Security and Privacy
At Essential Energy we are committed to protecting the privacy of our customers, our business contacts and our employees. When we collect and handle personal information, we do so in accordance with Australian privacy laws. These laws protect the privacy of personal information we hold on customers and other individuals with whom we deal.
Essential Energy is bound by the Australian Privacy Principles (APPs). The APPs are set out in the Privacy Act 1988 (the Privacy Act) and govern how organisations handle personal information.
1.1 Personal details
We collect and hold a range of personal information that is reasonably necessary for the purpose of supplying customers with our services and products. The kinds of personal information we collect for this purpose may include your name, contact information (including your address and telephone numbers) and your particular requirements for our services and products.
We also collect information about the nature of your premises, for example whether you are a residential or business customer. In the case of businesses acquiring our products or services, we usually also collect the name, title and contact details of a contact person in the business.
In addition, we collect and store your National Meter Identifier (NMI) and your NMI address (the meter location which may be the same as your personal address). A NMI is an identification number that helps us to identify your particular meter.
We do all that we reasonably can so that the information we hold is accurate, up-to-date, complete and relevant.
Generally, it is necessary for us to collect your personal details so that we can provide you with our services or products. However, if it is practicable and lawful for us to do so, we will give you the option of dealing with us anonymously or through the use of a pseudonym.
1.2 Metering data
We collect metering data about the premises connected to our electricity network. Metering data is collected via the meter at your home or business premises, to record your electricity use. We also collect water metering data for those premises located in the Essential Water area of operation. This information is used to record water use. For non-residential properties, water consumption is also used to calculate sewage usage. Metering data information is handled in accordance with the National Electricity Rules and the Market Operations Rules where they apply, as well as in accordance with the Privacy Act.
1.3 Projects and customer surveys
As part of our commitment to develop new products and services to meet the needs of our customers, we may undertake projects and pilot studies relating to energy efficiency, demand management and/or smart electricity grid activities. From time to time we may also undertake customer surveys to collect statistics about our customers for research and product development purposes.
1.4 Sensitive information
Generally, we will not collect sensitive information about you, such as details of your race, political beliefs, religion or health. We may, however, collect some health information in certain circumstances. For instance, we may need to collect your health information if you use particular health-related appliances in your household. We will only collect and use health information for these purposes where you have provided your consent.
1.5 Non-customer information
We may also collect information about other members of a household in which a customer resides, such as whether they consent to the use of particular services in the home. Sometimes, we also need to collect personal information about individuals who are not customers. This need will usually arise where we collect the name and business contact details of a person who is the contact in the company or a government agency with which we deal. Our policy is to use personal information collected from non-customers only as permitted under the Privacy Act.
1.6 Credit information
Occasionally, we also collect, use and disclose personal credit information about our customers.
2.1 Direct collection of personal information
We generally collect your personal information directly from you. For example, we may collect personal information about you when you deal with us over the telephone, send us correspondence (whether by letter, fax or email), when you have contact with us in person or when you complete a form on our website. If we do not obtain the information requested, we may not be able to provide you with the products or services requested or fulfil another applicable purpose of collection.
2.2 Indirect collection of personal information
There may be occasions when we need to obtain personal information about you from a third party. For example, we collect personal information from your energy retailer regarding your energy supply arrangement. If you work for one of our service providers or business customers or other organisations with which we do business, we may need to obtain your contact details from them. In some circumstances also, we may need to obtain information relating to you from a credit reporting agency, or from a publicly maintained record. If we collect personal information about you in these ways, we will take reasonable steps to make you aware of the relevant matters set out in this policy. Finally, where a third party provides us with information we have not asked for, we will destroy or de-identify the information unless we would have been entitled to collect it under the APPs.
2.3 Website collection
When you visit our website, we may collect additional information about your use of the website, which may or may not identify you. For instance, we may collect information about which pages you visit on the website to help us determine which parts of the site you value, so that we can build and develop our website to best meet customer needs. We may also collect information about your internet browser and operating system, the address of the referring site, your internet protocol address and clickstream information. This information helps us to understand how you came to find our website.
2.4 Storage of personal information
We take reasonable steps so that personal information held by us is secure from such risks as loss and interference, or unauthorised access, destruction, use, modification or disclosure. Our IT systems are password protected and we use firewalls and encryption (security measures for the internet). We also maintain physical security over our paper files, data stores and premises, including locks and security systems. Access to personal information is restricted to our authorised personnel, who need to access those records as part of their job.
We may engage third party data storage providers to store and secure our data, including personal information of our customers on the basis that the information is properly secured and protected.
2.5 Retention and destruction of personal information
We take reasonable steps to destroy or de-identify personal information that we no longer need.
