AGL Privacy Policy
(Including Credit Reporting Policy)
Effective Date: 14 November 2023

1. About us

This policy describes how AGL Energy Limited (AGL) and its related companies (AGL Group) handle your personal information and credit-related information. 

The AGL Group is an integrated energy company listed on the Australian Securities Exchange that engages in the delivery of multi-service energy and telecommunication retailing, including electricity, gas, broadband internet, mobile and home phone services and other products to customers, including retail, business and commercial customers. We also offer services relating to smart and connected devices, electric vehicles, renewable power and decentralised energy.

You can find out more about AGL on our website. Some members of the AGL Group maintain individual privacy and credit reporting policies, available on the website of that AGL Group member and, if they do, that individual policy will apply instead.

2. Your privacy is important to us

We keep your information safe. We aim to be clear and open about what we do with it. 

We understand that your privacy is important to you, and we value your trust. That’s why we protect your information and aim to be clear and open about what we do with it.  

Personal Information  has the meaning given in the Privacy Act 1988 (Cth) (Privacy Act) and includes information or an opinion that identifies you or from which you can be reasonably identified. 

Credit-related information  means credit information and credit eligibility information as defined in the Privacy Act, and includes information about how you manage your credit, the credit that you have applied for or obtained, your payment history and creditworthiness and the information contained in your credit file.   

Sensitive Information  has the meaning given in the Privacy Act and includes information or an opinion about your racial or ethnic origin, political opinions or associations, religious beliefs or affiliations, philosophical beliefs, professional or trade association or union membership, sexual orientation or practices, criminal records, health information, genetic information and biometric information and templates. 

When we collect this information, we follow the obligations set out in the Privacy Act and the Privacy (Credit Reporting) Code 2014 (Cth). 

We update our privacy policy when our practices change. You can always find the most up-to-date version on our website. 

3. What information do we collect?

We collect information about you when you interact with us. We may also collect information about you from other people and organisations, including other AGL Group members.

We only collect your personal information when an AGL Group member needs it to provide our products and services or to comply with the law. The kinds of information that we collect depends on how you interact with us and which products and services we provide you, with the purposes for collecting the information set out in section 4 of this policy. Here are some examples.

Information we collect from you 

We collect the full name and contact details (for example, landline, mobile, email) of AGL Group member customers and their representatives as well as shareholders, business contacts, job applicants, contractors and others. We may also collect: 

• If you are a customer: your date of birth, address (supply and mailing if different), address history (where relevant), concession details (where applicable), other forms of identification (such as driver’s licence or passport), payment details, ABN (if applicable), information about your property that you tell us and information about your interactions and transactions with us. 
• If you have an energy plan with us: the items referenced in 'if you are a customer' as well as information about your use of our energy products and services including energy usage and consumption information at your premises. For example, how much energy you use and when you use it. We may also collect information about appliances used and the timing and efficiency of use where you have sensors or other technology installed, as well as information that we may be required to collect under energy laws or at the request of a government agency. 
• If you have a telecommunications plan with us: the items referenced in 'if you are a customer' as well as information about which telecommunications products and services we provide you (including information about devices), your use of those products and services including phone, internet and network usage, such as the time and duration of your communications, as well as information that we may be required to collect under telecommunication laws or at the request of a government agency. 
• If you are an authorised contact or representative on another customer’s account: date of birth, address, your relationship with our customer, payment details, business/trading name and ABN (if applicable) and information about your organisation’s property and operations (if applicable) that you tell us. 
• If you are a representative of an AGL Group member customer under the Consumer Data Right (CDR) regime: your address and date of birth. If you are given an authority to act on behalf of an AGL Group member customer under the CDR regime, we will also collect details of your authority (such as the type, scope and duration of the authority) under which you have been appointed to act from relevant documents provided by you or the customer.  For more details, see 'Information we collect under the consumer data right regime' below. 
• If you are an owner of a site used by an AGL Group member or own a site with AGL Group assets (or are an authorised contact or representative of an owner): your bank account details, business address and ABN (if applicable). 
• If you lodge a complaint with us: your physical address. 
• If you are a shareholder: your physical address and your tax file number (if you provide it). 
• If you apply for a job with us: Information that you provide about your right to work, employment history, qualifications and ability. 
• If you are a contractor of an AGL Group member: your organisation, date of birth and physical address. 
• If you access an AGL Group workplace or site: subject to our internal policies and procedures, we may collect certain sensitive information such as proof of vaccination, vaccination status, medical information or medical exemption information. 

