Introduction and purpose
At Ausgrid, we are committed to protecting the privacy of our customers, business contacts and other individuals with whom we interact. When we collect and handle personal information, we do so in accordance with Australian privacy laws. These laws protect the privacy of personal information we hold about our customers and other individuals.
At times, we will also provide a privacy collection statement when we collect personal information from you. A privacy collection statement may set out additional details about the ways in which we handle your personal information in specific situations.
Applies to
Ausgrid customers, contractors, suppliers and other stakeholders.
Ausgrid is generally exempt from the Privacy Act when we collect and handle ‘employee records’ (as defined in the Privacy Act) and this privacy policy does not apply to such information. If you are a current or former employee, employee records relate to your employment with us and include personal information.
Policy
Ausgrid is bound by the Australian Privacy Principles (APPs). The APPs are set out in the Privacy Act 1988 (Cth) (the Privacy Act) and govern how we must handle and manage ‘personal information’ (as defined in the Privacy Act). Our privacy policy is divided into the following sections:
- What personal information do we collect and hold?
- How do we collect and hold your personal information?
- For what purposes do we collect, hold, use and disclose personal information?
- Do we disclose personal information to entities located overseas?
- How can you access, and correct, the personal information we hold about you?
- How can you complain about a breach of your privacy and how will we handle that complaint?
- Questions or comments about this privacy policy.
- Changes to this privacy policy.
1. What personal information do we collect and hold?
The types of personal information that we collect and hold about you will depend on the circumstances for which the information is being collected, including whether we collect the information from you as a customer, prospective customer, non-customer, job applicant or in some other capacity.
Below we have described the types of personal information we generally collect.
Information about customers
We collect and hold a range of personal information that is reasonably necessary for the purpose of supplying our individual and business customers (customers) with services and products (directly or, where applicable, on behalf of third parties). The kinds of personal information we collect for this purpose may include your name, contact information (including your home or business address, postal address, email address and telephone numbers), signature (when you sign a contract with us) and your particular requirements for and use of our services and products.
We also collect information about the nature of your premises, for example whether you are a residential or business customer. In the case of businesses acquiring our products or services, we usually also collect the name, title and contact information of a contact person in the business.
In addition, we collect and store your National Meter Identifier (NMI), NMI address (the meter location which may be the same as your home or business address) and associated GPS coordinates of your meter or other electricity network and related assets located on your premises. A NMI is an identification number that helps us to identify your particular connection points and related electricity meters.
We do all that we reasonably can to ensure that the personal information we collect is accurate, up-to-date and complete. Generally, it is necessary for us to collect your personal details so that we can provide you with our products or services.
However, unless it is impracticable or we are required by law or an authority to deal with identified individuals, we will give you the option of dealing with us anonymously or through the use of a pseudonym. Please note that if you choose not to identify yourself (including by using a pseudonym), this may mean that we are not able to provide the requested products or services, or we may need to forfeit or decline your application for products or services.
Information about our third-party service providers, suppliers, contractors and other stakeholders
We may collect your personal information when we do business with you (for example, if you work for one of our third-party service providers, suppliers, or other stakeholders).
The type of personal information that we collect will vary depending on the circumstances of collection and the purpose for which we are dealing with you, but will typically include personal details such as your name, title, email address, postal address and other business contact details (such as your LinkedIn profile) or your bank account details where payments are made from you to us (or from us to you); information about your employer or an organisation you represent; your professional details (such as your job title); any additional personal information you provide to us, or authorise us to collect, as part of your interaction with us; and other contact details regarding our interactions and transactions with you and the organisation you represent.
Metering data and asset records
We collect (directly, or via the relevant metering data provider/metering provider) regulated and unregulated data from the meter at your home or business premises if it is connected to the electricity network which we service (Metering Data). For these purposes, regulated data is data that is governed by the National Electricity Rules, while unregulated data is not (but it may be subject to other laws, such as the Privacy Act). If you are a customer, Metering Data is collected via the meter at your home or business premises, to record your electricity use, and the status and the quality of electricity service. Metering Data information is handled in accordance with the National Electricity Rules and the Market Operations Rules where they apply, as well as in accordance with the Privacy Act.
