Bill Hero Privacy Policy
Who we are
Bill Hero Holdings Pty Ltd is Registered in Australia, ABN 74 637 776 311. Our registered address is Bill Hero, Level 1, 38 Cambridge Street, Collingwood, VIC 3066, Australia.
Our commitment to your Privacy
At Bill Hero we take your privacy seriously. Our guiding philosophy is that your personal information should be used for your own benefit.
We will always handle your personal information in accordance with applicable laws.
About this Policy
This policy explains:
What is the personal Information we collect from you
Bill Hero is a retail energy plan comparison and switching facilitation service. Some Personal information is required to use the Bill Hero service.
To use the Bill Hero service, you must provide personal information:
To initiate a switch application through the Bill Hero service, you must provide additional personal information as required by your chosen Retailer. This may include:
How we collect and store your personal information
We collect the information you provide to us, when you complete your subscription to the Bill Hero service. This information may include personally identifying information such as your name, address, telephone number, mobile number, e-mail address, driver license number or passport number.
We store your personal information in secure data centres, operated by reputable cloud service providers.
Access to our information systems is controlled through identity authorisation, passwords and 2FA tokens.
How we use your personal information
We use your personal information to enable provision of our services:
When and to whom will we disclose your personal information
We will not share the personal information we collect from you with third parties, except as described in this privacy policy or as otherwise disclosed to you as permitted by law. For example, we share personal information as follows:
Your right of access to your personal information
We will support your right to access and view any personal information we hold about you. To request access to your personal information, please contact privacy@BillHero.com.au. Proof of identity will be required
Your right to inspect and correct the personal information that we hold about you
We will support your right to update or correct any personal information we hold about you. To request corrections and updates to the personal information we hold about you, please contact privacy@BillHero.com.au. Proof of identity will be required.
Your right to have your privacy complaints investigated and resolved
We strive to meet or exceed the highest standards to protect your privacy and support your personal data sovereignty. Please contact us at privacy@BillHero.com.au If you believe we have mishandled your personal information or have otherwise infringed your statutory privacy rights or the requirements of the privacy frameworks we adhere to. Any complaint must be made in writing.
We will treat privacy complaints with the highest priority, and we commit to respond to any such complaint within 14 days.
Your right to have your personal information protected from misuse or unauthorised access
The Bill Hero service is hosted in secure data centres operated by reputable cloud service providers. To help protect the privacy of data and personal information we collect and hold, we maintain physical, technical and administrative safeguards.
We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. Access to your personal information is restricted to employees who need it to provide benefits or services to you.
Your right to be informed about data breaches
We will adhere to the Notifiable Data Breaches scheme (NDB scheme) in Part IIIC of the Privacy Act which requires us to notify affected individuals and the Privacy Commissioner about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:
Under the NDB scheme, we must also conduct an assessment if it is not clear if a suspected data breach meets these criteria. The assessment will determine whether the breach is an ‘eligible data breach’ that triggers notification obligations.