Consumer Data Right Policy

When it comes to your personal data, we want you to know you’re always in control.

We take your rights seriously

We’re on a mission to make it easy for you to automatically reduce your impact on the planet. To do this, we analyse your spending habits, so that we can calculate and clean up your emissions. 

And because we know trust is everything, we take our commitment to data privacy and security seriously.

That’s why we’ve been accredited by the Australian Competition and Consumer Commission (ACCC) as an organisation capable of securely handling the data our members share to power the Greener solution in line with the rules and safeguards of the Consumer Data Right (CDR) system.

We’ve also partnered with one of the leading open-banking platforms Basiq to ensure your data is securely encrypted using the same technology used by banks like Westpac, NAB and Visa.

It’s important to note, we’ll never ask for: 

  • Your online or mobile banking password; or
  • Details of your account, such as account balances or account numbers.

And we never share your data without your consent. 

Accredited Consumer Data Right recipient

What is an accredited data recipient?

The Consumer Data Right (CDR) regulates the collection and handling of CDR data in line with privacy safeguards, and rules that ensure your privacy is protected and your data is transferred and managed securely.

✓ More choice and control over how your data is shared

✓ Control what’s shared, what it’s used for and who it can be disclosed to

✓ Manage your consent and withdraw anytime

✓ Request any personal data be deleted

Types of data we use

Your personal data is yours, and we’ll never (ever) sell it or share it unless you ask us to.

Here’s what you can choose to share >>>

How we use this data

With your consent, we use the data you share with us to provide you with personalised solutions to help you shrink your carbon footprint and get to zero.

Here’s how we collect, hold, use and disclose data >>>

Our promise to you

Deleting and de-identifying old data

When data is no longer required for any purpose permitted by law it becomes redundant data. We will destroy, delete or de-identify redundant data unless we have a legal obligation to maintain the data, such as for legal reporting purposes or by a court or tribunal order, or if we need or reasonably anticipate that we will need the redundant data for legal or dispute resolution proceedings. Unless you have asked us to delete your redundant data, our general policy is to decide whether to delete, destroy or de-identify redundant data once it becomes redundant.

Making a complaint

We’ll always do our best to exceed your expectations, but we know we may not always get it 100% right.

So, if you’re not happy with the way we handle your data for any reason, please get in touch.

Find out more about our Dispute Handling