We collect information when you interact with us using the channels we make available to you, including online, through our app, direct contact with our contact centre, social media, and using voice tools (including Amazon Alexa and Google Home). 

If you give us personal information about other people, we will assume that they have agreed that you can do this.  

Sensitive Information 

The Privacy Act protects your sensitive information. Where we need this information for your account (for example, to ensure continuous service to your property or to assist with translation services), we will seek your consent before we collect and use sensitive information about you unless we are permitted or required to do so by law. 

In some cases, sensitive information (such as information about your proof of vaccination, vaccination status, medical information or medical exemption information) may be requested as part of your role with us, or where you visit one of our workplaces or sites. We will collect this information with your permission or where you are required by law to provide it to us. If you are an employee, once your information has been collected, it becomes an employee record and this policy does not apply.  However, we will continue to treat your information in accordance with our obligations under applicable laws (such as the Fair Work Act 2009 (Cth)) and our policy for the management of employee records.   

Information we collect from others 

• When you get a quote to apply to open an account with us: your credit information, including repayment history information.     
• When you set up an account with us or when your account is in default we collect credit-related information from credit reporting bodies about you. We also collect this information in circumstances where you are a director or guarantor of a customer whose credit we check when the customer sets up an account with us or when the customer’s account is in default.  This information can be found on your credit file, including any credit applications, the amount and type of credit, details of your current and previous credit providers, start and end dates of credit arrangements, and information about listings on your credit file including defaults and court judgments. 
• When necessary we collect credit-related information from other AGL Group members, from public sources, and from other third parties including government agencies such as the Australian Financial Security Authority which manages the National Personal Insolvency Index, and the Australian Department of Home Affairs, which manages the Australian Government's Document Verification Service. 
• When you participate in market research: information about you and your responses from the service provider that conducted the research. 
• When you engage with our sales partners: your first name, last name, address and contact details, so we can contact you about products you may be interested in. 
• If you are a business contact for our customers or service providers: your first name, last name, job title and contact details. 
• If you are a representative of an AGL Group member customer under the CDR regime: we may collect your first name, middle name, last name, mobile, email address, address and date of birth from the AGL Group member customer. If you are given an authority to act on behalf of an AGL Group member customer under the CDR regime, we will also collect details of your authority (such as the type, scope and duration of the authority) from relevant documents provided by you or the AGL Group member customer. For more details, see 'Information we collect under the consumer data right regime' below. 
• If you are an existing customer of another AGL Group member: your first name, last name, contact details, date of birth, forms of identification (such as your driver licence or passport), your customer number with the AGL Group member, your preferences regarding direct marketing and telemarketing, information regarding complaints, hardship attributes, billing and payment information, and your usage and consumption information. We may also collect certain sensitive information (such as whether you require priority assistance, where that reveals health information), with your consent. 
• If you acquire insurance from us: your first name, last name, contact details (including your home address), date of birth, and forms of identification (such as your driver licence or passport). We will also collect information about your property, including number of occupants, bedrooms, insured sums and home loan details. This information may be collected from your representatives (including anyone authorised by you), or from third parties such as insurance providers or by you completing a form on our website. 
• If you are a shareholder: to comply with the law and manage your shares in AGL, we may collect details about your investment from our shareholder register service provider. You can find more information on our Shareholder Services page on our website. 
• If you apply for a job with us: your professional background, qualifications and memberships, and references from your former employers. Where it is relevant to the role, we may also collect screening check information (such as background, medical, drugs and alcohol, criminal records, bankruptcy, directorship and company checks), and abilities testing, including psychometric testing.  
• When you participate in programs involving smart home, electric vehicle, or distributed energy products: usage information. 

