CDR Policy

Overview

This Consumer Data Right (CDR) Policy (the policy) provides information about how Fiskil manages data under the Consumer Data Right (CDR). Specifically, this policy explains how Fiskil can collect, use, hold and disclose your data that you consent to sharing with us. This ensures transparency and trust between all parties, as well as ensuring the quality, integrity and security of your personal information under applicable CDR legislation and Privacy Laws.

Please refer to the Fiskil Privacy Policy on our website for information on how Fiskil collect, use, hold and disclose your personal information, as well as ensure the quality, integrity and security of your personal information under applicable Privacy Laws more generally,

Fiskil is an Accredited Data Recipient under the CDR framework. This means that Fiskil has been accredited by the Australian Competition and Consumer Commission (ACCC) to receive your data from your Energy provider, bank or other financial institution – only after you have given your consent.

Fiskil partners with various Fiskil approved partners (Partners) who, with your consent, may request Fiskil to collect and provide them with your data to enable them to provide their services and/or products to you. Fiskil’s Partners can only use or disclose your data in accordance with your instructions.

Fiskil’s partners include entities that Fiskil partners with who are not accredited under the CDR framework (CDR Representatives). Fiskil’s CDR Representatives are listed in Annexure 1 of this CDR Policy.

Data you may share with Fiskil

You can consent to share your data with Fiskil or other CDR regulated customers (accredited persons).

Fiskil will only collect, hold and use your CDR data for the purpose of providing it to another participant that you have consented to share it with, potentially including one of our CDR Representatives

The types of CDR data we may ask you to share will depend on the service being provided to you. We will always clearly explain which types of data we need and why we require it before asking you to share any of your data. You may withdraw your consent at any time although this action may affect our ability to provide our services to you.

Fiskil adheres to the data minimisation principle, we only collect data necessary to provide a specified product or service to you. As an unrestricted Accredited Data Recipient, Fiskil operates within all designated CDR sectors and is therefore permitted to collect any of the following types of data having first secured appropriate consumer consent.

You can share the following CDR Data with us:

Banking Data

Account details:

  • product category, account type and product name (e.g. transaction accounts, savings accounts, term deposits, overdrafts and business finance and mortgage accounts)
  • BSB and account number / masked number
  • account nickname
  • account status
  • account holder / display name
  • account owner (true / false)
  • account meta data (e.g. credit cards, term deposits, loans)
  • interest rates
  • fees
  • discounts

Transaction details:

  • status (pending / posted)
  • incoming & outgoing transactions
  • amounts
  • dates
  • descriptions of transactions
  • account names for accounts you have sent money to and received money from

Balance details:

  • current balance
  • available funds

Name, occupation and contact details:

  • Name
  • Occupation
  • Phone
  • Email address
  • Mail address
  • Residential address

Organisation profile and contact details:

  • Agent name and role
  • Organisation name
  • Organisation numbers (ABN or ACN)
  • Charity status
  • Establishment date
  • Industry
  • Organisation type
  • Country of registration
  • Organisation address
  • Mail address
  • Phone number

Direct debits and scheduled payments :

  • Direct debit authorisations
  • Scheduled, outgoing payments

Payees

  • Names and details of saved payee accounts

Energy Data

Concessions and assistance:

  • Concession type
  • Concession information

Account and plan details:

  • Account and plan information
  • Account type
  • Fees, features, rates and discounts
  • Additional users

Payment preferences:

  • Payment and billing frequency
  • Any scheduled payment details

Billing payments and history:

  • Account balance
  • Payment method
  • Payment status
  • Charges, discounts, credits
  • Billing data
  • Usage for billing period
  • Payment date
  • Invoice number

Electricity usage:

  • Usage
  • Meter details

Electricity connection:

  • National Meter Identifier (NMI)
  • Customer type
  • Connection point details

Electricity meter:

  • Supply address
  • Meter details
  • Associated service providers

Energy generation and storage:

  • Generation information
  • Generation or storage device type
  • Device characteristics
  • Devices that can operate without the grid
  • Energy conversion information

Your Rights as a Consumer

Overall Rights

As a consumer you have control over who you share your data with.

