This Is the Verifier CDR Policy
Effective date: 8 August 2023
What we do
We provide services to our customers, using personal data collected securely, and in accordance with the rules defined by the Consumer Data Right (CDR).
This policy tells you how we handle and manage your personal data under the CDR law.
About CDR
The CDR gives you control over personal data and enables you to send that data to others – to help you obtain their products or services. For example, you may choose to share your data that is held by a current service provider to you (perhaps your bank) with another financial institution if you are applying for a loan from that institution.
Under the CDR, the collection and use of your personal data, and who it is shared with, are with your full consent, knowledge and control.
Collecting your personal data
With your consent, we will collect your data in a one-time collection.
We may collect the following classes of data (click each data class to view the detailed fields we collect):
-
Name, occupation, contact details
Name
Occupation
Phone
Email address
Mail address
Residential address
Account Information
Name of account
Type of account
Account number
Account balance
Transaction Details
Incoming & outgoing transactions
Amounts
Dates
Descriptions of transactions
Who you have sent money to and received money from (e.g. their name, BSB, account number)
-
Concessions and assistance
Concession type
Concession Information
Account and plan details
Account and plan information
Account type
Fees, features, rates and discounts
Additional account users
Billing payments and history
Account balance
Payment method
Payment status
Charges, discounts, credits
Billing date
Usage for billing period
Payment date
Invoice number
Electricity connection and meter
National Meter Identifier (NMI)
Supply address
Customer type
Connection point details
Meter details
Associated service providers
Energy generation and storage
Generation information
Generation or storage device type
Device characteristics
Devices that can operate without the grid
Energy conversion information
Electricity usage
Usage
Meter details
You’re in the driver’s seat
You can review your consent, and a summary of your data we obtained from your nominated accounts in our secure dashboard, which you can access via our website: www.verifier.me
You can also withdraw your consent, at any time, by using our secure dashboard.
What we do with your personal data
With your consent, we may use your data:
to categorise that data and enrich it to generate useful insights, and to give us assurance that our algorithms used to do that are operating correctly (this is a one-time use for up to 4 days);
to format it and provide you the ability to download it;
for our internal research purposes to help us improve our services (this is a use for up to 3 months).
Who we share your personal data with
With your consent:
we share only the insights we create from your personal data with a person who is not accredited in accordance with the CDR law. We will not share any account balances or individual transactions with a non-accredited person, and
we share the insights we create with a person who is accredited in accordance with the CDR law. We may also share account balances and individual transactions with an accredited person.
We will:
not sell your personal (identified) data to anyone
not share your personal (identified) data with any third party without your consent
with your consent, de-identify your data when the consent you have given us to use your personal data has expired.
If you have given us your consent to de-identify your data when we no longer need it, you can withdraw that consent at any time before the consent expires by using our secure dashboard. We will delete your data when we no longer need it if you withdraw your consent to de-identify the data.
What we do with your de-identified data
When we de-identify your data we do so by removing your name and other identifying information, leaving only a reference to the type of transaction, so there is no record left of you. We will include your de-identified data in the set of data that we use for general research.
Once we have de-identified your data and added it to our data set, you will not be able to ask us to delete it.
Our outsourced service provider
To enable us to provide our services we use an Australian based, trusted third party service provider Basiq Pty Ltd, based in Manly, New South Wales. We use Basiq’s CDR Connect platform to collect CDR banking data, and to enrich that data. Basiq is accredited in accordance with the CDR law.
We hold all your data securely
Your data is stored in Australia. We have administrative, technical and physical safeguards designed to ensure the security, confidentiality and integrity of your data.
If a security breach occurs, we:
contain the breach promptly
investigate and assess the circumstances of the breach, and the risks and potential harm to affected customers
take action to reduce any risks of harm to affected consumers
notify affected consumers and, if required by law, notify the Australian Information Commissioner. If the breach is one that we are not required by law to notify to the Commissioner under the Notifiable Data Breach law, we may voluntarily notify the Commissioner of that breach
consider what actions we can take to prevent security breaches in the future
Accessing and correcting your data (or any other data about you)
If you think that any data we hold about you is incorrect, you can ask us to correct it by contacting us using the contact details below. Once we have assessed your request, we will tell you what we did in response to your request, any corrective action or comments. If you are not satisfied with our response, you may make a complaint to us.
How to contact us
If you are not satisfied in any way, please tell us so that we can try to resolve your concern promptly.
You can contact us:
email at any time at contact@verifier.me
mail to PO Box 627 Toorak, Victoria 3142
call on 1300 158 444
We will respond to you as soon as is reasonably practical after you contact us.
Resolving concerns
You can make a complaint to us at any time. For the purpose of resolving your complaint we may ask for your personal information, including your name, contact information and the details of your complaint.
If you make a complaint, we will try to resolve it as promptly as possible.
We will:
acknowledge receipt of your complaint as soon as reasonably practical
resolve your complaint within 45 days (although our aim is to resolve it as promptly as possible)
contact you by phone or email to notify you of the outcome
If you are not satisfied with the outcome, you may lodge a complaint with the Australian Financial Complaints Authority.
Online: www.afca.org.au
Email: info@afca.org.au
Phone: 1800 931 678
Mail: Australia Financial Complaints Authority
GPO Box 3
Melbourne, VIC 3001
A hardcopy of this policy can be obtained by emailing contact@verifier.me