Our Privacy Statement

This Privacy Statement applies to Telstra and all its Australian businesses, including Telstra Energy and Belong (collectively ‘we’, ‘us’ or ‘our’ in this Privacy Statement) but excluding Telstra Health , Telstra Foundation , Amplitel and MTData Holdings . We have identified where parts of this Privacy Statement also apply when you use specific products and services.

This Privacy Statement explains how we collect, store, use and share your personal information. It also incorporates our Credit Reporting Policy which lets you know how we use any credit-related information that we may collect. For further details about how Telstra handles information please visit www.telstra.com.au/consumer-advice/your-information .

This Privacy Statement came into effect on 13 September 2022. We may need to update it over time but if we do, we will post the updated version on this page.

For information on how we process personal information relating to our international businesses, please refer to our International Privacy Statement via the link below.

What personal information do we collect?

We collect your personal information as necessary to provide you with our products and services. The types of personal information that we collect about you depends on which of our products and services you use, how you use those products and services, and our relationship with you.

Generally, we may collect the following types of personal information about you:

  • Information we need to verify your identity, provide you with products and services, and communicate to you about those services such as your name, date of birth, contact details, occupation, proof of identity, Telstra PIN, and payment information.
  • Employment, financial and credit information such as your employment and income details, payment history, credit history and service history. For more details on how we manage credit information, see How do we manage credit information? below.
  • Sensitive personal information like your race, ethnic origin, health, and criminal history. For example, we may need to collect:
    • Limited health information (e.g., to determine if you are an eligible Priority Assistance telecommunications customer or if you are an energy customer on life support equipment)
    • Biometric information like your fingerprints and voice patterns, for the purpose of verifying your identity and providing you with our products and services.

    We will seek your consent before we collect and use sensitive personal information about you unless we are permitted or required to do so by law.
  • Concession details if you are a concession customer (e.g., we need your Centrelink customer reference number to provide you with a pensioner discount).
  • Information for the purpose of helping to protect either you or a third party against fraud, crime or misconduct. This may include cross-referencing the time and date of a transaction with a bank or other third party against Telstra account activity for the purpose of identifying and assisting to prevent identity theft, unauthorised transactions, or fraudulent activities.
  • Information about how you use our website, systems and applications

You may also need to provide personal and/or sensitive information about other individuals to us, such as your authorised representatives or when someone at your property requires life support equipment or Priority Assistance. If so, we rely on you to tell those individuals that you are giving us their personal information and to tell them about this Privacy Statement.

Depending on the Telstra products and services you use, we may also collect:

Telecommunications & associated products and services

  • Information about the products and services that you have with us including technical information about your devices such as your hardware model, operating system version, the serial number of your devices, the settings on your devices, our network performance and how you use our networks
  • Information about how you use our products and services including:
    • Your network usage (e.g., the volume, time and duration of calls and SMS messages and information about the operation of the equipment, services, and applications you use on our networks)
    • How you use our services to access the internet, such as websites you visit
    • Your location or the location of your devices when you are using our products and services
    • If enabled or requested as part of a product or service (e.g., Telstra’s security monitoring and voice solutions), or if permitted by law, usage logs, communications content and call recordings that identify users

Energy products and services

  • Information about your energy usage

  • Information relating to your energy meter and property such as your national metering identifier (NMI) which helps us identify your meter and information about the location of your meter

Third-party platforms or websites

Our products, services and website may contain links to other websites or platforms operated by third parties. It is important to be aware that those third-party websites are not required to comply with this Privacy Statement.

We are not responsible for the privacy practices of these third-party platforms or websites, and you should check the privacy policy of that service or website to understand how it will handle your information.

How do we collect your personal information?

There are three ways that we collect your personal information.

  1. You give it to us when you or your representative submits an order form or interacts with either us or one of our trusted partners. This might happen when you are setting up an account with us, using one of our products or services or filling out a form or contacting us with a problem or query.
  2. We collect it when you use our networks, products and services, including our call centres, online services and the Telstra loyalty programs. When you visit our website or use our systems and applications, we may also collect information about your use of our website, systems and applications (including via cookies and other technologies).
  3. We obtain it from other sources like regulators, credit reports, marketing mailing lists, public information (including public posts to social networking sites), and commercially available personal, identity, geographic and demographic information sources. We may also collect information about you from our related entities, business and commercial partners and our service providers (like identity and fraud checking services and credit reporting bodies).

