Challenge Networks Resources Pty Ltd ABN 51 640 357 213 (Challenge Networks, we, our) is an Australian telecommunications provider specialising in mobile and fixed broadband networks. We recognise the importance of protecting the privacy and personal information of our customers and this policy outlines how we do this.

Challenge Networks is a subsidiary of Vocus Group Limited ABN 96 084 115 499 (Vocus) and this privacy policy is administered jointly with Vocus’ privacy policy, which can be found here.

Privacy laws that apply to our business

We are required to comply with the Privacy Act 1988 (Cth) and are bound by the Australian Privacy Principles (‘APPs’) set out in that Act. The APPs establish minimum standards for the collection, use, disclosure and handling of Personal Information. They apply to Personal Information in any form, including written, verbal, and digital form. The APPs can be accessed at the website of the office of the Australian Information Commissioner: www.oaic.gov.au.

Other Australian laws protecting personal information that we need to comply with include the Telecommunications Act 1997 (Cth), Spam Act 2010 (Cth), Do Not Call Register Act 2006 (Cth), data retention laws and State legislation relating to health records. In this privacy policy, unless the context otherwise requires:

• ‘Privacy law’ refers to any legislative or other legal requirement that applies to our collection, use, disclosure or handling of personal information
• ‘Personal information’ means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in material form or not. Personal information includes sensitive information
• ‘Sensitive information’ means personal information about an individuals racial or ethnic origin, political opinions or memberships, religious beliefs or affiliations, philosophical beliefs, professional or trade association/union memberships, sexual preferences and practices, or criminal record
  

What personal information do we collect?

We collect personal information about individuals who are our:

• Prospective customers. This includes people we think may be interested in our products and services as well as people who have expressed interest in obtaining or learning more about those products and services, people who visit our webpages, and current and past customers
• Current customers. This includes people who purchase our products or services or who hold an account with us
• Past customers. These are people who have purchased our products or services but do not currently have an active account with us

We will refer to these individuals collectively as ‘customers’.

Can you deal with us without identifying yourself?

In some situations, customers and other individuals may be able to deal with us anonymously or using a pseudonym. For example, you can make a general inquiry to one of our call centres without providing any Personal Information. You may also make a complaint or log a service fault anonymously, unless the inquiry or complaint relates to a particular account.

However, please note that if you do not wish to be identified we may not be able to provide the information or assistance you require.

What information do we collect?

• Proof of identity information, including passport number, driver licence number, Medicare number, or other government identifiers. We need this information to ensure you are who you say you are, and to keep our customer records accurate and up-to-date. We also may be required to obtain proof of identity information by law.
• Financial and credit information, including credit history, bank account and credit card information, information about assets and income and details of relevant court judgments and bankruptcies. We need this information to assess creditworthiness and financial suitability of current customers and prospective customers
• Integrated Public Number Database (IPND). In providing telecommunications services, we are required by law to collect certain personal information about you (including your name, address, telephone service number, and other public number customer details), and to provide it to operator of the Integrated Public Number Database (‘IPND’) for inclusion in the IPND

We also collect information about the way our customers use our products and services. This includes information about:

• Service usage (including energy consumption patterns, use of communications services, internet usages)
• Payment patterns and history
• Inquiries and complaints

We may collect Personal Information about associates of its customers, such as family members, employees or agents. For example, we may collect Personal Information about nominated or authorised representatives, the holder of a credit card that is used to pay a customer’s account, a person who acts as a secondary account holder, a person who acts as guarantor for a credit contract, or the nominated contact on a business account. If you supply us with Personal Information about another individual, we ask you to assist us by referring that person to this Privacy Policy.

We also collect personal information about individuals who are involved in providing our products and services. This includes:

• Our staff, and staff of other related companies of Challenge Networks
• Our service providers and suppliers, agents and affiliates, and their staff
  

How do we collect personal information?

We collect information about customers directly and via our agents, service providers and affiliates. We may collect this information:

• Through our call centres
• Through our websites, or websites operated by our affiliates
• Through social media platforms such as Twitter and Facebook
• Through the purchase of marketing lists, databases and data aggregation services

When you apply to become our customer, we will ask you to consent to us collecting information from particular third parties. We will only collect personal information from those parties if you consent. If you do not consent, we may not be able to provide the service or product you require. We are authorised to collect some personal information from third parties under Privacy Law.