Any recipient of data is regulated by the ACCC and must meet requirements like

  • Continuous quality monitoring
  • Internal dispute resolution;
  • Information security measures;
  • Service level agreements;
  • Audits; and
  • Other stipulations in place by the Data Accreditation Body.

You may choose to share your data that is held by an existing data holder (like a banking institution or Energy Provider) with an accredited data recipient (like another banking institution, Energy retailer or fintech).

We will only use your data for the purpose you have agreed to, and we will delete it after it has been used for that purpose. Fiskil does not hold any redundant data.

How we collect your CDR Data

When you request a service from a Fiskil Partner and provide your consent, Fiskil facilitates the provision of that service by the Partner. Fiskil collects your CDR Data for this purpose directly from yourEnergy provider, bank or other financial institution via an application programming interface (API).

The types of services that will involve the collection of your CDR Data (with your consent) include:

  • Personal Financial Management: uses this information to provide users with insights about where their money is going, and tools to manage their money more effectively
  • Data Aggregation and Enrichment: your CDR Data is aggregated, enriched and demystified to provide a single view of your finances across each of your banks.
  • Spending Insights: your CDR Data is analysed to provide insights into spending, including the category of spend.
  • Income Insights: your CDR Data is analysed to identify your income streams including surfacing patterns around regularity and stability.
  • Affordability Report: insights above are presented in an easy to read PDF report.

When we can share your CDR Data

  • When you request a service from a Partner and provide your consent, Fiskil will support the provision of that service and share your CDR Data with the Partner as reasonably necessary for that purpose
  • When we share your CDR data with Partners, they are required to operate in accordance with CDR controls and privacy protections.

Consent Management

You have rights to decide which data types you will share, such as profile, payments, transaction, or product information; how long you will be sharing, whether it is a one-time sharing or an ongoing process; and whether you want to receive marketing material based on the data you have shared.

Consent can only last for a maximum of twelve (12) months, After 12 months your consent expires and you can either re-confirm your consent or explicitly withdraw your consent. If you don’t actively state your preference, your consent will automatically be withdrawn..

You are able to review, modify or withdraw any CDR consent you have provided through the relevant Partner application. You can also withdraw your consent by contacting us in writing, or via the data holder consent dashboard (provided by your Energy provider, bank or other financial institution).

Your consent can be withdrawn at any time, in several ways, such as by using the dashboard that the Data Recipient uses to gain consent, the one that the Data Holder uses, or via a letter.

With written notification, the revocation must be completed within two business days. Your change in consent status (for example, active, expired, or withdrawn) will be reflected in the consent dashboard in near real-time. Fiskil will remove your data if you revoke your consent.

Consent notifications

You’ll receive a notification every 90 days to confirm the data you have shared, the expiry date and other consent information. You’ll also receive a notification with a summary of these details any time you:

  • Grant consent to Fiskil for the collection, use, or disclosure of your CDR data
  • Anytime Fiskil collects your CDR data;
  • Anytime Fiskil discloses your CDR data to third parties;
  • Amend your consent(e.g., change the scope or duration of data sharing);
  • Withdraw consent; or
  • When your consent expires.

These notifications are mandatory and cannot be opted out of

Withdrawing Consent

You can withdraw your consent at any time and we will stop collecting, using or disclosing your CDR Data for the agreed purpose.

Data Management

You must contact us to request data correction. Erroneous data must be provided for data analysis and data correction. Fiskil will, upon notification by phone or email, update the consumer dashboard with the request and notification of the corrective action, if applicable.