Depending on the Telstra products and services you use, we may also collect your personal information from other participants in the telecommunications (such as our wholesale and other customers) and energy sector (such as energy distributors, other retailers and metering service providers).

We understand that you might not want to give us particular personal information. If so, that may mean we are not able to provide you with the products or services you need.

How do we use your personal information?

  • To provide relevant products and services to you – We may use your personal information to provide products and services to you and conduct our business.
  • Administration – We may use your personal information to help us manage the products and services we provide to you, deal with customer enquiries and complaints, and to maintain and update our records. For example, we need to be able to verify your identity to detect, prevent and address fraud. We also use your information for charging and billing and to identify breaches of our terms and conditions of service.
  • Network, security and fraud protection – We undertake a range of network, security and fraud protection activities including identifying and blocking malicious content (e.g., SMS messages and Telstra Mail) which we have identified as scam and cybercrime, as well as monitoring our Domain Name Servers (DNS) for known malicious domains which can lead to the downloading of malicious software onto devices. Where Telstra’s DNS services are used to connect to known malicious domains, we may use your personal information to determine whether you might be impacted, and take action to block the malicious activity and/or notify you so that you can take action to protect yourself. We may also use your personal information for identifying and assisting to prevent identity theft, unauthorised transactions, or other fraudulent activities either on or off our networks (e.g., fraudulent bank transactions).
  • Communication – We need to be able to communicate with you. We may do this via phone, email, SMS, social media, search engines and web pages you visit.
  • Improvement , development, and analysis – We are constantly working to maintain and improve our products, services and processes and to develop new ones. We may use your personal information in a number of ways to help us do this, such as by monitoring network use, quality, and performance, and when operating, maintaining, developing, testing and upgrading our products, systems and infrastructure. We also use analysis and business intelligence techniques to obtain high level insights into things like usage and location patterns/trends, network performance, demographic trends, and other types of behavioural data. This information is generally aggregated and de-identified when analysed and we may share these anonymised insights with select business and commercial partners. In some cases, we may create insights with your information on an identified basis but would only do so in compliance with privacy laws. We may also combine information we hold about you with information from one of our partners’ services to improve our credit assessment, debt recovery and other processes.
  • Direct marketing – We want to make sure that you know about the products, services and special offers of Telstra and its related entities that may be of potential interest to you. We may use the personal information that we collect and hold about you to market and promote products, services and special offers directly to you, including as part of the Telstra loyalty programs.

    We may also contact you with information about products, services and offers provided by our trusted partners. In some cases, this marketing activity can continue for up to 13 months after you have stopped using our products or services, unless you opt out.  Please be aware that if you unsubscribe from a mailing list, we will continue to send you important messages that are not marketing communications, such as safety or administrative messages.
    • You can stop Telstra (including Telstra Energy) using your information for direct marketing or update your marketing preferences by following the unsubscribe instructions in any of our marketing communications, logging into My Telstra or by calling us on 1800 039 059.
    • You can stop Belong using your personal information for direct marketing by visiting www.belong.com.au/unsubscribe .
  • Compliance – We are required and permitted by law to collect or use your personal information in certain circumstances, including those described below.

Telecommunications & associated products and services

  • As required or permitted by telecommunications laws and industry codes and standards legislation, including the Telecommunications Act 1997 (Cth) and the Telecommunications (Interception and Access) Act 1979 (Cth) (which includes data retention provisions)

  • To produce and distribute an alphabetical public number directory (known as the White Pages) in compliance with our Carrier Licence Conditions

  • When we need to undertake identity checks for pre-paid public mobile telecommunications services under the Telecommunications (Service Provider-Identity Checks for Prepaid Mobile Carriage Services) Determination 2013

  • To provide emergency call service centres and the relevant emergency services organisation(s) information in relation to calls to the emergency call service number (000 and 112) (e.g. the most precise mobile location information we can access about the relevant device when it is used to call the emergency call service number under the Telecommunications (Emergency Call Service) Determination 2019)

  • To prevent or lessen threats to a person’s life or health under the Telecommunications Act 1997 or Telstra’s Carrier Licence Conditions

Energy products and services

  • As required or permitted by energy sector legislation (e.g., the National Energy Retail Law and National Energy Retail Rules, Victorian Energy Retail Code) or relevant industry procedures to supply and service you with energy

How do we safeguard your personal information?