Information we collect under the consumer data right regime

The CDR gives consumers greater access to, and control over, their data. The CDR enables consumers to access certain data about them held by other organisations (data holders), and to authorise sharing of that data with third parties (accredited third parties). Consumers are also entitled to appoint representatives (such as secondary users, nominated representatives, or an individual given an authority to act on the consumer's behalf) to manage and authorise sharing of data under the CDR. The CDR applies to certain AGL Group members as data holders. You can learn more about the CDR by visiting https://www.cdr.gov.au.  

Under the CDR, you can ask accredited third parties to obtain certain data from us AGL Group members (including through a representative), to enable them those accredited third parties to provide products or services to you, or provide you with that data or to a consumer that has appointed you as their representative.  

CDR data includes information about your electricity contracts, as well as information about  you, your accounts,  the consumer’s accounts, billing arrangements and electricity usage – it may also contain your personal information about you or, if you are a representative, about the consumer you have been appointed to represent.   

If you make a request under the CDR, on your own behalf or as a representative, we may collect data from accredited third parties and disclose that data to you and/or the consumer, those accredited third parties, other data holders and / or our service providers, in accordance with your instructions. 

If you make a request under the CDR, we  We may also use and disclose your personal information, or that of the consumer if you are their representative, to allow us to do the following: 

• provide you with an online dashboard to manage the consumer’s data and disclosures (this dashboard is operated by our service provider); 
• provide an accredited third party with your data, or the consumer's data if you are their representative (such as electricity usage or billing information) at your the consumer’s request, to enable the third party to provide products or services to you the consumer, or provide you, the representative, or the consumer with that data; or 
• request electricity usage and energy generation and storage data from the Australian Energy Market Operator (AEMO), which we will then provide to an accredited third party. 

If you have been appointed as a representative of a consumer in their capacity as an AGL Group member customer (such as a nominated representative, secondary user or an individual given an authority to act), we may use and disclose your personal information to: 

• enable you or the consumer to view and manage details of your appointment; 
• provide you with an online dashboard, to manage the consumer’s data and disclosures of that data where permitted (this dashboard is operated by our service provider); or 
• manage delivery of the CDR service to the consumer, and to share the consumer’s data with accredited third parties and AEMO. 

If personal information we hold about you is also CDR data under the CDR, you may have additional rights relating to that CDR data. For more information about these rights, including your eligibility and our collection, use and disclosure of CDR data, as well as your responsibilities relating to that CDR data, please see our CDR Policy. 

Information we collect using cookies and similar technologies 

When you use our websites, mobile apps or platforms, we may collect certain information such as browser type, operating system or information about the websites you visited. We use this information to help us monitor how visitors are using our websites, mobile apps or platforms, and for the purposes set out in section 4 below. 

We may from time to time collect this data by using cookies, pixels, tags, and similar tracking technologies. These tracking technologies may store small amounts of information on your device that collect information to identify you when you return, and to store details about your use of the website, mobile app or platform. 

Information collected by cookies or other tracking technologies may be used to serve relevant ads to you through third party services. These ads may appear on our websites, mobile apps or platforms or other websites, mobile apps or platforms you visit or use. We are not responsible for the privacy practices of third party websites which may be linked to or accessible through our websites, mobile apps or platforms. 

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers and applications automatically accept cookies, but you can usually modify your browser settings or consent preferences to decline cookies if you prefer. In some cases, disabling cookies may mean you will not be able to take full advantage of our websites, mobile apps or platforms. 

4. How do we use your information?

We use your information to deliver our products and services, manage our business and comply with the law. We also use your information for other reasons, such as to better understand you and your needs. 

We collect and use your information, so we can: 

• confirm your identity; 
• provide you or the organisation you represent with the products and services that you or the organisation you represent have asked for or authorised us to organise on your behalf, including customer support; 
• handle payments and refunds; 
• communicate with you about your account or the account of the organisation you represent; 
• manage your credit arrangements with us or the credit arrangements of the organisation you represent; 
• manage accounts that are overdue, including where we sell debt; 
• participate in credit reporting systems, including by sharing credit-related information with credit reporting bodies; 
• respond to applications, questions, requests or complaints that you have made to us; 
• maintain and update our records and carry out other administrative tasks; 
• research the usage of, and to develop and improve the capabilities of our products and services, as well as developing new products and services; 
• improve customer experience and do market research; 
• investigate possible fraud and illegal activity; 
• comply with laws; 
• participate in the CDR, including by sharing data with data holders and accredited third parties, as described under 'Information we collect under the consumer data right regime' above; 
• assist government agencies and law enforcement investigations; 
• manage our business and assets, including any restructure, merger or sale of our business or assets or any part of them; 
• if you are a shareholder, manage your shareholding; and 
• if you have applied to work with us, assess your application, undertake customary checks and comply with the law. 