Where applicable, all notices are emailed out via the consumer&spos;s dashboard. The notice lists Fiskil&spos;s response to the request, any action taken, and any options for resolving any dissatisfaction that the consumer may have.

Data Deletion

Fiskil follows a strict policy of data minimisation, which requires that a data recipient can only ask you for data that is absolutely necessary and can only hold it for the minimum amount of time it is needed to provide their service.

Consumers do not need to elect to have redundant CDR data deleted, as Fiskil automatically deletes all redundant CDR data once it is no longer needed for the agreed purpose. When you give consent to Fiskil to collect and use your CDR data, we will also inform you that your redundant CDR data will be automatically deleted when it becomes unnecessary, in accordance with our general policy. This will be clearly communicated at the time of consent, as per rule 4.16(3) of the CDR Rules.

We will only use your data for the purpose you have agreed to, and we will delete it after it has been used for that purpose. Fiskil does not hold any redundant data.

Fiskil will automatically irretrievably destroy your data within seconds of any of the following events:

  • your consent expires;
  • you stop sharing data with us before consent expires via an election on your consent dashboard;
  • you request data sharing to stop via the data holder that provided your data;
  • an accredited person requests that we delete your data; or
  • you notify Fiskil in writing that you withdraw your consent, by sending an email to

    support@fiskil.com.au

    .

When any of these events occur, we will delete all the data you shared with us from our systems, unless it is required to be held by law.

Fiskil will retain records that are required by the CDR Regime to allow us to track activities such as consents, consent withdrawal and data sharing in accordance with our obligations under the CDR Regime. We will delete these records at the end of six years as required.

Some goods and services we provide require your active consent. If you withdraw your consent, we may no longer be able to provide you with those goods and services.

When you withdraw data sharing consent or your consent expires, we will also automatically notify any CDR Representatives with whom your data has been shared and require them to irretrievably destroy your data as well. Deletion by third parties is managed through contracts and regular attestations. Fiskil will from time to time Audit their CDR Representatives to ensure compliance with information security and data deletion requirements.

Data Disclosure

To ensure customer control over their data, Fiskil does not provide information to third parties to engage in direct marketing. This means that:

  • Fiskil does not share or use your personal data (including energy or banking data) for commercial purposes.

  • Fiskil does not provide personal banking data to non-accredited or accredited individuals, regardless of their location.

  • Fiskil does not release your data to anyone. If these arrangements change, this list will also be adjusted using the outsourcing arrangements.

Outsourced Service Providers

Fiskil does not provide CDR data to any outsourced providers. Fiskil develops and maintains its own software for use with banking data collected under the CDR Rules.

Data Storage Locations

Your data is onshore and only resides in Australia. Storage policies from outsourced parties will be used for this list's maintenance.

Events for notifying you

Fiskil maintains a Data Breach Response Plan. In the event of a data breach (such as where an unauthorised party accesses your CDR Data, we will notify you as soon as practical. This is so you can take action to mitigate any potential damage or loss caused by the data breach.

If a security breach occurs, we will:

  • Contain the data breach to prevent any further leak of personal information;

  • Investigate the data breach by gathering the facts and taking action to reduce any risk of harm;

  • Notify the Commissioner if the breach is an ‘eligible data breach’ under the Notifiable Data Breach scheme; and

  • Review the incident and improve our processes, policies and controls to prevent future breaches.

Complaint Management and Dispute Resolution

If you have a question or complaint about how your personal information is being handled by us or our Partners or supporting parties, please contact us at any time by using the contact details below. Our internal dispute resolution process is easy to access and is free of charge.

How do I get in touch?

What information should I include?

Please include the following details when you contact us with your complaint - this will help us to assist you faster

  • We recommend you include the word 'complaint' in the heading or subject line

  • Include your name, contact details and date

  • Set out the problem(s) clearly

  • Include copies of relevant documents

  • Include expected remedy for the complaint

  • Timeline of events can help provide context around your issue

How long will it take to get a response?

  • We will acknowledge the receipt of complaints or disputes and address them promptly in accordance with their degree of urgency

  • Some complaints can be resolved very quickly, our aim to to provide a initial response to complaints with 7 days

  • We will continue to communicate relevant information during the resolution process and will let you know after 14 days if the issue is complex and requires more time

  • We will aim to have your complaint resolved in a timely manner, but in some cases, this may take up to 45 days, this would be very unusual circumstances, as a written response

  • In circumstance where we are unable to respond to a complaint or dispute with 45 days,we will provide an ‘IDR delay notification” and advise you on the reason for the delay or provide you with information on your right to complain to the Australian Financial Complaints Authority (AFCA) - (details below in External Dispute Resolution (EDR) Process)

  • Frequently, complaints are simply cases of confusion or misunderstanding which can be sorted out to everybody’s satisfaction very quickly.

Raising your issue with our Complaints Officer does not limit you from raising your issue at any time with external disputes schemes or relevant regulators.

What is the investigation process and remedies available to resolve complaints?

In the event of a complaint, the following guidelines should be followed:

  • The complaint is received via the Customer Success team and this team will provide the initial response including organising a meeting to talk through and better understand the issue - this team will include the relevant Fiskil team members in relation to the complaint

  • In the event of a security or data complaint, the Information Security Manager must be informed that a dispute exists

  • The assigned team members then define next steps and, where needed, legal advice will be obtained

  • Correspondence is in writing via email however there could also be a phone call, video call or in person meeting depending on the nature of the complaint

  • An assessment of the risk to Fiskil’s services and ISMS should be carried out where it makes sense prior to escalating any dispute, and contingency actions should implemented where needed

  • All conversations are logged and tracked to ensure processes are followed in-line with policy

  • A potential remedy could include:

    • A formal apology or a correction of details.

    • Correcting any errors or inaccuracies in the consumer’s CDR data.

    • Undertaking improvements to our internal processes and systems to prevent recurrence of the issue.

    • Implementing additional staff training or consumer education initiatives to address the underlying issues.

What will my complaint response include?

  • We will notify you by phone or email to notify you that the Internal Dispute Resolution (IDR) process has concluded

  • The response will include the final outcome of the complaint

  • Details of your right to take your complaint to AFCA (Australian Financial Complaints Authority) if you are unhappy with the decision at IDR

  • AFCA’s contact details and Fiskil’s membership details

  • Time limits to contact the AFCA or a link to AFCA website detailing when and if time limit relevant to your circumstances expires.

Continuous Improvement

We value feedback from our consumers and view complaints as an opportunity to improve our services. We regularly review our dispute resolution processes and outcomes to ensure they remain effective and in line with regulatory requirements and best practices.

The External Dispute Resolution (EDR) Process

  • Should you not be satisfied with the IDR decision, you can initiate an EDR process with AFCA.

  • AFCA can resolve complaints that Fiskil can not resolve internally (IDR)

  • We are a member of the

    Australian Financial Complaints Authority

    (AFCA): AFCA Membership number for Fiskil Pty Ltd is 83521

  • You can contact AFCA on:

    Phone: 1800 931 678 (free call)

    Email: 

    info@afca.org.au

    Online: 

    www.afca.org.au

    Mail:GPO Box 3 Melbourne VIC 3001

This process is in line with Regulatory Guide 267 Oversight of the Australian Financial Complaints Authority (RG267) detailing how ASIC will perform its oversight role in relation to AFCA.

Personal information can be the subject of a complaint under the Privacy Act to the Australian Information Commissioner (OAIC). All complaints must be submitted to the respondent organisation first. The organisation is given 30 days to handle the matter before a person may lodge a complaint to the OAIC.

The OAIC can be contacted at:

Office of Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Email:

enquiries@oaic.gov.au


www.oaic.gov.au

Sponsorship Arrangements

Fiskil is currently represented in the CDR Regime by the following entities:

Representative Name

Nature of the goods and services provided to customers
using CDR data

SMART RENEWABLES PTY LTD (Solarhub)

SolarHub helps home and business owners to reduce their electricity bills and their greenhouse gas emissions, thanks to the power of the sun. With a strong focus on new technologies and high-end products, SolarHub works on building a smarter, cleaner and more affordable electrical network for everyone.

ONE STOP WAREHOUSE PTY LTD

OSW is one of Australia&spos;s leading distributors of renewable energy products and services, now with established distribution networks across Europe and USA. Its aim is to make one simple way to help solar installers and retailers across the world do better business by diversifying services to include IT software, VPP, power services and financing. Its strong market presence comes from more than a decade of experience and 1GW of buying power annually with key manufacturers.

AMPx Limited

Amp X offers a grid edge digital platform and a digital energy assistant, Alice, that allow all forms of distributed generation and load to make a dynamic contribution in the relevant markets, whether as an individual unit or as an aggregated group of assets, providing flexibility, resilience and system stability.

SARU TECHNOLOGIES PTY LTD - (PYLON)

Solar home and proposal design tooling, helping scope home solar installations

RESWITCH PTY LTD

Reswitch facilitates power bill subsidy payments for residents and businesses located near energy infrastructure projects, ensuring they directly benefit from local renewable energy developments.

Agdata Holdings Pty Ltd

AGDATA develops a suite of software applications tailored for the agricultural industry. These include Financial, Payroll, Budgeting, Livestock, Cropping, GIS Mapping for an integrated whole-of-business solution for agribusinesses. AGDATA will leverage CDR Data to provide their agribusiness customers with seamless integration of financial information, enabling more accurate financial management, personalized budgeting, and insightful financial analytics tailored specifically for the agricultural industry.

CIMET SALES PTY LTD

CIMET is a white-label comparison platform that helps customers compare and select deals on utilities and financial services in Australia. It offers a CAAS (Comparison as a Service) solution, enabling businesses to provide automated online quotes for energy, insurance, and other services. CIMET enhances customer experience by simplifying decision- making and providing tailored recommendations based on individual needs.

ALINTA SERVCO PTY LTD

Alinta Energy is one of Australia's largest energy retailers, generators, investors, and developers. In the last decade we've grown from being the largest residential gas retailer in Western Australia to the preferred electricity and gas provider for more than 1.1 million homes and businesses Australia-wide – and we're determined to make energy better.

REPOSIT POWER PTY LTD

Reposit is an Australian energy technology company that uses it&spos;s Smart Controller technology to guarantee that Reposit customers will not see an electricity bill for 7 years

NRN SOLAR RETAIL PTY LTD

NRN (National Renewable Network) is revolutionising access to renewable energy across Australia. Our unique platform offers homeowners and businesses no- cost solar and battery systems, eliminating upfront investment barriers and enabling immediate energy savings. By partnering with leading energy providers and leveraging cutting-edge technology, NRN facilitates an easy transition to sustainable energy, contributing to lower energy bills and a greener planet. With NRN, embracing solar power and battery storage has never been easier, paving the way for a future powered by clean, renewable energy for all Australians.

BILLROO PTY LTD

Billroo is a budgeting tool without all the noise so you can focus on what really matters - seeing your income, expenses, and investments, so you can build your wealth!

YONDR MONEY PTY LTD

Yondr Money is a technology driven fintech company based in Australia that offers an intelligent and streamlined, customer-first alternative to mainstream banks. The company has built a platform and intelligent app that combines behavioural science and machine learning, designed to improve customers' financial literacy. Yondr offers its customers a multi-currency account with physical and virtual Visa cards accessible through its app. The products include Digital BSB & Account number Multi-currency wallet (AUD, USD, EUR, THB, GBP, JPY, HKD, SGD) Virtual Visa card Physical Visa card Apple & Google Pay Spend analytics In-app chat support (Australian based team) Push notifications and card controls & limits.

