Privacy Policy

Energy Plans Australia

ABN 37 686 762 158

Last updated: 9 May 2025

1. Introduction

Energy Plans Australia (“we”, “us”, “our”) is committed to protecting your personal information and complying with all applicable Australian laws, including the Privacy Act 1988 (Cth), the Australian Consumer Law (Schedule 2 of the Competition and Consumer Act 2010 (Cth)) and the Spam Act 2003 (Cth). This Policy explains how we collect, hold, use and disclose your personal data, and how you may access and correct it.

2. Who We Are

Energy Plans Australia

PO Box 528, Cammeray, NSW, 2062

Email: privacy@energyplans.com.au

3. What Personal Information We Collect

We collect personal information as defined in the Privacy Act 1988 (Cth), including but not limited to:

Identity: your name, date of birth

Contact: email address, mobile number, postal address

Technical: IP address, device/browser information, cookies

Consent & Preference: opt-in/opt-out flags, consent timestamps, communication preferences

4. How We Collect Your Information

Directly from you when you complete our online form or contact us.

Automatically via cookies and analytics tools.

From third parties (e.g. marketing partners) only where you have consented.

During CIMET consultations, when additional details are gathered by CIMET consultants on our behalf.

5. How We Use and Disclose Your Information

We will only use or disclose your personal information:

To provide our energy comparison service and refer you to energy retailers.

To communicate with you about quotes, bookings and service updates.

For marketing, but only where you have provided explicit consent (in compliance with the Spam Act 2003).

To improve our website and services via analytics.

To comply with our legal obligations under the Privacy Act 1988 (Cth), Australian Consumer Law and other statutes.

To transfer to CIMET Sales Pty Ltd (“CIMET”) for lead qualification, quoting and onboarding, with CIMET acting as the data custodian under our Affiliate Agreement.

6. Legal Framework & Your Rights

6.1 Privacy Act 1988 (Cth)

We comply with the Australian Privacy Principles (APPs) in Schedule 1 of the Privacy Act 1988 (Cth). In particular:

APP 1: Open and transparent management of personal information (this Policy).

APP 3: Collection of solicited personal information only.

APP 5: Notification of the purposes for which we collect your information.

APP 6: Use and disclosure only for the primary purpose or a directly related secondary purpose, or with your consent.

APP 11: Protection of personal information by reasonable security safeguards.

6.2 Australian Consumer Law

Under the Australian Consumer Law (Schedule 2 to the Competition and Consumer Act 2010 (Cth)):

We will not engage in misleading or deceptive conduct (section 18).

All terms in our communications and website are fair and transparent, and we honour statutory guarantees regarding services.

6.3 Spam Act 2003 (Cth)

We comply fully with the Spam Act 2003:

We will not send you commercial electronic messages unless you have explicitly opted in (section 16).

Every email contains a functional “unsubscribe” facility and every SMS allows you to reply “STOP” (sections 18–19).

We maintain records of your consent for at least 3 years (section 21).

We honour all unsubscribe or “STOP” requests within 5 business days.

7. CIMET-Related Data Handling

Daily SFTP Transfer: CSV file of consent-flagged leads to CIMET’s secure SFTP.

Consent Register: We maintain a master register logging every opt-in, opt-out and suppression request; a read-only view is shared with CIMET.

8. Cookies & Analytics

We use cookies in accordance with the Privacy Act and relevant guidelines. You can manage your preferences via our Cookie Banner or browser settings. Refer to our separate Cookies Policy for full details.

9. Marketing Communications & Your Choices

Marketing messages (email/SMS) are sent only if you have provided explicit, verifiable consent.

You may withdraw consent at any time by using the “unsubscribe” link in emails or replying “STOP” to SMS.

To update preferences, email privacy@energyplans.com.au.

10. Data Security & Retention

We take all reasonable steps to secure your data in line with APP 11 of the Privacy Act 1988 (Cth):

Encryption of data at rest and in transit (TLS 1.2+).

Role-based access controls and multi-factor authentication.

Retention of personal information and consent logs for seven (7) years, or as otherwise required by law.

10.1 Data Breach Response

We adhere to the Notifiable Data Breaches (NDB) scheme under the Privacy Act:

Incidents are assessed within 24 hours of detection.

If eligible, we notify the Office of the Australian Information Commissioner (OAIC) and affected individuals within 72 hours.

CIMET is informed within 48 hours of escalation.

11. Overseas Disclosure

We do not transfer your personal information outside Australia. Should this ever change, we will obtain your consent and ensure recipients provide protections comparable to the APPs.

12. Access, Correction & Complaints

Access & Correction: You may request access to or correction of your personal data by contacting us at privacy@energyplans.com.au. We will respond within 30 days as required by APP 12–14.

Complaints: If you believe we have breached this Policy or the APPs, lodge a complaint with our Privacy Officer. We will investigate within 30 days. You also have the right to complain to the OAIC.

13. Changes to This Policy

We may update this Policy to reflect changes in law or our practices. The “Last updated” date indicates when the Policy was last revised.

Contact Us

privacy@energyplans.com.au

Energy Plans Australia – empowering your energy choices, with your privacy safeguarded by Australian law.