and password. You may also provide us with passwords, usernames, account numbers, and other account information relating to your interaction with third parties (such as suppliers) (“third parties”) for the purposes of providing our Services to you.
Information from third parties. To provide you with our Services, we may collect, on your behalf, your account, invoicing, usage and other relevant personal information from third parties. Before doing this, we will have you sign and return a letter of authority. In some cases, this will be in the format required by the third party. Once we have that we may collect your personal information by email, phone or the third party’s portal. We will then present your information to you via our Services. If you choose to access invoices online through our Services, we may store a PDF or HTML representation of your invoices on our servers. We may also be provided with personal information about you by your employer.
Cookies and other technologies. We use technologies like cookies and pixel tags to provide, improve, and protect our Services. You can set your browser to not accept cookies, but this may limit your ability to use the Services.
Use and disclosing your personal information.
The kinds of personal information we collect and hold depends on the circumstances and the nature of our relationship with you. For example, we will collect certain information from you as a customer and other information from you if you are applying for employment with us.
We use and disclose the personal information collected from or about you for the purpose it was provided or collected, including in the following ways:
- to provide the Services to you, and to communicate with you about the Services (including changes to the Services). (The Service may require the disclosure of some information to third parties such as suppliers. For example, if you use the Services to obtain an energy quotation or have third parties bid for your business, some personal information may be provided to third-party suppliers);
- to provide newsletters, marketing or other information you request or agree to receiving;
- to perform authorised financial transactions with you;
- to respond to enquiries received from you, including feedback or complaints from you; and
- to carry out any other purpose for which the information was expressly requested or provided.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of Services to us or you. We deal with third parties that are required to meet the privacy standards required by law in handling your personal information, and use your personal information only for the purposes that we gave it to them.
Law & Order. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud; or (d) protect our legal rights.
Sale/ reorganisation. If we are involved in a reorganisation or sale of our assets, your personal information may be transferred as part of that reorganisation or sale.
We keep your personal information secure.
We take the security of your information seriously and take reasonable steps to protect the personal information we hold from misuse and loss from authorised access, modification or disclosure.
Your personal information is stored in the Amazon Web Services cloud which is ISO27001 compliant. We use technical and administrative security measures such as firewalls and encryption techniques, to maintain the security of your information, and regularly review our technology to maintain security.
We restrict access to personal information to those who have a need to know and we implement arrangements to ensure that access to computerised records is available to personnel who need such access, and require passwords to be entered to allow access to personal information.
Where is customer information stored and transferred?
We may store your personal information outside of Australia, in countries including the United States of America. We may also provide limited information, such as the name of a contact person within an organisation that is an energy customer, to our service providers in countries within Australia, the European Union, India, Philippines, and the United States of America. We take reasonable steps to ensure that overseas recipients do not breach applicable privacy legislation in relation to the information.
All personal information collected is stored via a secure server.
How to access and correct the information we hold about you or make a complaint?
We encourage you to keep us updated of any changes to your personal information.
If we believe or are informed that the personal information we hold about you is not accurate, complete and up-to-date, we will take reasonable steps to correct it.
Upon request, details of personal information about you held by us will be provided to you, except in the special circumstances where the law requires or enables us to withhold such information. We will provide reasons for any refusal to grant access to your personal information.
If you have not received a response of any kind in relation to your complaint within 30 days, you have the right to take the matter directly to the Office of the Australian Information Commissioner.
Contact us if you have any privacy concerns
Have questions or concerns about privacy? Contact us at firstname.lastname@example.org.