We will handle any unsolicited Personal Information which it receives in accordance with its obligations under Privacy Law.

Why do we collect personal information?

We collect personal Information in order to:

• Provide products and services to customers
• Manage and administer the products and services we provide, including for billing and credit control purposes (which may involve identity verification, credit checking, assessing entitlement to concessions, supplying and servicing a product, connecting and administering a service, billing and collection in relation to the service and investigating and rectifying complaints or faults)
• Administering and managing our relationships with suppliers, customers and shareholders, including for billing, credit control and investor purposes
• Inform customers about changes and improvements in our products and services
• Create aggregate data through demographic profiling and statistical analysis of the database, and to allow for more efficient operations of our business
• Market our products and services to customers
• Market products and services from our affiliated entities to customers
• Market third party products and services to customers
• Manage relationships with our staff, contractors, agents, affiliates and service providers
• Establish, exercise or defend any legal claims and
• Comply with our legal obligations

We need to use personal information for most of our business activities, although the information we require depends on the circumstances. If we are unable to collect the personal information we need, we may be unable to meet the expectations of our customers or provide the products and services they wish to receive.

The personal information we collect may be shared within Challenge Networks for the purposes outlined above.

Direct Marketing

Personal information collected for direct marketing purposes will only be collected, used, or disclosed with the consent of the customer, unless we cannot practically obtain the consent of a customer, in which case we will:

• Include an ‘unsubscribe’ facility so customers can unsubscribe from the mailing list at any time
• Provide details for customers to opt out of receiving further direct marketing communications
• Include a prominent statement to the fact that a customer may make such a request

Direct marketing communications may be sent via post, e-mail, telephone, social media sites, or other means.

Dealing with us online

Cookies

We store the internet protocol (IP) address of your computer when you visit our site. This information is used only to create broad demographic summaries of where our users come from.

Cookies are small units of data sent to a user’s browser by a website the user visits. We use cookies to:

• Facilitate the use of our website
• Improve our customers’ website browsing experience
• Monitor and analyse our customers’ use of our site and affiliated third party sites
• Enable us to present customised messages and offerings to customers

The cookies we use do not store any personal data or otherwise collect personal information.

You can configure your internet browser to erase cookies from your computer’s hard drive, block cookies or receive a warning before a cookie is stored.

If a user disables the use of, or deletes, cookies on their web browser then they may not be able to gain access to all the content and facilities of our websites.

Google Analytics

Our website(s) may use Google Analytics, a web analytics service provided by Google. Google utilizes the data collected to help us analyse how users use the websites. The information generated by the cookie about a customer’s use of the website (including its anonymized IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating customer use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage.

Google will not associate your IP address with any other data held by Google.

We may combine information collected through Google Analytics with other information we collect, to enable us to provide you with relevant marketing content.

Use of remarketing tools

We may use Google remarketing, pixel tags, web beacons, or other similar technologies to collect information of a customer’s visit to any one of its websites and we may tailor advertising or content based on the customer’s use of these sites. These advertisements may be delivered by third party vendors when you visit our websites or other Internet websites. You can opt-out of sharing information about your use of this site or affiliate third party sites by accessing the settings of your device or browser.

We collect information about the other websites that are visited by computers that are used to visit our site. This information may be aggregated to provide us with information about the webpages and websites visited by computers that use our site.

Note that this privacy policy does not apply to, and we are not responsible for, the use of, or the protection of information you provide to other websites linked from this website.

Do we disclose personal information to third parties?

We may disclose personal information about our customers to a range of third parties. For example:

• For telecommunications services, to the Telecommunications Industry Ombudsman (for complaint management purposes).

• To third-party agents and service providers who we engage to provide our products and services, these may include:
  • Sales agents and representatives;
  • Organisations that process banking transactions;
  • Organisations that process debt collection;
  • Printers, mail distributors, couriers and dispatch centres;
  • Call centres operated by entities outside Challenge Networks;
  • IT service providers and data managers;
  • Legal, accounting, insurance and business advisory consultancy services.