We may also take and store photographic records of your electricity-related assets (such as your meter, meter box, service wires or connection box) for our own internal purposes, including safety, compliance and investigatory purposes.
Projects and customer surveys
As part of our commitment to develop new products and services to meet the needs of our customers, we may undertake projects, including research projects and pilot studies relating to our services and activities. We also undertake regular customer surveys to collect statistics about our customers for research and product development purposes, as well as to receive feedback from our customers. The kinds of personal information we collect will include personal information you provide to us or to our third-party service providers or consultants, and personal information which you authorise us to collect, as part of your interaction with us. This may include the personal information which is contained in any response to a customer survey that you complete or otherwise provide to us or any other information that you provide including via our website, phone, email or other communications with us.
Sensitive information
Generally, we will not collect ‘sensitive information’ (as defined in the Privacy Act) about you, such as details of your race, political beliefs, religion or health. However, we do collect sensitive information in certain circumstances, including:
- if you notify us that you use particular health-related appliances in your household that rely on uninterrupted electricity supply;
- when undertaking and reviewing assessments of hardship applications;
- for safety and security purposes including to ensure the safety and wellbeing of the general public, our customers, staff and any individuals working on site (including to record details of any health or safety incidents or accidents); or
- where we are otherwise required or authorised to do so by law.
We will only collect and use sensitive information where you have provided your consent, or as otherwise permitted or required by law.
Other information
Sometimes, we need to collect personal information about individuals who are not customers, third party service providers, suppliers or other stakeholders. For instance, we may collect information about other members of your household, such as whether they consent to the use of particular services in the home.
We may also collect CCTV footage from time to time, for detecting and determining criminal behaviour in or around our sites, conducting incident investigations, and for monitoring the safety and security of our personnel, contractors, community and our sites. We also hold personal information of individuals who were our customers during the period that we conducted an electricity retailing business, which data retention laws require us to store for a specific timeframe.
In some cases we may collect personal and sensitive information to conduct background checks before granting you access to work on our sites or to access our critical infrastructure, including where such checks are required or authorised by law.
Credit information
Occasionally, we also collect, use and disclose personal credit information about our customers. For more information about how we handle this information, please go to Credit Information. We may also collect your credit card details when you are making payments to us. If we are required to make a payment to you, we may need to collect your bank account details.
Website information
When you visit our website, we collect information about your use of our website, some of which may identify you. We may have access to information about your internet browser (including browser type and version), device, operating system, the address of the referring site, your internet protocol (IP) address, the number of visitors to our website at a given time, how long you spend on each page, your geographic location (to city level only), and clickstream information (that is, your usage of our website). If you are logged into your Google Account while browsing our website, and depending on your Google Account settings, we may also collect demographic information.
Information about job applicants
We collect personal information when recruiting employees to join Ausgrid, such as your name, title, date of birth, gender, contact details, qualifications and work history (including references and other information included in a résumé, CV or cover letter as part of the application process). Before offering you a position, we may collect additional details such as your tax file number, superannuation information and other information necessary to conduct background checks to determine your suitability for certain positions.
2. How do we collect and hold your personal information?
The main ways in which we collect your personal information are as described below.
Direct collection of personal information
We generally collect your personal information directly from you. For example, we may collect personal information about you when you deal with us over the telephone, send us correspondence (whether by letter, fax, message, text or email), have contact with us in person, through social media or when you complete a form we or our service providers send you or when you use our website. If we do not obtain the information requested, we may not be able to assist you or provide you with the products or services requested or fulfil another applicable purpose of collection.
Indirect collection of personal information
There may be occasions when we need to obtain personal information about you from an electricity retailer or third-party service provider. For example, we collect personal information from the energy retailer of our customers regarding their energy supply arrangement. If you work for one of our third-party service providers, suppliers, business customers or other stakeholders, we may need to obtain your contact details from them. In relation to job applicants, we may also collect your personal information through our recruitment processes. We may also collect relevant information from sources such as LinkedIn and other professional websites or through social media.