An AGL Group member may also collect, use and disclose personal information to assist other AGL Group members with any of the above activities. If we don’t have your personal information, we may not be able to do these things. For example, we may not be able to deliver the products or services you have asked for or respond to your questions. 

Direct Marketing 

We, and other AGL Group members, may also use your personal information to tell you about products or services that any of us think you might be interested in, including products and services offered by other members of the AGL Group or third parties we work with. We and other members of the AGL Group, may send you marketing messages in various ways, including by mail, email, telephone, SMS, and digital marketing including advertising through any AGL Group apps, websites, social media or third-party websites. 

If you tell us how you would prefer to be contacted, we will contact you in that way where we can.  

If you don’t want to receive direct marketing messages, you can opt out by: 

• filling out a Do Not Contact form on our website  (for AGL customers); 
• contacting our Customer Solutions Team (call 131 245 (AGL Energy), (08) 9420 0300 (Perth Energy), 1300 361 676 (AGL Telecommunications) or 13 14 64 (Southern Phone Company)), or see section 9 below; or, 
• following the instructions in any marketing communication you receive from us (for example, using the ‘unsubscribe’ link in an email or responding to an SMS as instructed). 

Please note that we may still send you important administrative and safety messages even if you opt out of receiving marketing communications.  

The way we use data 

We’re always working to develop and improve our products and services and improve our processes to ensure that they and we better meet your needs. 

New technologies let us combine information we have about our customers and users with data from other sources, such as other AGL Group members, third-party providers, the Australian Bureau of Statistics or other official sources of information. 

We also collect information about people that does not identify them such as website and advertising analytics, and data from service providers.  

We analyse this data to help us learn more about our customers and improve our products and services. Where we work with partners or service providers to do this, we do not pass on personal information about you. 

5. Who do we share your information with?

We share your information for the purposes set out in section 4, with our service providers, and to comply with the law. When we do this, we take steps to keep your information safe. 

We share your personal information with other people and organisations where we need to for the purposes set out in section 4. This includes sharing: 

• with other members of the AGL Group, to carry out any of the purposes set out in section 4; 
• with our installation, maintenance and fulfilment partners and other third party service providers, so they can make installations and maintain products and services that we offer; 
• with marketing and analytics organisations and third parties that we work with, for relevant purposes such as those set out in section 4; 
• with other energy companies, telecommunications companies and related companies (such as those that own or operate poles and wires or telecommunications infrastructure) that help us deliver products and services, or to migrate your service if you change energy, phone or internet providers; 
• with our wholesalers and other customers from whom you may acquire our services; 
• with credit reporting agencies to process new applications, assess and manage applications for credit, manage overdue accounts, and review your creditworthiness; 
• with insurance investigators; 
• with organisations that assist us with providing smart home, electric vehicle and distributed energy products and services, so that you can use these products and services; 
• with people that you have asked us to provide your information to, such as your authorised representatives or legal advisors, accredited data recipients or other data holders under the CDR regime (where applicable); 
• with the relevant AGL Group member customer, where you are acting as their representative;  
• if you have applied to work with us, with your previous employers to confirm your work history; 
• if you are an employee or contractor of an AGL Group member, to owners or occupiers of premises you undertake work at on behalf of the AGL Group (where permitted); and, 
• to comply with laws and assist government and law enforcement agencies. 

We also share personal information with people and organisations that help us with our business, such as professional advisors, IT support, and corporate and administrative services including mercantile agents (including debt collectors) and debt buyers. We only do this where it is needed for those services to be provided to us. When we do this, we take steps that require our service providers to protect your information. 

The credit reporting bodies we use include: