Skip to main content

AGL Privacy Policy

(Including Credit Reporting Policy)

Effective Date: 15 November 2023

1. About us

This policy describes how AGL Energy Limited (AGL) and its related companies (AGL Group) handle your personal information and credit-related information.

The AGL Group is an integrated energy company listed on the Australian Securities Exchange that engages in the delivery of multi-service energy and telecommunication retailing, including electricity, gas, broadband internet, mobile and home phone services and other products to customers, including retail, business and commercial customers. We also offer services relating to smart and connected devices, electric vehicles, renewable power and decentralised energy.

You can find out more about AGL on our website. Some members of the AGL Group maintain individual privacy and credit reporting policies, available on the website of that AGL Group member and, if they do, that individual policy will apply instead.

2. Your privacy is important to us

We keep your information safe. We aim to be clear and open about what we do with it.

We understand that your privacy is important to you, and we value your trust. That’s why we protect your information and aim to be clear and open about what we do with it. 

Personal Information has the meaning given in the Privacy Act 1988 (Cth) and includes information or an opinion that identifies you or from which you can be reasonably identified.

Credit-related information means credit information and credit eligibility information as defined in the Privacy Act, and includes information about how you manage your credit, the credit that you have applied for or obtained, your payment history and creditworthiness and the information contained in your credit file.  

Sensitive Information has the meaning given in the Privacy Act and includes information or an opinion about your racial or ethnic origin, political opinions or associations, religious beliefs or affiliations, philosophical beliefs, professional or trade association or union membership, sexual orientation or practices, criminal records, health information, genetic information and biometric information and templates.

When we collect this information, we follow the obligations set out in the Privacy Act and the Privacy (Credit Reporting) Code 2014.

We update our privacy policy when our practices change. You can always find the most up-to-date version on our website.

3. What information do we collect?

We collect information about you when you interact with us. We may also collect information about you from other people and organisations, including other AGL Group members.

We only collect your personal information when an AGL Group member needs it to provide our products and services or to comply with the law. The kinds of information that we collect depends on how you interact with us and which products and services we provide you, with the purposes for collecting the information set out in section 4 of this policy. Here are some examples.

Information we collect from you

We collect the full name and contact details (landline, mobile, email) of AGL Group member customers and their authorised representatives as well as shareholders, business contacts, job applicants, contractors and others. We may also collect:

  • If you are a customer: your date of birth, address (supply and mailing if different), address history (where relevant), concession details (where applicable), other forms of identification (such as driver’s licence or passport), payment details, ABN (if applicable), information about your property that you tell us and information about your interactions and transactions with us.
  • If you have an energy plan with us: the items referenced in 'if you are a customer' as well as information about your use of our energy products and services including energy usage and consumption information at your premises. For example, how much energy you use and when you use it. We may also collect information about appliances used and the timing and efficiency of use where you have sensors or other technology installed, as well as information that we may be required to collect under energy laws or at the request of a government agency.
  • If you have a telecommunications plan with us: the items referenced in 'if you are a customer' as well as information about which telecommunications products and services we provide you (including information about devices), your use of those products and services including phone, internet and network usage, such as the time and duration of your communications, as well as information that we may be required to collect under telecommunication laws or at the request of a government agency.
  • If you are an authorised contact or representative on another person’s account: date of birth, address, your relationship with our customer, consumption history (where relevant), payment details, business/trading name and ABN (if applicable) and information about your organisation’s property and operations (if applicable) that you tell us.
  • If you are a representative of an AGL Group member customer under the Consumer Data Right (CDR) regime: your address and date of birth. If you are given an authority to act on behalf of an AGL Group member customer under the CDR regime, we will also collect details of your authority (such as the type, scope and duration of the authority) under which you have been appointed to act from relevant documents provided by you or the customer.  For more details, see 'Information we collect under the Consumer Data Right regime' below.
  • If you are an owner of a site used by an AGL Group member or own a site with AGL Group assets (or are an authorised contact or representative of an owner): your bank account details, business address and ABN (if applicable).
  • If you lodge a complaint with us: your physical address.
  • If you are a shareholder: your physical address and your tax file number (if you provide it).
  • If you apply for a job with us: Information that you provide about your right to work, employment history, qualifications and ability.
  • If you are a contractor of an AGL Group member: your organisation, date of birth and physical address.
  • If you access an AGL Group workplace or site: subject to our internal policies and procedures, we may collect certain sensitive information such as proof of vaccination, vaccination status, medical information or medical exemption information.


We collect information when you interact with us using the channels we make available to you, including online, through our app, direct contact with our contact centre, social media, and using voice tools (including Amazon Alexa and Google Home).

If you give us personal information about other people, we will assume that they have agreed that you can do this. 

Sensitive information

The Privacy Act protects your sensitive information. Where we need this information for your account (for example, to ensure continuous service to your property or to assist with translation services), we will seek your consent before we collect and use sensitive information about you unless we are permitted or required to do so by law.

In some cases, sensitive information (such as information about your proof of vaccination, vaccination status, medical information or medical exemption information) may be requested as part of your role with us, or where you visit one of our workplaces or sites. We will collect this information with your permission or where you are required by law to provide it to us. If you are an employee, once your information has been collected, it becomes an employee record and this policy does not apply.  However, we will continue to treat your information in accordance with our obligations under applicable laws (such as the Fair Work Act 2009 (Cth)) and our policy for the management of employee records.  

Information we collect from others

  • When you get a quote to apply to open an account with us: your credit information, including repayment history information.    
  • When you set up an account with us or when your account is in default we collect credit-related information from credit reporting bodies about you. We also collect this information in circumstances where you are a director or guarantor of a customer whose credit we check when the customer sets up an account with us or when the customer’s account is in default.  This information can be found on your credit file, including any credit applications, the amount and type of credit, details of your current and previous credit providers, start and end dates of credit arrangements, and information about listings on your credit file including defaults and court judgments.
  • When necessary we collect credit-related information from other AGL Group members, from public sources, and from other third parties including government agencies such as the Australian Financial Security Authority which manages the National Personal Insolvency Index and the Australian Department of Home Affairs, which manages the Australian Government's Document Verification Service.
  • When you participate in market research: information about you and your responses from the service provider that conducted the research.
  • When you engage with our sales partners: your first name, last name, address and contact details, so we can contact you about products you may be interested in.
  • If you are a business contact for our customers or service providers: your first name, last name, job title and contact details.
  • If you are a representative of an AGL Group member customer under the CDR regime: we may collect your first name, middle name, last name, mobile, email address, address and date of birth from the AGL Group member customer. If you are given an authority to act on behalf of an AGL Group member customer under the CDR regime, we will also collect details of your authority (such as the type, scope and duration of the authority) from relevant documents provided by you or the AGL Group member customer. For more details, see 'Information we collect under the Consumer Data Right regime' below.
  • If you are an existing customer of another AGL Group member: your first name, last name, contact details, date of birth, forms of identification (such as your driver licence or passport), your customer number with the AGL Group member, your preferences regarding direct marketing and telemarketing, information regarding complaints, hardship attributes, billing and payment information, and your usage and consumption information. We may also collect certain sensitive information (such as whether you require priority assistance, where that reveals health information), with your consent.
  • If you acquire insurance from us: your first name, last name, contact details (including your home address), date of birth, and forms of identification (such as your driver licence or passport). We will also collect information about your property, including number of occupants, bedrooms, insured sums and home loan details. This information may be collected from your representatives (including anyone authorised by you), or from third parties such as insurance providers or by you completing a form on our website.
  • If you are a shareholder: to comply with the law and manage your shares in AGL, we may collect details about your investment from our shareholder register service provider. You can find more information on our Shareholder Services page on our website.
  • If you apply for a job with us: professional background, qualifications and memberships, and references from your former employers. Where it is relevant to the role, we may also collect screening check information (such as background, medical, drugs and alcohol, criminal records, bankruptcy, directorship and company checks), and abilities testing, including psychometric testing. 
  • When you participate in programs involving smart home, electric vehicle, or distributed energy products: usage information.


Information we collect under the Consumer Data Right regime

The Consumer Data Right (CDR) gives consumers greater access to, and control over, their data. The CDR enables consumers to access certain data about them held by other organisations (data holders), and to authorise sharing of that data with third parties (accredited third parties). Consumers are also entitled to appoint representatives (such as secondary users, nominated representatives, or an individual given an authority to act on the consumer's behalf) to manage and authorise sharing of data under the CDR. The CDR applies to certain AGL Group members as data holders. You can learn more about the CDR by visiting https://www.cdr.gov.au.

Under the CDR, you can ask accredited third parties to obtain certain data from AGL Group members (including through a representative), to enable those accredited third parties to provide products or services to you, or to a consumer that has appointed you as their representative.

CDR data includes information about electricity contracts, as well as information about the consumer’s accounts, billing arrangements and electricity usage – it may also contain personal information about you or, if you are a representative, about the consumer you have been appointed to represent.

If you make a request under the CDR, on your own behalf or as a representative, we may collect data from accredited third parties and disclose that data to you and/or the consumer, those accredited third parties, other data holders and / or our service providers, in accordance with your instructions.

We may also use and disclose your personal information, or that of the consumer if you are their representative, to allow us to do the following:

  • provide you with an online dashboard to manage the consumer’s data and disclosures (this dashboard is operated by our service provider);
  • provide an accredited third party with your data, or the consumer's data if you are their representative (such as electricity usage or billing information) at the consumer’s request, to enable the third party to provide products or services to the consumer, or provide you, the representative, or the consumer with that data; or
  • request electricity usage and energy generation and storage data from the Australian Energy Market Operator (AEMO), which we will then provide to an accredited third party.


If you have been appointed as a representative of a consumer in their capacity as an AGL Group member customer (such as a nominated representative, secondary user or an individual given an authority to act), we may use and disclose your personal information to:

  • enable you or the consumer to view and manage details of your appointment;
  • provide you with an online dashboard, to manage the consumer’s data and disclosures of that data where permitted (this dashboard is operated by our service provider); or
  • manage delivery of the CDR service to the consumer, and to share the consumer’s data with accredited third parties and AEMO.


If personal information we hold about you is also CDR data under the CDR, you may have additional rights relating to that CDR data. For more information about these rights, including your eligibility and our collection, use and disclosure of CDR data, as well as your responsibilities relating to that CDR data, please see our CDR Policy.

Information we collect using cookies and similar technologies

When you use our websites, mobile apps or platforms, we may collect certain information such as browser type, operating system or information about the websites you visited. We use this information to help us monitor how visitors are using our websites, mobile apps or platforms, and for the purposes set out in section 4 below.

We may from time to time collect this data by using cookies, pixels, tags, and similar tracking technologies. These tracking technologies may store small amounts of information on your device that collect information to identify you when you return, and to store details about your use of the website, mobile app or platform.

Information collected by cookies or other tracking technologies may be used to serve relevant ads to you through third party services. These ads may appear on our websites, mobile apps or platforms or other websites, mobile apps or platforms you visit or use. We are not responsible for the privacy practices of third party websites which may be linked to or accessible through our websites, mobile apps or platforms.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers and applications automatically accept cookies, but you can usually modify your browser settings or consent preferences to decline cookies if you prefer. In some cases, disabling cookies may mean you will not be able to take full advantage of our websites, mobile apps or platforms.

4. How do we use your information?

We use your information to deliver our products and services, manage our business and comply with the law. We also use your information for other reasons, such as to better understand you and your needs.

We collect and use your information, so we can:

  • confirm your identity;
  • provide you or the organisation you represent with the products and services that you or the organisation you represent have asked for or authorised us to organise on your behalf, including customer support;
  • handle payments and refunds;
  • communicate with you about your account or the account of the organisation you represent;
  • manage your credit arrangements with us or the credit arrangements of the organisation you represent;
  • manage accounts that are overdue, including where we sell debt;
  • participate in credit reporting systems, including by sharing credit-related information with credit reporting bodies;
  • respond to applications, questions, requests or complaints that you have made to us;
  • maintain and update our records and carry out other administrative tasks;
  • research the usage of, and to develop and improve the capabilities of our products and services, as well as developing new products and services;
  • improve customer experience and do market research;
  • investigate possible fraud and illegal activity;
  • comply with laws;
  • participate in the CDR, including by sharing data with data holders and accredited third parties, as described under 'Information we collect under the Consumer Data Right regime' above;
  • assist government agencies and law enforcement investigations;
  • manage our business and assets, including any restructure, merger or sale of our business or assets or any part of them;
  • if you are a shareholder, manage your shareholding; and,
  • if you have applied to work with us, assess your application, undertake customary checks and comply with the law.


An AGL Group member may also collect, use and disclose personal information to assist other AGL Group members with any of the above activities. If we don’t have your personal information, we may not be able to do these things. For example, we may not be able to deliver the products or services you have asked for or respond to your questions.

Direct marketing

We, and other AGL Group members, may also use your personal information to tell you about products or services that any of us think you might be interested in, including products and services offered by other members of the AGL Group or third parties we work with. We, and other members of the AGL Group, may send you marketing messages in various ways, including by mail, email, telephone, SMS, and digital marketing including advertising through any AGL Group apps, websites, social media or third-party websites.

If you tell us how you would prefer to be contacted, we will contact you in that way where we can. 