The app allows drilling down into the spending habits of consumers and building savings tools teaching them ways to save for their goals while helping them better understand where their money goes

N0DE PTY LTD

N0de's mission is to turn an organisation&spos;s net zero ambition into action as fast and cost effectively as possible. Building of our deep expertise in Net Zero, and using the power of our software, we develop compelling Net Zero visions and action plans, empowering businesses with the confidence and internal support to overcome the barriers to net zero activation and unlock the many economic, social and environmental benefits that net zero transformation offers.

AGL ENERGY SERVICES PTY LIMITED

AGL Energy Services Pty Ltd, Electrify Now is a tool to help customers identify ways to save money on their energy bills and reduce their home's carbon emissions. The tool allows customers to understand their personal energy bill and carbon savings if their home switched to

solar, battery, heat pump hot water, reverse cycle space heating, induction cooktops or an electric vehicle (EV), with customers able to pick and choose which upgrade suits their budget and lifestyle. Customers are able to calculate the benefits of upgrading to more efficient energy products, customers enter their details into the Electrify Now platform, which uses their unique energy data and profile to calculate an estimated energy bill and carbon savings specific to that customer and their energy use.

Where possible, it also provides the payback period of their investment and connects customers to AGL's network of third-party trusted installers to help kickstart their electrification journey.

SOLVINGZERO PTY LTD

SolvingZero provides personalised and actionable insights to help homeowners make the smartest decisions for their home energy

AMISSION RENEWABLES PTY LTD (Threadlet)

Threadlet is a platform that automatically switches customers to the lowest electricity & gas rates every month at Zero Cost and all in one place, reducing admin time tendering and comparing prices, and have peace of mind you're never caught out on price hikes

RESLY PTY LTD

Resly is a 100% cloud-based platform. Built to be accessible from anywhere, at any time, on any device. Resly combines a powerful property management system, seamless channel manager and commission- free direct booking engine, in an easy-to-use platform. Hotels use Resly to reconcile their trust accounts.

Resly consumes CDR data via Fiskil's Banking API so the hotel can see their bank transactions and reconcile them against transactions in Resly.

L.O.L. CONSULTANTS PTY LTD (Voltarocks)

Voltarocks is an energy technology company that has developed a mobile application to help individuals and families take control of their energy usage and work towards energy independence. The company aims to empower users to create a positive impact on the environment by making energy-saving solutions accessible to everyone. The Voltarocks mobile application uses AI and machine learning to provide personalized energy-saving solutions for control of energy usage. It also provides access to grants and rebates to make energy-saving upgrades more affordable for users. The app offers fun and engaging energy-saving solutions through innovative technology and user-friendly interfaces. It aims to inspire conscious consumers committed to reducing their carbon footprint and create a sustainable future.

Powerpal PTY LTD

Powerpal is an Australian company that provides an energy-saving device that allows homeowners to track their energy consumption and reduce their energy bills. The device, which is installed on the electricity meter, sends real-time data to the user's smartphone or tablet, allowing them to monitor their energy usage and identify areas where they can save money. The Powerpal app also provides personalized tips and insights to help users reduce their energy consumption and environmental impact. Additionally, the company partners with electricity retailers to offer exclusive energy plans and discounts to its users.

IO ENERGY PTY LTD

IO Energy is a energy technology provider and retailer. They provide consumers with detailed analytics and comparisons of bills. They aim to reduce energy costs, help consumers better understand their energy usage and help consumers use cleaner energy. IO Energy uses Fiskil to access customer energy usage and billing data to provide accurate bill comparisons.

DropShip Central Pty Ltd

DropShip Central is a retail/wholesale ERP solution, leveraging CDR data for bank reconciliations and balance verifications.

Fiskil logo

© Fiskil 2024. All rights reserved.