Summary of changes in this update
- Format and structure fully redrafted to make it clear what Data we collect and how we use it
- Explicitly stated in more detail what Data we collect, the purposes we can use it for, and who we can share data with
- Defined Personal Data and Energy Data
- Included treatment of Cookies, website links, how we store your Data, and additional compliance information
What information we collect and store
Solar Analytics collects Personal Information and Energy Data from our customers.
The types of Personal Information we may collect include:
- Contact information such as your name, address, email address, telephone number;
- Your electricity billing information such as your electricity retailer, tariff, and billing;
- Platform information such as how you use our Service, information you or your solar retailer entered into our platform, correspondence with us, additional information collected during special offers and trials.
The types of Energy Data we may collect include:
- Solar System information such as location, size, equipment configuration, circuit names, System status and performance;
- NMI (energy meter identifier), electricity generated, electricity consumed, grid side voltage and power factor.
The purposes for which we collect, hold, use and disclose Personal Information
All Personal Information collected by Solar Analytics is used for our business functions and activities and it may be used for the purposes of:
- Providing you with our Products or Services that you have requested, such as maintaining your account details and billing, managing your solar System and home energy, improving our Products and Services;
- Communicating with you to respond to your requests, enquires and/or complaints; notify you about developments in our procedures, products, services, activities and programs that might be useful to you; marketing purposes; gather feedback;
- Provide anonymised, aggregated or de-identified Data to third parties;
- To comply with the law as required.
In addition to the above purposes, we may collect, hold, use and disclose Energy Data for the following purposes
- To support cost-effective electricity grid operations and maintenance;
- To promote the expansion of renewable energy and the integration of increasing e-mobility.
Solar Analytics will take reasonable steps to ensure Personal Information that it keeps is accurate, up-to-date and relevant to the purposes for which it is to be used.
Solar Analytics must only use or disclose your Personal Information to the extent necessary to comply with laws, perform Solar Analytics’s functions or exercise its rights.
Who we share your Energy Data and Personal Information with
We may share your Personal Information and Energy Data with the following:
- Your Solar Retailer will have access to your System information and Energy Data for the purpose of providing their services to you, such as diagnosis and fault rectification of your System. They will also have any information you shared directly with them;
- Our third party service providers required for us to deliver our Services to you, eg internet servers;
- Our business partners, successors in title, potential purchasers of our business or shares in our business;
- As anonymous, de-identified or aggregated data (this data is not identifiable to you);
- We may share Energy Data that is identifiable to your System location with electricity grid operators and regulators to support the effective operation of the electricity grid;
- In certain circumstances we may request your consent to share your Personal Information outside the bounds of this policy.
In all of these cases, Solar Analytics expects these organisations to protect the privacy of that Personal Information.
You may contact firstname.lastname@example.org at any time to request that your Solar Retailer may no longer receive your System information and electricity Data, however this may restrict or limit the products and services offered to you and may impact your Warranty or other Terms and Conditions between you and your Solar Retailer.
How we collect and securely store Personal Information
Personal information may be collected by Solar Analytics by way of provision of Personal Information by individuals via the phone, online contact forms, user-generated content; market research, emails, and during face-to-face meetings. Where necessary and with your consent, we supplement the information we receive from you with information from third party sources.
Solar Analytics takes all reasonable steps to protect your Personal Information from loss, misuse or unauthorised disclosure, modification or destruction. Solar Analytics’s code of conduct and information security policies prohibit employees from looking at, recording or disclosing Personal Information about you except in course of performance of their duties. Security measures include:
- limiting access to the information we collect about you to “a need-to-know” basis;
- requiring any third party providers to have adequate security measures; and
- limiting physical access to our premises and putting in place other physical, electronic, and procedural safeguards in line with industry standards.
Solar Analytics’ digital information is stored on servers within Australia, although we may use or access data from third party providers that store data outside Australia. Solar Analytics takes all reasonable steps to ensure that it deals with reputable entities for the purposes of securely storing Personal Information.