If you don’t want to receive direct marketing messages, you can opt out by:

  • filling out a Do Not Contact form on our website (for AGL customers);
  • contacting our Customer Solutions Team (call 131 245 (AGL Energy), (08) 9420 0300 (Perth Energy), 1300 361 676 (AGL Telecommunications) or 13 14 64 (Southern Phone Company), or see section 9 below; or,
  • following the instructions in any marketing communication you receive from us (for example, using the ‘unsubscribe’ link in an email or responding to an SMS as instructed).


Please note that we may still send you important administrative and safety messages even if you opt out of receiving marketing communications.

The way we use data

We’re always working to develop and improve our products and services and improve our processes to ensure that they and we better meet your needs.

New technologies let us combine information we have about our customers and users with data from other sources, such as other AGL Group members, third-party providers, the Australian Bureau of Statistics or other official sources of information.

We also collect information about people that does not identify them such as website and advertising analytics, and data from service providers. 

We analyse this data to help us learn more about our customers and improve our products and services. Where we work with partners or service providers to do this, we do not pass on personal information about you.

5. Who do we share your information with?

We share your information for the purposes set out in section 4, with our service providers, and to comply with the law. When we do this, we take steps to keep your information safe.

We share your personal information with other people and organisations where we need to for the purposes set out in section 4. This includes sharing:

  • with other members of the AGL Group, to carry out any of the purposes set out in section 4;
  • with our installation, maintenance and fulfilment partners and other third party service providers, so they can make installations and maintain products and services that we offer;
  • with marketing and analytics organisations and third parties that we work with, for relevant purposes such as those set out in section 4;
  • with other energy companies, telecommunications companies and related companies (such as those that own or operate poles and wires or telecommunications infrastructure) that help us deliver products and services, or to migrate your service if you change energy, phone or internet providers;
  • with our wholesalers and other customers from whom you may acquire our services;
  • with credit reporting agencies to process new applications, assess and manage applications for credit, manage overdue accounts, and review your creditworthiness;
  • with insurance investigators;
  • with organisations that assist us with providing smart home, electric vehicle and distributed energy products and services, so that you can use these products and services;
  • with people that you have asked us to provide your information to, such as your authorised representatives or legal advisors, accredited data recipients or other data holders under the CDR regime (where applicable);
  • with the relevant AGL Group member customer, where you are acting as their representative;
  • if you have applied to work with us, with your previous employers to confirm your work history;
  • if you are an employee or contractor of an AGL Group member, to owners or occupiers of premises you undertake work at on behalf of the AGL Group (where permitted); and,
  • to comply with laws and assist government and law enforcement agencies.


We also share personal information with people and organisations that help us with our business, such as professional advisors, IT support, and corporate and administrative services including mercantile agents (including debt collectors) and debt buyers. We only do this where it is needed for those services to be provided to us. When we do this, we take steps that require our service providers to protect your information.

The credit reporting bodies we use include:

You can contact those credit reporting bodies or visit their websites to understand their policies on the management of credit-related information, including details of how to access your credit-related information they hold. You have the right to request credit reporting bodies not to:

  • use your credit-related information to determine your eligibility to receive direct marketing from credit providers; and
  • use or disclose your credit-related information, if you have been or are likely to be a victim of fraud.


The websites of AGL Group members link to a number of third-party websites. We are not responsible for the privacy practices of these other sites. We recommend that you review the Privacy Policy and Credit Reporting Policy on these websites.

Sending personal information overseas

Some of our service providers are located or operate outside of Australia. Where we need to, we send them information so that they can provide us services. The countries where our service providers may be located, and to which personal information is likely to be disclosed, include India, Indonesia, Fiji, Japan, Malaysia, New Zealand, the Philippines, South Africa, the USA, the UK and some member states within the European Union. 

6. Keeping your information safe

We train our staff on how to keep your information safe and secure. We use secure systems and environments to hold your information. We only keep your information for as long as we need it.

We take steps in accordance with the Guide to Securing Personal Information published by the Office of the Australian Information Commissioner, to secure our systems and the personal information we collect.

Here are some examples of the things we do to protect your information.

Staff obligations and training

We train our staff in how to keep your information safe and secure.

Our staff are required to keep your information secure at all times and are bound by internal processes and policies that confirm this.

Access to personal information is controlled through access and identity management systems.

We have security professionals who monitor and respond to (potential) security events across our network.

System security

We store your information in secured systems which are in protected and resilient data centres.

We have technology that prevents malicious software or viruses and unauthorised persons from accessing our systems.

We also share non-personal information about how people use our websites with security service providers to ensure that our websites are protected.