We may store your personal information in hard copy or electronic format and keep it in storage facilities that we own and operate ourselves or that are owned and operated by our service providers.

We use a combination of technical solutions, security controls and internal processes to help us protect your personal information and our network from unauthorised access and disclosure.

We aim to ensure that personal information is kept as current as possible and that irrelevant or excessive data is deleted or made anonymous as soon as reasonably possible. However, we might need to keep some personal information for a longer period of time to comply with our legal and regulatory obligations and for other legitimate business reasons.

Who do we share your personal information with?

We may share your personal information with other parties who provide services to us, including suppliers, agents, partners and contractors that assist us with our business processes and provide our products and services. These services include:

  • Providing, managing or administering your product or service including customer enquiries and support services
  • Installation, maintenance and repair services
  • Mailing operations, billing and debt-recovery functions
  • Information technology and network services
  • To develop our credit assessment and credit worthiness rating system
  • Fraud, crime or misconduct identification, investigation and prevention services
  • Market research, marketing, telemarketing and door-knocking services
  • Development, analysis and business intelligence functions.

We may also share your personal information with:

  • Your authorised representatives or advisers
  • Credit reporting bodies (for more information see the How do we manage credit information? section below) for identity checking and credit-related purposes such as checking your credit worthiness, credit rating, default listing, credit provision and financing history. These include:
    • Equifax Australian Group Pty Ltd
      (formerly known as Veda) Telephone: 13 83 32
      Website: www.mycreditfile.com.au/
    • Illion Australia
      (formerly trading as Dun and Bradstreet (Australia) Pty Ltd)
      Telephone: 13 23 33
      Website: www.illion.com.au/
    • Experian Australia Credit Services Pty Ltd
      Telephone: 1300 783 684
      Website: www.experian.com.au
  • Our dealers, our related entities or our business or commercial partners and other businesses we work with
  • Parties that assist us with fraud and identity checking including financial institutions and the Government’s National Document Verification Service
  • Other third parties for the purpose of helping to protect either you or the third party against fraud, crime or misconduct, including situations such as assisting to prevent identity theft, unauthorised transactions or fraudulent activities either on or off our networks (e.g., fraudulent bank transactions). This may include the provision of fraud protection services to third parties as part of our business.
  • Law enforcement and national security agencies, and other government and regulatory authorities as required or permitted by law
  • Other parties who assist us in managing or developing our business and corporate strategies and functions, including our corporate risk or funding functions
  • Financiers, investors or other participants and parties (such as service providers and ratings agencies) and advisers involved in any sale of our debts, securitisation or other financing arrangement (e.g., if we sell debts that you owe us to another party)
  • Other parties as required or permitted by law
  • For the purposes of facilitating or implementing a transfer/ sale of all or part of our assets or business.

Depending on the Telstra products and services you use, we may also disclose your personal information to:

Telecommunications & associated products and services

  • Other telecommunication and information service providers or to our wholesale and other customers from or through whom you may acquire products or services

  • The manager of the Integrated Public Number Database (IPND) and other organisations as required or permitted by law (please see www.acma.gov.au for more information)

  • Our contractor, Thryv Australia (formerly known as Sensis), to enable us to meet our Carrier Licence Conditions to produce and distribute an alphabetical public number directory (known as the White Pages). Note, if you have requested a silent line number your number will not be published in the White Pages

  • Government agencies for purposes associated with connecting new services to the National Broadband Network

  • Government agencies who are responsible for an emergency alert service (e.g., we may need to provide your information in response to a request by those agencies)

Energy products and services

  • Energy market participants and energy service providers including energy distributors, other energy retailers, and service providers who provide services relating to your energy supply (such as metering related services)