In some circumstances, we may also need to obtain information relating to you from a credit reporting agency, or from a publicly maintained record. If we collect personal information about you in these ways, we will take reasonable steps to make you aware of the relevant matters set out in this policy. Finally, where a third- party service provider, supplier or other stakeholder provides us with information we have not asked for, we will destroy or de-identify the information unless we would have been entitled to collect or retain such information under or in accordance with the APPs.
If you provide personal information to us about someone else (such as one of your employees if you are one of our service providers or a business customer, or a member of your household or someone with whom you have dealings) you must have that person’s consent or otherwise be entitled to disclose that information to us. You should let the person know that they can access this policy via our website or by calling us using the contact details set out in section 7 below. If the information you provide is sensitive information, then you will need to obtain the consent of the person to whom it relates before you provide it to us.
In some circumstances, we may also need to obtain information relating to you where the collection of that information is required or authorised under law.
Storage of personal information
We take reasonable steps to ensure that personal information held by us is secure from risks such as loss and interference, or unauthorised access, destruction, use, modification or disclosure. Our IT systems require user authentication and we use firewalls and encryption (security measures for the internet). We also maintain physical security over our paper files, data stores and premises, including locks and security systems at our premises. Access to personal information is restricted to our authorised personnel, who need to access those records as part of their job.
We may engage third party data storage providers to store and secure our data, including personal information of our customers, suppliers and other stakeholders on the basis that the information is properly secured and protected.
Retention and destruction of personal information
We take reasonable steps to destroy or de-identify personal information that we will no longer need for a permitted purpose under privacy law, unless we are required or permitted by law or a court/tribunal order to retain the information.
3. For what purposes do we collect, hold, use and disclose personal information?
We collect, hold, use and disclose personal information for the purpose of providing you with products or services (or seeking to improve them), or with other information you have requested, and for purposes related to this. To carry out those purposes, we may need to use and disclose personal information to establish and maintain any necessary accounts or records, credit checks, invoicing and billing systems, debt recovery and market research, and to develop new and better products and services. We will use your personal information only for the purpose for which it was collected, unless we have your consent or the different use is permitted under the APPs.
From time to time we may undertake customer surveys to collect statistics for research and product development purposes or undertake projects and pilot studies relating to our services and activities (including energy efficiency, demand management, smart electricity grid initiatives or community activities). This collection of personal information is part of our commitment to develop new products and services to meet the needs of our customers.
Metering Data is collected to record your electricity use and for other network or metering related purposes, such as trials or more formal arrangements which involve the collection, disclosure and use of Metering Data.
In some circumstances, we may also need to collect your personal information to comply with our legal and regulatory obligations.
Direct marketing
We may also collect, hold, use and disclose personal information for the purpose of telling you from time to time about our services, products or promotions. If at any time you no longer wish to be told about our new services, products or promotions, please contact us on 13 13 65 or online here.
You may also unsubscribe via the unsubscribe facility in any electronic message we send to you. If you opt-out of receiving marketing material from us, we may still contact you in relation to our ongoing relationship with you (including in relation to the products and services we are providing to you).
Will we give your personal information to anyone else?
We do not sell your personal information to third parties. However, in the circumstances described below, we may disclose your personal information to other people or entities. We only make such additional disclosures where you provide consent or where such disclosures are otherwise required or permitted by law.
Outsourcing and advice
We may disclose personal information to third parties to which we contract out specialised functions, such as mailing houses, printing companies, data storage companies, metering service providers, information technology providers, research companies, mercantile agents, and legal and accounting services. If we do disclose personal information to third party contractors or advisers under outsourcing or contracting arrangements, we do all we reasonably can to maintain tight control over their use of such information so that those contractors:
- are required to comply with the APPs when they handle your personal information; and
- are only authorised to use personal information to provide the services or to perform the functions required by us.
Research and surveys
We may disclose personal information to third parties (such as government agencies, aggregators and research partners) for reporting purposes in connection with the projects, (including research projects), trials or customer satisfaction surveys we conduct from time to time, subject to and in accordance with applicable laws. Your personal information is de- identified where possible prior to disclosure. For example, we may provide your Metering Data to the Australian Bureau of Statistics where directed to do so, for census and other research purposes, and we will take reasonable efforts to minimise disclosure of your personal information.
