Personal information we collect
The types of personal information we collect about you depends on the circumstances in which that information is collected. The kinds of personal information we collect and hold includes:
- for users of our platforms and online tools, user registration data (e.g. name, email address, organisation, password) and data associated with use of the platform or tool;
- for our customers, and customers of third parties who have engaged us to provide products and/or services in respect of those customers:
- the customer’s name and contact details (e.g. postal address, telephone number and email address);
- the address of, and in some cases images captured at, a site where we are supplying products and/or services;
- billing information and metering data (where relevant);
- site and asset data, including equipment types and asset identification numbers e.g. meter installation registration number (MIRN) or national metering identifier (NMI); and
- other information relevant to the provision of products and/or services by or on behalf of us to the customer’s premises;
- for our suppliers and service providers, names and contact details of individuals working for those suppliers and service providers, who we deal with;
- for prospective Personnel seeking employment or engagement with us, your name and contact information, your curriculum vitae, and other information about your suitability for employment with or engagement by us; and
- for other individuals, your name, contact details and any other information relevant to our interactions with you.
- How we collect personal information
3.1 Personal information generally
We collect personal information about you where it is reasonably necessary for us to perform one or more of our functions or activities as a diversified energy business.
We may also incidentally collect personal information in images and recordings we make in the course of surveying assets and geographical areas e.g. if you are present when we photograph a site. Personal information we capture in this manner may be incidentally processed, used and disclosed in order for us to process and use the relevant image or recording for our business functions or activities.
3.2 Sensitive information
3.3 If personal information is not provided
If you do not provide us with your personal information when requested, this may limit the assistance we are able to provide to you, including assistance we are contracted to provide on behalf of a third party. For example, we may not be able to provide the product or service you may have requested and may not be able to handle enquiries or claims in connection with those products or services, or process your job application. For energy customers, this may also mean your retailer cannot supply you with electricity or gas.
4.1 Purposes of collection, holding use and disclosure of personal information generally
Personal information we collect may be held, used and disclosed for the following purposes:
- for the purposes of:
- assessing, inspecting, operating, maintaining or replacing, managing, supporting, planning and developing energy networks and other infrastructure assets;
- business planning and product development, and providing quotes to supply products and/or services;
- performing mapping, statistical and other analysis of energy networks (including analysis of network usage), other infrastructure assets and geographical areas;
- protecting our legal rights, investigating suspected misconduct or assisting law enforcement agencies; and/or
- enabling us to comply with our legal and regulatory obligations. For example, sometimes, we may be required to collect, use or disclose personal information by national or Victorian laws and regulations, including the National Electricity Law, the National Gas Law, or the rules and regulatory instruments made under those laws;
- in respect of our customers and customers of third parties who have engaged us to provide products and/or services in respect of those customers, for the purposes of:
- providing products and/or services which customers or those third parties have requested, or facilitating the provision of such products and/or services by other parties, including:
- communicating with individuals about matters relevant to those requests;
- arranging site visits by relevant Personnel and/or contractors;
- notifying customers about interruptions, faults, outages, emergencies or other matters relevant to the customer’s supply; and
- managing risks and health and safety issues associated with those requests.
- validating customer requests for access to portals and tools which we make available;
- verifying customers’ identities and validating customer requests for access to their data (or a request to authorise a third party to access their data);
- installing, supplying, connecting and maintaining equipment and appliances, and providing meter reading, sub-metering, monitoring and testing services;
- identifying possible technical problems and efficiency issues, and reporting on these matters and potential solutions;
- providing such other products or services that we may offer from time to time and providing information about their availability, features and benefits, including products or services which we offer to its customers in response to a government policy or regulatory initiative;
- providing billing and account management services associated with the products or services we provide, and facilitating third parties such as energy retailers to bill those customers; and/or
- responding to enquiries, or investigating or resolving complaints;
- in respect of suppliers and service providers, for the purposes of working with, and acquiring goods or services from, such suppliers and service providers;
- in respect of prospective Personnel, for the purposes of recruitment and selection of those prospective Personnel.
We may also use and disclose personal information we collect for other purposes that are permitted, required or authorised by applicable law, such as:
- purposes which you would reasonably expect and which are related (and, in the case of sensitive information, directly related) to the primary purpose of collection of personal information; and/or
- any other purposes for which you have given consent.
We will only use or disclose your personal information for the purposes of direct marketing (e.g. in relation to products, services and benefits we may offer from time to time) where we have your consent or we are otherwise permitted by law to do so.
You are free to opt out from receiving marketing communications from us, by:
- following the “opt out” process indicated in a marketing communication you have received;
- following such other process that is made available for this purpose from time to time.
4.3 Third party access to personal information we collect
- our suppliers and service providers, including those to whom we outsource certain of our functions (e.g. site assessment, and installation, servicing or replacement of equipment). We authorise our suppliers and service providers to use or disclose your personal information only as necessary to provide us with supplies or perform services on our behalf, or to comply with legal requirements. We require suppliers and service providers by contract to safeguard the privacy and security of personal information they process on our behalf;
- where we act as a service provider or agent for a third party, we may provide that third party with personal information we collected on their behalf;
- if you are part of a minigrid, other members of that minigrid, including the community energy retailer;
- other members of our corporate group;
- our professional advisors, accountants, insurers, lawyers and auditors;
- government, regulatory, judicial or law enforcement authorities; and
- any other third parties notified to you at or around the time we collect your personal information.
You should be aware that some of the persons or entities to whom we disclose personal information, or make personal information available, are located overseas, including in India and China.
We store personal information both electronically and in paper form.
We take reasonable steps to ensure our IT systems are designed, operated and maintained in accordance with ISO 27001: Information Security Management and ISO 27002 Information Technology: Security Techniques – Code of Practice for information security controls. These standards represent international best practice for IT security.
We periodically review our information security practices to ascertain how personal information can be protected from misuse and loss, and from unauthorised access, modification and disclosure.
Unless the law requires otherwise, we take reasonable steps to destroy or permanently de-identify personal information if it is no longer required.
We will endeavour to respond to your complaint or enquiry within 30 days.
If we fail to respond to a complaint within a reasonable time or if you are dissatisfied with our response, you may take your complaint to the applicable regulator in your jurisdiction. If you are in Australia, the applicable regulator is the Office of the Australian Information Commissioner (OAIC). Details of how to contact the OAIC are located at www.oaic.gov.au.
You may contact us in relation to privacy matters on 1300 360 795 or firstname.lastname@example.org .
Alternatively, you may write to our Privacy Officer at:
The Privacy Officer
Locked Bag 14051
Melbourne City Mail Centre 8001
Last updated: 3 December 2018.
Stay up to date
Select your areas of interest to stay informed with our latest news and insights.