  • Australian Energy Market Operator and the relevant Energy Ombudsman

  • State and federal government agencies (including those responsible for administering concession entitlements)

More about who we share your personal information with

In some cases, the organisations that we may share your information with may be based outside the location where the information is collected. For example, we may share your information with other parties in Australia, Canada, Chile, China, Hong Kong, countries within the European Union, India, Japan, Malaysia, Moldova, New Zealand, Philippines, Poland, Romania, Russia, Singapore, South Africa, South Korea, Sri Lanka, Taiwan, the UAE, Ukraine, United Kingdom, the United States of America and Vietnam.

Where we do this, we require these parties to take appropriate measures to protect that information and to restrict how they can use that information.

How do we manage credit information?

We might collect credit information from you or give your information to credit reporting bodies (e.g., when we are checking your credit worthiness).

Credit information that we collect includes:

  • Identification information
  • Details about information requests made about you to credit reporting bodies
  • Current and historical details about your credit applications and credit arrangements
  • Information about overdue payments, default listings and serious credit infringements, and information about payments or subsequent arrangements in relation to either of these
  • Publicly available information about you, your bankruptcy history and credit-related court judgments against you
  • Your credit scores or assessments of your credit worthiness.

Credit information relates primarily to your dealings with other credit providers (e.g. banks, other financial institutions, or other organisations that may provide you with credit in connection with their products or services). It may also include certain credit worthiness information that we derive from the data that we receive from a credit reporting body. We may collect this information about you from other credit providers (see How do we collect your personal information? for further detail).

We may disclose your credit information to credit reporting bodies. They in turn may include it in credit reporting information they provide to other credit providers to assist them to assess your credit worthiness.

We may use or disclose your credit information for purposes such as:

  • Developing our own credit assessment and credit worthiness rating system
  • Processing credit-related applications and managing credit that we provide
  • Helping you to avoid defaulting on credit arrangements
  • Collecting amounts you may owe us in relation to such credit arrangements and dealing with serious credit infringements
  • Assigning our debts or acting in connection with any securitisation or other financing arrangement (e.g, if we assign debts you owe us to another party)
  • Participating in the credit reporting system
  • Dealing with complaints or regulatory matters relating to credit or credit reporting
  • When required or permitted by another law
  • Other purposes under How do we use your personal information? and Who do we share your personal information? (except in relation to information we collect from credit reporting bodies which we will only use and disclose as described above).

You have the right to request credit reporting bodies not to:

  • Use your credit eligibility information to determine whether credit providers (like us) can send you direct marketing material; and
  • Use or disclose your credit eligibility information if you have been or are likely to be a victim of fraud.

How can you access or correct your personal information?

To ensure that we can provide you with the best products and services possible, it’s important that you make sure the personal information we hold about you is accurate, up-to-date and complete. You also have the right to request a copy of the personal information that we hold about you. There is no charge to submit a request or to correct personal information, however we may charge you an administrative fee for providing access to your personal information on request. If you need to update your details or you wish to access personal information that we hold about you, please:

How can you make a privacy complaint?

You can use our contact details to notify us of any privacy complaints you have against us. We are committed to acknowledging your complaint in a prompt manner and will give you an estimated timeframe for when we will respond to your complaint.

If your complaint is in relation to a credit reporting issue, we will acknowledge your complaint in writing as soon as possible and in any event within 7 days. We will aim to investigate and resolve your complaint within 30 days of receiving it. If we need more time, we will notify you about the reasons for the delay and provide a new estimate timeframe. We may need to consult with a credit reporting body or another credit provider to investigate your complaint.

While we hope that we will be able to resolve any complaints you may have, you can also lodge a complaint with the Office of the Australian Information Commissioner . You can also lodge a complaint with the following regulators:

Telecommunications & associated products and services

Energy products and services

How can you contact us?

If you have any questions in relation to this Privacy Statement, our management of your personal information or you would like a copy of this Privacy Statement sent to you (including in Braille), please call us on 1800 039 059 or email us at [email protected] .

You can also download a pdf copy of this statement from this page (in Our Privacy Statement section above).