Personal information we obtain in connection with the provision of telecommunications services may be disclosed in accordance with requirements of the Telecommunications Act 1997 (Cth) and the Telecommunications (Interception and Access) Act 1979 (Cth). This includes disclosure:

• To the Telecommunications Industry Ombudsman for the purpose of complaint management
• To connection with directory assistance, emergency service calls or other urgent services, and in particular to the operator of the IPND for inclusion in the IPND, including your name, address, telephone service number and other public number customer details. (Information in the IPND is used to develop directories and to assist emergency service organisations. If your phone number is unlisted, your information will be marked accordingly in the IPND and its use and disclosure will be strictly controlled.) and
• To law enforcement agencies for law enforcement or security purposes

Personal information we obtain in connection with the provision of electricity and gas services may be disclosed in accordance with federal and State-based electricity and gas legislation and codes. This includes disclosure:

• To the various state-based energy Ombudsmen identified above, for the purpose of complaint management
• To law enforcement agencies for law enforcement or security purposes.

We may also disclose personal information if required by law.

Is personal information disclosed outside Australia?

We disclose some personal information to persons or organisations that are outside Australia.

• Database and webhosting services provided to us involve personal information being transferred to IT service providers based in India, Philippines, Singapore, New Zealand, the United Kingdom, Canada, and the United States of America
• We may also supply customer credit history and information that it receives from its external credit reporting organisations to third parties located outside of Australia, in order to perform credit related activities and manage customer services
  

How do we protect your personal information?

We recognise the importance of protecting your personal information and of ensuring that it is complete, accurate, up-to-date, and relevant.

When you call us in relation to your account or service, we complete an ID check to verify your identity and to check the details we hold about you are correct and to update them if required. For some safety critical information, like medical information required to maintain secure power supply or ensure priority assistance, we initiate checks on an annual basis.

We have documented processes for verifying personal information collected for particular transactions, such as proof of occupancy, change of occupier, and priority assistance. Our staff are trained to properly handle the different types of information they receive, particularly sensitive information. We have quality assurance measures in place to monitor calls to ensure that our processes are being followed.

While some of the personal information we collect is held in hardcopy form, most personal information is stored in electronic databases.

We have extensive processes in place to ensure that our information systems and files are kept secure from unauthorised access and interference.

We have contractual arrangements in place with our agents, service providers and affiliates that require them to comply with applicable privacy laws and our privacy policies. We require third parties who are outside Australia to handle the personal information we transfer to them with the same level of protection as would apply to the information in Australia.

Can you access or correct personal information we hold about you?

You have a right to access personal information we hold about you. You are also entitled to ask us to provide you with the details we have provided about you to the IPND. You can do this by contacting us and we will provide you with the information within a reasonable time (usually 20 business days).

If your request to access personal information is particularly complex or requires detailed searching of our records, the Privacy Act permits us to charge you a cost to provide you with this information.

We will provide access to the information held about an individual, including for the purposes of correcting or updating that information, unless there is an exception which applies under the APPs.

You have a right to ask us to correct information we hold about you if it contains errors or is out of date, incomplete, irrelevant or misleading.

We will make the corrections provided that any changes are in line with IPND requirements. We do not charge you to access or correct your information in the IPND.

Complaints and further information

If you would like to complain about a breach of the Australia Privacy Principles, you may contact our Privacy Officer at the details below.

The Privacy Officer will investigate your complaint and notify you of the outcome within a reasonable period of time (usually 30 days). If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) by visiting www.oaic.gov.au.

If you would like further information on the way we manage personal information, would like to request access to or correction of Personal Information, or wish to make a complaint, please contact:

Privacy officer
Attention: The Privacy Officer
Email: privacy@vocus.com.au (cc: info@challengenetworks.com.au)
Address: Level 10, 452 Flinders Street, Melbourne VIC 3000

If you believe that we have acted in a manner that breaches the APPs or the Privacy Act, we recommend that you contact us first. The Privacy Officer will investigate your complaint and notify you of the outcome. If you are dissatisfied with the outcome of your complaint, or you do not receive a response to your complaint within 30 days, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). Complaints to the OAIC must be made in writing.

If your complaint relates to our handling of Personal Information in relation to your telephone or Internet service, the Telecommunications Industry Ombudsman whose details can be found at www.tio.com.au.

If this policy does not provide the information you require about how we deal with personal information or you have any questions or comments, please feel free to contact us.

Changes to our privacy policy

We may review and revise our privacy policy from time to time. We may notify you about changes to this privacy policy by posting an updated version on our website. Please check our website from time to time to ensure you are familiar with our latest privacy policy.

Our privacy policy was last updated June 2023.