As mentioned at paragraph 1.1 above, we collect, hold, use and disclose personal information for the purpose of providing you with services and products, or with other information you have requested, and for purposes related or ancillary to this. To carry out those purposes, we may need to use and disclose personal information to establish and maintain any necessary accounts or records, credit checks, invoicing and billing systems, debt recovery and market research, and to develop new and better services. We will use your personal information only for the purpose for which it was collected, unless we have your consent or the different use is permitted under the APPs.
3.1 Direct marketing
We may also collect, hold, use and disclose personal information for the purpose of telling you from time to time about our services, products or promotions. If at any time you no longer wish to be told about our new services, products or promotions, please contact us on 13 23 91 or email firstname.lastname@example.org
3.2 Will we give your personal information to anyone else?
We do not sell personal information to third parties. However, in the circumstances described below, we may disclose your personal information to other people or entities. We may make additional disclosures where you provide consent or where such disclosures are otherwise permitted under the Privacy Act.
(a) Outsourcing and advice
We may disclose personal information that we collect to third parties to which we contract out specialised functions, such as mailing houses, printing companies, data storage companies, information technology providers and legal and accounting services. If we do disclose personal information to third party contractors or advisers under outsourcing or contracting arrangements, we do all we reasonably can to maintain tight control over their use of such information, and we prohibit disclosure of the information by them so that those contractors:
- comply with the APPs when they handle your personal information; and
- are authorised only to use personal information in order to provide the services or to perform the functions required by us.
(b) Research and surveys
We may disclose personal information to third parties (such as government agencies and research partners) for reporting purposes in connection with the projects and trials we conduct from time to time. Our general policy is to de-identify the information we disclose to third parties for research purposes. However, where personally-identifying information is provided to third parties, we will take reasonable steps to make the relevant individuals aware that information about them is being disclosed, and obtain their consent to do so where necessary.
(c) Disclosures required by law
For legal reasons, and in special circumstances, we may need to make disclosures of your personal information. This may occur where we are directed to do so under arrangements in place to make sure that you continue to receive electricity supply in the event of retailer failure. We may also be required to disclose your personal information to law enforcement agencies, government agencies, courts or external advisors. For example, we may be asked to disclose certain personal information about an individual to assist the police with an investigation into criminal activities. Our policy is to make such disclosures only in accordance with the Privacy Act. We may also be required to disclose certain information under the energy industry laws and rules. We are also subject to the Government Information (Public Access) Act 2009 (NSW) (GIPA Act), which requires us to make government information publicly available in response to a request unless there is an overriding public interest against disclosure of the information. If a person makes an application for access to information that relates to you, we will consult you and give you the opportunity to object to the release of the information. For more information on how we comply with the GIPA Act, please visit our GIPA pages
We may disclose personal information to service providers or research organisations located outside of Australia. For instance, we may engage third party data storage providers located overseas to store and secure our data, including our customer information. We may also disclose your personal information (such as your credit card details) outside Australia if you use a payment method (including a credit card issued overseas), which requires us to communicate information about you internationally (for example, to your bank if it is outside Australia).
Under the Privacy Act, you have a right to seek access to personal information which we hold about you. You also have the right to ask us to correct information about you which is inaccurate, incomplete, out of date, irrelevant or misleading.
If you wish to access the personal information that we hold about you, please contact our Privacy Officer on 13 23 91 or email email@example.com
so we can explain how we will handle your access request. Once we have verified your identity, we would generally provide you with a summary of the information held about you. We would assume (unless you told us otherwise) that your request related to our current records about you. Those current records would include personal information about you which was included in our databases and in paper files, and which might be used by us on a day to day basis.
To provide you with access to this personal information, we would ordinarily provide you with a print-out of the relevant personal information from our databases, or with photocopies of records which were held only on paper files. Ordinarily, we would not charge you for the cost of providing this type of access to these records.
For legal and administrative reasons, we may also store records containing personal information in our archives. You may seek access to our non-current records, but if you do so, we may charge you for the cost of providing the access.
If you believe that personal information about you is inaccurate, incomplete, out of date, irrelevant or misleading, please provide us with your request for correction (contact details are set out in Section 7). Our policy is to consider any requests for correction in a timely way. If we refused to provide you with access to the information, we would provide you with reasons for the refusal and inform you of any exceptions relied upon under the Privacy Act (unless it is not reasonable in the circumstances for us to do so).
If you wish to complain about our handling of your personal information, in the first instance please email our Privacy Officer
or phone us on 13 23 91. We will make every effort to investigate and respond to your complaint in a timely way (generally within 30 days of our receipt of the complaint).
If you are dissatisfied with the outcome of our investigation, you may take your privacy-related complaint to the Energy and Water Ombudsman (EWON) and/or the Office of the Australian Information Commissioner (OAIC). EWON offers a free dispute resolution service for New South Wales electricity and gas customers. You can contact EWON by phone on 1800 246 545 or by emailing firstname.lastname@example.org