Services providers and overseas transfers

When we send information overseas or use service providers that handle or store data, we require them to take steps to keep your information safe and use it appropriately.

We control where information is stored and who has access to it.

Building security

We use a mix of ID cards, alarms, cameras, guards and other controls to protect our offices and buildings.

Our websites and apps

When you log into our websites or app, we encrypt data sent from your computer or device to our system so no-one else can access it.

We partner with well-known third parties as alternative ways to access your online account.

Destroying or de-identifying data when no longer required

We aim to keep personal information only for as long as we need for our business or to comply with the law. 

When we no longer need personal information, we take reasonable steps to destroy or de-identify it. 

7. Accessing, updating and correcting your information

You can ask for a copy of the personal information or credit-related information that we hold about you or ask us to update or correct it. Before we give you your information, we will need to confirm your identity.

You can also log in to your account (found at My Account for AGL accounts), to access your billing information and update your contact and payment details. To access other information, you may need to contact us and you can do this by using the details set out in section 9.

If the CDR regime applies (see 'Information we collect under the Consumer Data Right regime' above), you will also have rights to access and correct your CDR data, or to request deletion of your CDR data in certain circumstances. For more information, see our CDR Policy.

How long will it take?

We try to make your information available within 30 days after you ask us for it. If it will take longer, we’ll let you know.

Can we refuse to give you access?

In some cases, we can refuse access or only give you access to certain information. For example, we’re not able to let you see information that is commercially sensitive. If we do this, we’ll write to you explaining our decision. 

Can you correct or update your information?

You can ask us to correct or update any of your personal information or credit-related information that we have. If we’ve given the information to another party, you can ask us to let them know it’s incorrect. 

If we don’t think the information needs to be corrected, we’ll let you know why. You can ask us to include a statement that says you believe our record about you is inaccurate, incomplete, misleading or out of date.

 

8. Making a privacy complaint

How can you make a privacy complaint?

If you are concerned about your privacy or how we’ve handled your personal information, you can make a complaint and we’ll try to fix it. See section 9 for details on how you can contact us.

You can read more about how we handle complaints on the ‘Our Commitments’ page on our website. You can also read our Complaints and Dispute Resolution Policy (AGL Energy) or Complaints Handling Policy (AGL Telecommunications). You can find the complaints handling policies for other AGL Group members (such as Southern Phone Company) on that AGL Group member's website.

How do we manage privacy complaints?

We will:

  • keep a record of your complaint; and,
  • respond to you about your complaint and let you know how we will try to resolve it and how long that may take.


What else can you do?

If you’re not satisfied with how we have managed your privacy complaint, you can contact your local Ombudsman at any time for advice or to make a complaint. The Ombudsman is independent, and their services are free. You can also contact the Australian Privacy Commissioner who can be found at the Office of the Australian Information Commissioner (OAIC).

You can also contact the Telecommunications Industry Ombudsman, if your complaint relates to telecommunications products or services.

You can also complain to the Australian Privacy Commissioner who can be found at the Office of the Australian Information Commissioner (OAIC).

9. Contact us

To ask us a question, access your personal information, request a correction to your personal information, make a complaint, or get a printed copy of this policy, you can use our online enquiry form. Or you can contact the customer service team of the relevant AGL Group member, details of which are set out below.

AGL Customer Advocacy
Locked Bag 14120 
MCMC VIC 8001

Phone: 131 245 (available 24/7)
If you’re deaf or hard of hearing, or have difficulty speaking, you can use the National Relay Service.

Website: https://www.agl.com.au

AGL Telecommunications Customer Service Centre
6 Page Street
Moruya NSW 2537

Phone: 1300 361 676 (available 8am-8pm AEST, 7 days a week).
If you're deaf or hard of hearing, or have difficulty speaking, you can use the National Relay Service.

Website: www.agl.com.au

Southern Phone Customer Service Centre
6 Page Street
Moruya NSW 2537

Phone: 13 14 64 (available 8am-8pm AEST, 7 days a week).
If you’re deaf or hard of hearing, or have difficulty speaking, you can use the National Relay Service.

Email: info@southernphone.net.au

Fax: 1300 763 744

Website: www.southernphone.com.au

Perth Energy
PO Box 7971,Cloisters
Square PO, WA 6850

Phone: (08) 9420 0300 (available 8am-8pm AWST, 7 days a week).
If you're deaf or hard of hearing, or have difficulty speaking, you can use the National Relay Service.

Email: info@perthenergy.com.au

Website: www.perthenergy.com.au