Disclosures required by law
For legal reasons, and in special circumstances, we may need to make disclosures of your personal information. For example, this may occur where we are directed to do so under arrangements in place to make sure that customers continue to receive electricity supply in the event of retailer failure. We may also be required to disclose your personal information to law enforcement agencies, government agencies, courts or external advisors. For example, we may be asked to disclose certain personal information about an individual to assist the police with an investigation into criminal activities. Our policy is to make such disclosures only in accordance with the Privacy Act.
We may also be required to disclose certain information under other legislative requirements, including energy industry laws and rules.
4. Do we disclose personal information to entities located overseas?
We take all reasonable steps to host personal information within Australia. However, we may disclose your personal information to overseas recipients, including to third party service providers or research organisations located outside of Australia, or engage third party data storage providers located offshore to store and secure our data, including our customer information, where permitted by laws, regulations or authorisations binding on us. Those locations include the USA, Serbia, India and New Zealand. We may also disclose your personal information such as your credit card details outside Australia if you use a payment method (including a credit card issued overseas), which requires us to communicate information about you internationally (for example, to your bank if it is outside Australia).
We only ever disclose your personal information offshore in accordance with the Privacy Act and the APPs.
Other circumstances where we may disclose your personal information to an overseas recipient (or allow them access to it) include where you have provided your consent to the disclosure or where we are otherwise required or permitted to do so under the Privacy Act.
5. How can you access, and correct, the personal information we hold about you?
Under the Privacy Act, you have a right to request access to personal information which we hold about you. You also have the right to ask us to correct information about you which is inaccurate, incomplete, out of date, irrelevant or misleading. If you wish to access the personal information that we hold about you, please contact our Privacy Officer via email to privacy@ausgrid.com.au so we can explain how we will handle your access request. Once we have verified your identity, we will generally provide you with a summary of the information held about you. We assume (unless told otherwise) that your request relates to our current records about you. Those current records will include personal information about you which is included in our databases and in paper files, and which might be used by us on a daily basis.
To provide you with access to this personal information, we would ordinarily provide you with (at our election) a PDF copy or print out of the relevant personal information from our databases, or with photocopies of records which were held only on paper files. Ordinarily, we would not charge you for the cost of providing this type of access to these records.
For legal and administrative reasons, we may also store records containing personal information in our archives. You may seek access to our non-current records, but if you do so, we may charge you reasonable costs of providing the access. To the extent practicable, we will advise you in advance if a charge may be imposed, and the likely amount of the charge.
If you believe that personal information about you is inaccurate, incomplete, out of date, irrelevant or misleading, please provide us with your request for correction (contact details are set out in Section 7). Our policy is to consider any requests for correction in a timely way. If we refuse to provide you with access or to correct your information, we will provide you with reasons for the refusal, the complaint mechanism available and inform you of any exceptions relied upon under the Privacy Act (unless it is not reasonable in the circumstances for us to do so). In the case of refusing a request for correction, we will include a statement with your personal information about the requested correction.
6. How can you complain about a breach of your privacy and how will we handle that complaint?
If you wish to complain about our handling of your personal information, in the first instance please email our Privacy Officer at privacy@ausgrid.com.au or phone us on 13 13 65. We will make every effort to investigate and respond to your complaint in a timely way (generally within 30 days of our receipt of the complaint).
If your complaint is not resolved with us directly within 30 days of our receipt of the complaint or you are dissatisfied with the outcome of our investigation, then you may wish to take your privacy-related complaint to the Office of the Australian Information Commissioner (OAIC).
For information on making a complaint to the OAIC, please visit the OAIC’s website or phone 1300 363 992.
7. Questions or comments about this privacy policy
If you have any questions or comments about this privacy policy, please contact our Privacy Officer by email at privacy@ausgrid.com.au or phone us on 13 13 65.
8. Changes to this privacy policy
This privacy policy may be updated from time to time, with or without notice to you. We recommend that you visit our website regularly to keep up to date with any changes. This policy was last updated in February 2024