Privacy Policy

Privacy Policy – Monster Group

Effective Date: 1st March 2020

Monster Group is committed to protecting the privacy of your personal information. This privacy policy explains how your personal information is collected, used, distributed, shared, and what your rights and obligations are specifically with respect to the use of this personal information. This privacy policy does not cover personal information collected or held by Monster Group, or any of its related bodies corporate, about its employees.

This privacy policy incorporates the Australian Privacy Principles (APP’s) contained in the Privacy Act 1988 (Cth) (Privacy Act) and outlines how we may manage and handle the personal information provided by you through our websites. By using our websites, you accept this privacy policy and expressly consent to our collection, use and disclosure of your personal information.

In this privacy policy, "we", "us", "our" and "The Monster Group" refers jointly and severally to (and this privacy policy applies to), the following Monster Group businesses:

• Electricity Monster
• Internet Monster
• Solar Monster
• Moving Monster

Should you have any queries or concerns regarding the contents of this privacy policy, please contact us on privacy@monstergroup.com.au. Please note that our privacy policy may be amended from time to time and will be updated on all applicable websites.

Personal Information

Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

Sensitive Information is a special category of information. Sensitive information may include information about the following:

• racial or ethnic origin;
• political opinion;
• membership of a political association or religious beliefs, affiliations or philosophical beliefs;
• membership of a professional or trade association or membership of a trade union;
• sexual orientation or practices;
• criminal record;
• health, genetic or biometric information or biometric templates.

The Privacy Act protects your sensitive information. Where we need this information for your account or use of our services, we’ll ask for your permission — except where otherwise allowed by law.

Collection of Personal Information

The Monster Group will only collect your personal information by lawful and fair means. The information we collect depends on what services you use and how you use them. As part of our business, we will require you to provide your personal information on a regular basis. It is standard practice for The Monster Group to collect information in the following ways:

• information is provided by the customer via our website for quoting and comparison reasons;
• information is collected via phone for the processing of products customers have requested.

If you provide us with personal information about another person, such as an additional account holder, user or a family member, you must tell that person about this privacy policy.

Certain Types of Information

We collect the following types of Personal Information:

Personal Information you provide to us directly:

• your username, password and e-mail address when you register for an account with the Monster Group;
• profile information that you provide to us for your account profile and details (e.g. first and last name, phone number). This information allows us to identify you in our accounts and records;
• communications between you and the Monster Group. For example, we may send you service-related emails (e.g. account verification, changes/updates to features of the service, technical and security notices). Note that you may not opt out of service-related emails.

Analytics Information

We use third-party analytics tools to help us measure traffic and usage trends for the services we provide. These tools collect information sent by your device or computer on our service, including the web pages you visit, add-ons, and other information that assists us in improving the service. We collect and use this analytics information with analytics information from other users so that it cannot reasonably be used to identify any particular user.

Cookies & Similar Technologies

When you visit the service, we may use cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use our services and provide features to you.

A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as an anonymous tag that identifies your computer but not you.

You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies. If you do so, some pages in the website may not work properly.

Cookies are either persistent or session based. Persistent cookies are stored on your computer, contain an expiry date, and may be used to track your browsing behavior upon return to the issuing website. Session cookies are short-lived, are used only during a browsing session, and expire when you quit your browser.

Our website may use both kinds of cookies to provide a rich and session based experience. The cookies are used to enable us to track users’ browsing patterns in order to provide statistical information to improve the usability of the website.

We may ask advertisers or other partners to serve ads or services to your devices, which may use cookies or similar technologies placed by us or the third party.

Log file information

• Log file information is automatically reported by your browser each time you make a request to access (i.e. visit) a web page. It can also be provided when the content of the webpage is downloaded to your browser or device.
• When you use our services, our servers automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on the service, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent to our users, which then help us, track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our services.

Use of Personal Information

The Monster Group may use your personal information for a variety of reasons including:

• to further enhance products and services to our customers;
• to provide services and products to our customers;
• to answer enquiries and deliver customer service;
• to tell our customers and prospective customers about other products, services or promotional offers that we think may be of interest to them;
• to ensure we comply with the requirements of our participating providers;
• to maintain and improve our customer service;
• to meet our regulatory and legal obligations;
• to manage and resolve any legal or commercial complaints and issues;
• to manage our relationships with our participating providers, suppliers and stakeholders;
• to carry out internal functions including training; and
• to conduct marketing research and analysis.

We may also (from time to time) use the personal information for purposes as required or authorised by law. In addition to this, you may provide consent (oral, written or implied through your conduct) to us using the personal information for purposes other than listed above.

Information Held Overseas

Monster Group would like to reassure its customers that their data is securely stored in Australia (in a Sydney based data centre). All the information in the data centre is encrypted. All the information to and from the data centre is encrypted. Monster Group runs backup of the data nightly and stores backup copies on the Australian server.

How We Hold & Keep Secure Your information

We store information in different ways, including in hardcopy and electronic form including cloud based services.

Our security safeguards include:

• technical solutions, security controls and internal processes to help us protect your information from misuse, interference, loss or unauthorised access, modification or disclosure;
• confidentiality requirements for employees and contractors;
• document storage security policies, systems and site access restrictions; and
• website security systems, including firewalls and data encryption on our websites.

We may disclose to third parties overseas your personal information. Where your personal information is held overseas, we or the overseas service providers may disclose your information when required by Australian or foreign law.

Google Cloud and Amazon Web Services Privacy and Data Practices in the Australian Context

We may use different cloud and other web based services in providing our services. Some of the web based services we use include Google Cloud and Amazon Web Services.

We take privacy and security seriously and take a shared responsibility approach when engaging with third party service providers. Meaning, we not only ensure our systems and practices are up to date and fit for purpose, but also those who we engage.

Google and Amazon undergo several independent third-party audits on a regular basis. These audits verify the security, privacy and compliance controls present in the Google and Amazon centres, its infrastructure and its operations.

In relation to privacy and data protection, Google and Amazon have an ISO27018 Certificate (which is audited annually) which certificate relates to cloud privacy and is an international standard of practice for protection of personally identifiable information and otherwise complies with, and addresses, the APPs.

How to make a complaint

Contact us: If you believe that your privacy has been breached or you have a complaint about our handling of your personal information, please contact us by sending an email to privacy@monstergroup.com.au. We will investigate your complaint and provide you with a response.

Contact a dispute resolution provider: If you are not satisfied with our response, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au).