Solar Analytics only retains Personal Information for periods required by law and/or our business operations. Otherwise Solar Analytics will take reasonable steps to securely destroy or permanently de-identify the Personal Information.
How you may access and correct your Personal Information
Under the APPs, you may be able to obtain a copy of the Personal Information that we hold about you. The APPs provide some exceptions to your rights in this regard. To make a request to access this information, please contact us in writing to one of the contact addresses below. We will require you to verify your identity and specify what information you require. We may charge a fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
We endeavour to ensure that the Personal Information we hold about you is accurate, complete and up-to-date. Please contact Solar Analytics if you believe that the information we hold about you requires correction or is out-of-date.
We will endeavour to respond to written requests within 30 business days after a request is received by us.
Solar Analytics will only engage in direct marketing practices in accordance with the law. You may contact email@example.com at any time to request that you no longer receive any marketing information from us.
Website Browsing Links to other websites
Accessing Solar Analytics’s websites will result in some information being logged including the time of access, IP address and the pages that have been viewed or accessed.
Our website may contain links to third party websites. We do not operate these websites and therefore are not responsible for the collection or handling of Personal Information by the operators of these websites.
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device's internal memory.
- Understand and save user's preferences for future visits.
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser preference settings. If you choose to refuse our cookies, you may not be able to use some portions of this Service
Notifiable Data Breaches
Solar Analytics complies with the amendments to the Privacy Act, effective from 22 February 2018, in relation to notifiable data breaches and has an updated plan to ensure compliance with the new requirements, including notification of the Australian Information Commissioner and affected individuals of certain types of data breaches, and is able to promptly respond to any suspected data breaches. A notifiable data breach happens when there is unauthorised access to, unauthorised disclosure of, or loss of, Personal Information which is likely to result in serious harm to the individual to whom the information relates.
Rights of individuals located in the European Union (EU)
In addition to the Privacy Act, individuals located in the European Union (EU) may also have rights under EU based rules known as the General Data Protection Regulation (GDPR). The key obligations under the GDPR include Notice, Individual Rights, and Retention. Each user has a right of confirmation (to confirm whether or not Personal Information concerning the user is being processed), access (the right to request what Personal Information is stored about the user and obtain a copy of that said information), erasure (the right to request that any Personal Information concerning the user be erased without delay when no longer required, or when the user withdraws consent), rectification (the right to rectify any inaccurate information concerning the user), portability (the right to receive the Personal Information concerning the user, which was provided to us, in a readable format), object (the right to object the processing of the Personal Information concerning the user unless we can demonstrate compelling legitimate grounds for the processing which overrides the interests, rights, and freedoms of the user/data subject, or for the establishment, exercise or defence of legal claims), restriction of processing (the right to restrict processing where the accuracy of the Personal Information is contested by the user/data subject for a period enabling the controller to verify the accuracy of the Personal Information; or the processing is unlawful and the user/data subject opposes the erasure of the Personal Information and requests instead the restriction of their use instead; or we, the controller, no longer need the Personal Information for the purposes of the processing, but they are required by the user/data subject for the establishment, exercise or defence of legal claims), as set out in Articles of the General Data Protection Regulations of the EU.
Making a complaint
If you believe that Solar Analytics has breached one or more of its privacy obligations, your complaint (including a summary of the privacy concern or alleged breach and copies of any relevant documentation) shall be addressed to one of the contacts provided in Solar Analytics Contact Details section below. Solar Analytics will investigate the complaint and will endeavor to respond to you within 30 business days. Solar Analytics will take immediate steps to redress proven privacy concerns or breaches.
Lodging a complaint with the Australian Information Commissioner – Personal Information
If you do not receive a response from Solar Analytics after 30 days or if you are not satisfied with the response, you can then lodge a complaint with the OAIC (telephone: 1300 363 992 | at www.oaic.gov.au).
Access to this Policy
This policy can be viewed at our website at www.solaranalytics.com. Alternatively, you can request a copy of this policy using our contact details below.
Solar Analytics Contact Details
Postal Address: 9/245 Chalmers St Redfern, NSW, Australia | T: 1 300 651 137 | E: firstname.lastname@example.org